Andres Riancho
@w3af
Followers
7K
Following
1K
Media
355
Statuses
6K
Google's ReCaptcha bypass via HTTP parameter pollution. New blog post!.
andresriancho.com
tl;dr I reported a reCAPTCHA bypass to Google in late January. The bypass required the web application using reCAPTCHA to craft the request to /recaptcha/api/siteverify in an insecure way; but when...
2
139
251
Migrating website from AWS EC2 classic to VPC. You might see some downtime as I'm no SRE :-).
0
0
1
RT @AndresRiancho: This is a great resource for anyone looking to create an in house SOC or outsource to an MSSP.
0
1
0
RT @AndresRiancho: Even when an algorithm consistently beats human judgment, people prefer to go with their gut.
en.wikipedia.org
0
2
0
RT @AndresRiancho: I'm trying to find some technical details on what happen with the Twitch hack and data leak, but I'm unable to find anyt….
0
1
0
RT @fwdcloudsec: Today is the big day! The start of fwd:cloudsec is in a few hours. 🎉 .Live stream links and schedule are at: https://t.co/….
0
14
0
RT @AndresRiancho: CVE-2020-17513: SSRF on Airflow. Anyone knows how to exploit this vulnerability? I was unable to find the vulnerable pa….
github.com
New Features Add "already checked" to failed pods in K8sPodOperator (#11368) Pass SQLAlchemy engine options to FAB based UI (#11395) [AIRFLOW-4438] Add Gzip compression to S3_hook (#8571...
0
13
0
RT @AndresRiancho: If you would have 100k / year to spend on one or two security products, what would you buy?.
0
1
0
RT @AndresRiancho: This guy found the definitive solution for hard-coded credentials in source code. A must watch for everyone in #appsec.….
0
1
0
RT @everConfusedGuy: Cloud providers: we added another 9 to our service level uptime guarantee. IBM: We are committing to a whopping 95% u….
0
2
0
RT @itsExtreme_: My laptop literally just saved my life. Someone shot through the floor in my apartment building. Shoutout to the surface….
0
2K
0
RT @valenzine: ¡Nuevo correo! ¿Se puede ser un hacker en la escuela? ¿Qué pueden aportar la ética hacker y la cultura del hacer a la enseña….
0
7
0
RT @AndresRiancho: Which #book would you recommend to a technical person like me that wants to become a better CSO / CISO?. Extra cookie po….
0
2
0
RT @AndresRiancho: DevSecOps rants a las 15:30 en #ekoTV . Tomo ideas para mis rants, manden DM :-).
0
1
0
RT @AndresRiancho: Vamos a estar hablando sobre como hacemos seguridad en @wildlifestudios dentro de 5 minutos en vivo!. .
0
2
0
0
2
0
RT @fede_k: Boom, el discord de @ekoparty ya tiene 902 personas! Súmate que hoy, llegamos a los 1000! https://t.co/….
0
11
0