new week, new opportunities!
a man in a tuxedo and bow tie is dancing in a crowd of people .
ALT: a man in a tuxedo and bow tie is dancing in a crowd of people .
media.tenor.com
December 2, 2024 at 1:25 PM
new week, new opportunities!
Reposted by x1m
I talk about this on the pod all the time, but CSRF is dead simple. You just need to know the conditions.
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research:
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research:
November 27, 2024 at 4:55 PM
I talk about this on the pod all the time, but CSRF is dead simple. You just need to know the conditions.
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research:
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research:
Reposted by x1m
The 'find' command has a reputation of being a little tricky to use, so a while back I did made a short video about it www.youtube.com/watch?v=U2fs...
The Find Command
YouTube video by TomNomNom
www.youtube.com
November 26, 2024 at 6:07 PM
The 'find' command has a reputation of being a little tricky to use, so a while back I did made a short video about it www.youtube.com/watch?v=U2fs...
hi bsky! woke up to a lot of new followers, how’s everyone doing this Sunday?
November 24, 2024 at 1:07 PM
hi bsky! woke up to a lot of new followers, how’s everyone doing this Sunday?
weekend just started, what are you up to? Family, friends or some cool projects?
I’ll be working on some personal projects, but first: food and Rick and Morty
Have a good one!
I’ll be working on some personal projects, but first: food and Rick and Morty
Have a good one!
November 22, 2024 at 5:06 PM
weekend just started, what are you up to? Family, friends or some cool projects?
I’ll be working on some personal projects, but first: food and Rick and Morty
Have a good one!
I’ll be working on some personal projects, but first: food and Rick and Morty
Have a good one!
Reposted by x1m
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
November 22, 2024 at 5:50 AM
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
is this thing on?
a man wearing sunglasses and a hat is pointing at the camera .
ALT: a man wearing sunglasses and a hat is pointing at the camera .
media.tenor.com
November 22, 2024 at 10:11 AM
is this thing on?