Black Hat Asia 2024 Conference Slides github.com/onhexgroup/Con…

BlackHat Arsenal Asia 2024 - Group photo of those who make the difference. Thanks again for making this event an awesome place !

🔥🚀

blackhat.com/asia-24/arsena…

voting is still open. haven't you voted yet? so vote for fuzzuli 🔥

🏆 Before fully embracing 2024, we'd like to rewind and highlight last year's achievements. Ladies and gentlemen, here are the 2023 rankings of the best security researchers in the Yogosha Strike Force. #YSF

>> yogosha.com/hackers/leader…

fuzzuli has been nominated for the top 10 web hacking techniques of 2023. The voting will take place from January 23rd to 30th. I would appreciate it if you could vote for fuzzuli 🤘🎉

Concurrent HTTP Requests in Golang: Best Practices and Techniques
#golang

link.medium.com/y2g8Ra1s5Fb

Announcing JA4+ Network Fingerprinting!

JA4+ is a suite of new fingerprinting methods for multiple protocols, detecting everything from entire c2 frameworks, to session hijacking, to reverse SSH shells.

blog.foxio.io/ja4-network-fi…

🏆 The Q2 2023 rankings are out!

1. 🥇 BZHash
2. 🥈 z3r00t
3. 🥉 Rod🇩🇪
4. n1ghtmar3
5. Kourama
6. Xel
7. musa şana
8. test test
9. Aikari
10. whirlwind

> yogosha.com/hackers/leader…

Congrats to y'all, we're honored to have you in the Yogosha Strike Force 💪 #YSF

Local File Read via Stored XSS in The Opera Browser. bit.ly/2XqNP7k (+) #MustSee #396 (2021)

Read the full technical details here >>
wiz.io/blog/azure-act…

Email Subdomain Takeovers by Adam J Sturge

A lot of bug hunters aren't checking for these.

High Impact - read emails from their domain

link.medium.com/fbnJH2Tvpwb #bugbountytips #infosec #recon #hacking

fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain. #bugbounty tips #bugbounty #infosec #hacktools #cybersecurity #pentesting github.com/musana/fuzzuli

fuzzuli is a fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain. reddit.com/r/netsec/comme…

new tool released 👊

that is a extension that every security researcher should have on hand
github.com/LasCC/Hack-Too…

all public dns monitor services had been blocked by wafs, due to log4jshell. this situation will affect to all oob vuln. you should run own dns server for oob attacks anymore.

log4hshell - Quick Guide musana.net/2021/12/13/log…