heh :D

Blog post about attacking Java RMI services, a extension to the talk from Hans-Martin Münch at this years Bsides Munich mogwailabs.de/blog/2019/03/a…. You can also find the slides/material on our GitHub account #BSidesMUC19

In our latest blog post we show you various ways how to attack RMI based JMX services. We also release our fork of sJET, which is called MJET (obviously). mogwailabs.de/blog/2019/04/a…

Expression Injection in Qlik Products (CVE-2019-11628). The fresh advisory has been published just now. trustwave.com/en-us/resource…

Apache Solr research is completed and I'm happy to present some ways to RCE in this innocent looking search engine. See you @ #defcon27 DEF CON defcon.org/html/defcon-27… …

Short story about blind HQL Injection (MySQL case) #hqlinjection #hibernate #spiderlabs trustwave.com/en-us/resource…

Apache Solr Injection whitepaper is now available at github.com/artsploit/solr… Thanks everyone who attended my #defcon talk!

On the volunteering side this time at #GlobalAppSec #Amsterdam OWASP AppSec Europe

Here are my slides from XSS magic tricks slideshare.net/GarethHeyes/xs…

Our guy, @[email protected], had a presentation at OWASP Poland Day about exploiting prototype pollution to RCE on the example of Kibana, by abusing environmental variables in node. The slides are here: slides.com/securitymb/pro… We will also release a writeup soon so stay in touch!

Just posted Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2. Using a payload containing three different programming languages :) spaceraccoon.dev/remote-code-ex…

I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell srcincite.io/blog/2020/01/1… PoC exploit code: srcincite.io/pocs/cve-2019-… srcincite.io/pocs/cve-2019-… srcincite.io/pocs/cve-2019-…

Up next and making his #Pwn2Own debut, Michael Stepankin (Michael Stepankin) of Veracode will be targeting a remote code execution with continuation against the Inductive Automation Ignition in the Control Server category. #P2OMiami #S4x20

We have confirmed the successful demonstration from Michael Stepankin used a previously reported bug. This counts as a partial win, but does earn him 12.5 Master of Pwn points. #P2OMiami #S4x20

Jolokia enhances JMX remoting with unique features like pre-auth RCE 🤔

Can you spot a critical vulnerability in this innocent code? Learn about Spring View Manipulation in our latest article github.com/veracode-resea… #java Spring Framework

Power up the Burp Suite and get stuck into our latest Web Security Academy topic! We've designed a whole new set of labs on OAuth Authentication for your password-avoiding pleasure. portswigger.net/web-security/o… #websecurityacademy #burpsuite #OAuth2

The top 10 web hacking techniques of 2020, by James Kettle with help from FD, Soroush Dalili, Nicolas Grégoire and the entire community portswigger.net/research/top-1…

New attacks on OAuth: SSRF by design and Session Poisoning by Michael Stepankin portswigger.net/research/hidde…

The comprehensive list of today's emerging threats, nOtWASP bottom 10: vulnerabilities that make you cry by James Kettle, Michael Stepankin and Gareth Heyes \u2028 portswigger.net/research/notwa…