As they fixed this blog post, for anyone missing this, you can see @buffaloverflow 's art here: .

Visiting NCC Group’s blogs right now feels like a CTF challenge: decipher the mangled text while dodging XSS pop-ups. Better to use web archive to see the original content but they have even changed the URLs!.Example: .The etc are

RT @IranOpenData: Iran may now power 15% of the world’s crypto mining. 2,400 MW lost in July = 3.5–4% of national power. 15 TWh/year = 8….

Due to the lack of interest, unfortunately this #BurpSuite tutorial is not going to happen now. I may do it in the future.

I will give this 2 more days to see if it can happen or not.

Thinking of making a short video on how I use #BurpSuite + PwnFox 🦊 to load different tokens/sessions with ActionScript. Might also mix in Macros (if scripts allow). If this sounds useful, 200+ likes and I’ll record it 😇.

Also most of the code was written with the AI help! #burpsuite.

In a specific scenario, I needed to automatically update the Authorization header in Burp Repeater with the latest successful OAuth response captured in the Proxy tab. I used this Action Script: Hopefully, the idea will be useful for others as well.

RT @Dinosn: Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)

RT @garethheyes: I discovered how to use CSS to steal attribute data without selectors and stylesheet imports! This means you can now explo….

🍿🌶️.

RT @DefusedCyber: Mass exploitation of CVE-2025-25257 from 196.75.238.72 🇲🇦 (FortiWeb critical pre-auth SQL injection) . VT Detections: 0/….

RT @Dinosn: FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970)

RT @ctbbpodcast: New episode is out! - In this episode Justin sits down with @ryancbarnett for a deep dive on WAFs….

If I hire all great bug bounty folks to work using 1 account, my score would have been more than double!. If I then convince @galnagli to use automation on all h1 programs while working for me then my score would be through the roof! . Yeah, take that AI, only if I had that much.

This blog post by @CryptoGangsta explains How Burp AI Works at the moment (from user's perspective)! .If you are interested in this topic, definitely give this a read. We should have room to anonymize data etc. as well but it might just be easier for the time being to do the AI.

RT @WebSecAcademy: How to manually check for CL.TE Request Smuggling Vulnerabilities:. 1️⃣ See if a GET request accepts POST.2️⃣ See if it….

Such a gif, who made this 🤭

Sorry baldies but if you have no hair, you have no chance of having good teeth now either 🤣.Unless you are willing to use hair from elsewhere in your mouth 🤭.

RT @ryanaraine: On the pod, I asked Brandon Dixon (RiskIQ/Microsoft) about AI security things rising above the hype. @juanandres_gs https:/….