Terza e ultima puntata su bypass #AWS WAF. Virtual Patching praticamente inutile. Buona visione! youtu.be/1GcbLU6C_y0

Una nuova avventura ha inizio per Rev3rse e Sicuranext! 🙌🙌Pronti al Podcast più figo del mondo? 😎 Sarà disponibile su Spotify, sul canale YT Rev3rse e sulle principali piattaforme. Iscriviti per non perdere la prima puntata! youtube.com/watch?v=lhi80v…

🎉 Cheers hackers! 🎊 As we bid farewell to 2023, let's celebrate together! 🎁 Like, follow, and retweet for a chance to WIN a €30 coupon for swag.shielder.com! 🏆 3 winners will be selected by EOY! #giveaways #swag

Durante l'ultima live abbiamo parlato di molte cose con Paolo Stagno (VoidSec) come del mercato della compravendita di 0 day. Guarda la puntata integrale a questo link: youtube.com/live/lnUXze_Wi…

Last week, while participating to the Intigriti LHE at NULLCON I've found an #XSS on one of the targets. As there was Akamai I had to put together a quick'n'dirty #WAF #bypass (it requires user interaction but 🤷🏿‍♂️). Here you go! #bugbountytips

#AWS Denial of Wallet: Parliamone! youtu.be/rYQwuQCAmFk

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule blog.sicuranext.com/response-filte…

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule blog.sicuranext.com/response-filte… #Pentesting #CyberSecurity #Infosec

Response Filter Denial of Service (RFDoS), misusing OWASP CoreRuleSet Great research by SicuraNext blog.sicuranext.com/response-filte…

Ataque de denegación de servicio que afecta a sitios web protegidos por un WAF La técnica RFDoS aprovecha la capacidad de un atacante para publicar contenido como comentarios o reseñas para engañar al WAF y bloquear el servidor blog.sicuranext.com/response-filte…

#WebApp_Security Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule blog.sicuranext.com/response-filte…

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule blog.sicuranext.com/response-filte… Published By :- Andrea Menin (theMiddle) #infosec #bugbounty #TogetherWeHitHarder #inbbupdatesblogs

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule dlvr.it/T8J3Hz #cyber #threathunting #infosec

Our very own Pit will present his novel #macOS research at TheSAS2025 - if you want to learn more about the macOS sandbox and how to escape it make sure to be in Bali 🏝️ from Oct 22 to Oct 25 at #TheSAS2024

Am I the only one who imagines Tesla Optimus robot sitting at a PC solving CAPTCHA?

Come funziona il mercato delle vulnerabilità zero-day? Qual è il ruolo degli enti governativi? Quali sono le implicazioni etiche? Rispondo a queste e altre domande, nell'intervista di rev3rse security youtu.be/JkjnT-Rw-kg?si…

Long story short: ~all multipart/form-data parsers fail to fully comply with the RFC. Here I've done some tests. blog.sicuranext.com/breaking-down-…

Today's Bug Bounty Blogs #25 1)From an Android Hook to RCE: $5000 Bounty blog.voorivex.team/from-an-androi… 2)SOQL injection in SalesForce earned me $$$$$ rooted0x01.medium.com/soql-injection… 3)OAuth Non-Happy Path to ATO blog.voorivex.team/oauth-non-happ… 4)Breaking Down Multipart Parsers: File upload

Ciao! If you enjoyed our latest research on the SicuraNext blog, you can vote for it in the Top 10 Web Hacking Techniques! portswigger.net/polls/top-10-w… - Breaking Down Multipart Parsers: File upload validation bypass - Response Filter Denial of Service (RFDoS) ❤️

Seemposium lowlevel_1 La nuova puntata è online! lowlevel_1 è uno spazio dedicato ai tecnici per discutere e analizzare le tematiche del momento 🤓 Se ti piace questo formato, condividi! youtu.be/-wwA5skOL0w