Days like today are brilliant, I was invited in to Exeter University to teach students about the basics of web application security in preparation for their CTF with Hack South West. The students did amazing and really seemed to grab the concepts brilliantly. We covered content
1
2
37
Replies
Google Cloud Platform was vulnerable to a HTTP desync attack leading to "responses being misrouted between recipients for certain third-party models". Aka your LLM response goes to someone else. The Expect header strikes again! #http1mustdie
5
17
183
The creator of HackerNotes @gr3pme showed us his note taking methodology this week. Really cool and useful insights on how he approaches his note taking and how it helps him! You can find the templates in episode 145's HackerNotes: https://t.co/JylAVzXRQC
0
13
99
Check out this great methodology tip by @Jhaddix on what to do when you encounter a CMS. Find the full walkthrough video and the lab below 👇 https://t.co/AHyCmzeOes
0
8
55
A DNS takeover is not the same as a subdomain takeover. DNS takeovers have become a popular but often misunderstood vulnerability. In this blog, you will learn: ✅ The difference between a DNS and subdomain takeover: A subdomain takeover exploits a service a domain points
0
39
209