@syndrome-impostor.bsky.social
Has anyone else noticed a surge in websites blocking VPN users?
IMO, there's absolutely no reason for it in most cases - it's ineffective as a security measure or KYC, and imposes a risk to customer privacy.
If you have any insight into why this practice is increasing, please comment!
IMO, there's absolutely no reason for it in most cases - it's ineffective as a security measure or KYC, and imposes a risk to customer privacy.
If you have any insight into why this practice is increasing, please comment!
June 25, 2025 at 7:58 PM
Has anyone else noticed a surge in websites blocking VPN users?
IMO, there's absolutely no reason for it in most cases - it's ineffective as a security measure or KYC, and imposes a risk to customer privacy.
If you have any insight into why this practice is increasing, please comment!
IMO, there's absolutely no reason for it in most cases - it's ineffective as a security measure or KYC, and imposes a risk to customer privacy.
If you have any insight into why this practice is increasing, please comment!
Is BlueSky slowly dying in favor of Twitter again? It seems like there's slowly less and less content being posted here from the cyber security community 😢
June 22, 2025 at 7:18 PM
Is BlueSky slowly dying in favor of Twitter again? It seems like there's slowly less and less content being posted here from the cyber security community 😢
I was trying so hard to figure out an ATO, that I didn't realize I had been actively exploiting XSS for two whole days. Never did get that ATO, but at least I can report the XSS now 🤦
June 4, 2025 at 12:42 AM
I was trying so hard to figure out an ATO, that I didn't realize I had been actively exploiting XSS for two whole days. Never did get that ATO, but at least I can report the XSS now 🤦
Reposted
BREAKING: jury awards massive $167 million in punitive damages against spyware company NSO Group.
Precedent-setting win against notorious #Pegasus spyware maker.
Very consequential for victims to see this.
Congratulations to #WhatsApp on sticking this case through since 2019. Some thoughts 1/
Precedent-setting win against notorious #Pegasus spyware maker.
Very consequential for victims to see this.
Congratulations to #WhatsApp on sticking this case through since 2019. Some thoughts 1/
May 6, 2025 at 9:30 PM
Reposted
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
April 15, 2025 at 5:23 PM
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
Just ran into an interesting use of User-Agent - where browser and tool agents result in 403 or a timeout. However, set User-Agent to "None" or arbitrary strings like "asdf" and the request resolves!
Is this a known security option in Akamai, or something custom?
Is this a known security option in Akamai, or something custom?
March 26, 2025 at 11:45 PM
Just ran into an interesting use of User-Agent - where browser and tool agents result in 403 or a timeout. However, set User-Agent to "None" or arbitrary strings like "asdf" and the request resolves!
Is this a known security option in Akamai, or something custom?
Is this a known security option in Akamai, or something custom?
My latest procrastination has been... building a chatbot to help me hack better? There must be an easier way to do this
February 1, 2025 at 9:33 PM
My latest procrastination has been... building a chatbot to help me hack better? There must be an easier way to do this
I've created SAML and OAuth introspection workflows for @caido.io. Check them out, and let me know what you think! github.com/syndrome-imp...
GitHub - syndrome-impostor/caido-workflows
Contribute to syndrome-impostor/caido-workflows development by creating an account on GitHub.
github.com
January 8, 2025 at 6:27 PM
I've created SAML and OAuth introspection workflows for @caido.io. Check them out, and let me know what you think! github.com/syndrome-imp...
Reposted
I've pushed some updates to Dom-Explorer:
- Allow multiple pipeline embed
- Short links for sharing/sync
- Support for DomPurify triggers
- User settings
Give it a try and share your findings!
yeswehack.github.io/Dom-Explorer
- Allow multiple pipeline embed
- Short links for sharing/sync
- Support for DomPurify triggers
- User settings
Give it a try and share your findings!
yeswehack.github.io/Dom-Explorer
Dom-Explorer
yeswehack.github.io
December 20, 2024 at 1:54 PM
I've pushed some updates to Dom-Explorer:
- Allow multiple pipeline embed
- Short links for sharing/sync
- Support for DomPurify triggers
- User settings
Give it a try and share your findings!
yeswehack.github.io/Dom-Explorer
- Allow multiple pipeline embed
- Short links for sharing/sync
- Support for DomPurify triggers
- User settings
Give it a try and share your findings!
yeswehack.github.io/Dom-Explorer