Sheshananda Kandula
@shesha1.bsky.social
Reposted by Sheshananda Kandula
Wrote a new MCP article - How to Debug MCP Server with Anthropic Inspector:
How to Debug MCP Server with Anthropic Inspector? | Snyk
Learn to debug your Anthropic MCP server with the official MCP Inspector. Start with a simple Node.js example and use the MCP Inspector UI to inspect and interact with your server's tools. Discover practical debugging tips and workarounds.
snyk.io
May 15, 2025 at 6:00 AM
Wrote a new MCP article - How to Debug MCP Server with Anthropic Inspector:
Reposted by Sheshananda Kandula
Somebody uploaded to SlideShare the slides of my talk at @northsec.bsky.social 2023 🌐
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
Burp suite pro tips and tricks for hacking
Burp suite pro tips and tricks for hacking - Download as a PDF or view online for free
slideshare.net
December 23, 2024 at 10:00 PM
Somebody uploaded to SlideShare the slides of my talk at @northsec.bsky.social 2023 🌐
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
Reposted by Sheshananda Kandula
The OWASP LLM and Generative AI Security Project is thrilled to announce the launch of the Agentic Security Initiative designed to tackle the unique security challenges posed by Autonomous AI agents.
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
Announcing the OWASP LLM and Gen AI Security Project Initiative for Securing Agentic Applications - OWASP Top 10 for LLM & Generative AI Security
The OWASP LLM and Generative AI Security Project is thrilled to announce the launch of the Agentic Security Initiative designed to tackle the unique security challenges posed by Autonomous AI agents. ...
genai.owasp.org
December 17, 2024 at 5:25 PM
The OWASP LLM and Generative AI Security Project is thrilled to announce the launch of the Agentic Security Initiative designed to tackle the unique security challenges posed by Autonomous AI agents.
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
Reposted by Sheshananda Kandula
Slides for the @bsideslondon.bsky.social container security workshop presented with @smarticu5.bsky.social and @marionmccune.bsky.social are here blog.iainsmart.co.uk/talks/BSides...
blog.iainsmart.co.uk
December 15, 2024 at 10:48 AM
Slides for the @bsideslondon.bsky.social container security workshop presented with @smarticu5.bsky.social and @marionmccune.bsky.social are here blog.iainsmart.co.uk/talks/BSides...
Reposted by Sheshananda Kandula
The most wonderful time
Starts today ❄️
Starts today ❄️
December 1, 2024 at 5:01 PM
The most wonderful time
Starts today ❄️
Starts today ❄️
Reposted by Sheshananda Kandula
Got sniped into the challenge and ended up doing some cool XSS research :D
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
December 14, 2024 at 1:17 PM
Got sniped into the challenge and ended up doing some cool XSS research :D
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
Reposted by Sheshananda Kandula
Hi!
So, we're a Dutch non-profit aiming to provide high quality affordable trainings and a really nice hacker conference in Amsterdam.
Last year was really cool! Talk overview here: orangecon.nl#schedule. All talks also online at www.youtube.com/@OrangeCon
So, we're a Dutch non-profit aiming to provide high quality affordable trainings and a really nice hacker conference in Amsterdam.
Last year was really cool! Talk overview here: orangecon.nl#schedule. All talks also online at www.youtube.com/@OrangeCon
OrangeCon
orangecon.nl
December 9, 2024 at 9:26 PM
Hi!
So, we're a Dutch non-profit aiming to provide high quality affordable trainings and a really nice hacker conference in Amsterdam.
Last year was really cool! Talk overview here: orangecon.nl#schedule. All talks also online at www.youtube.com/@OrangeCon
So, we're a Dutch non-profit aiming to provide high quality affordable trainings and a really nice hacker conference in Amsterdam.
Last year was really cool! Talk overview here: orangecon.nl#schedule. All talks also online at www.youtube.com/@OrangeCon
Reposted by Sheshananda Kandula
This was my tenth(!) year building 25 days of puzzles for #AdventOfCode. You can solve them all for free! Most people write code to solve them, but you can solve them however you like. I hope they help people become better programmers. 🌟
The first puzzle comes out in two hours: adventofcode.com
The first puzzle comes out in two hours: adventofcode.com
Advent of Code 2024
adventofcode.com
December 1, 2024 at 2:57 AM
This was my tenth(!) year building 25 days of puzzles for #AdventOfCode. You can solve them all for free! Most people write code to solve them, but you can solve them however you like. I hope they help people become better programmers. 🌟
The first puzzle comes out in two hours: adventofcode.com
The first puzzle comes out in two hours: adventofcode.com
Reposted by Sheshananda Kandula
To summarize what I have learned about Mutation XSS, my CVE, and the solution to my challenge, I wrote a post going through it all.
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
Post: Mutation XSS: Explained, CVE and Challenge | Jorian Woltjer
Learn how to bypass HTML sanitizers by abusing the intricate parsing rules and mutations. Including my CVE-2024-52595 (lxml_html_clean bypass) and the solution to a hard challenge I shared online
jorianwoltjer.com
November 27, 2024 at 4:01 PM
To summarize what I have learned about Mutation XSS, my CVE, and the solution to my challenge, I wrote a post going through it all.
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
Reposted by Sheshananda Kandula
My latest blog post is live! nastystereo.com/security/cro...
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon
November 27, 2024 at 9:10 AM
My latest blog post is live! nastystereo.com/security/cro...
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon