TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Nov 28, 2023An In-Depth Analysis of Google Chrome Extension Vulnerabilities and Securityhttps://tutorialboy24.blogspot.com/2023/11/an-in-depth-analysis-of-google-chrome.html Introduction Create a directory that has automatically synced and beautified the source code of Google Chrome extensions hosted in the Chrome Web Store. Search f...DiscussGoogle Chrome
Ignacio Cassiignaciocassi.hashnode.dev·Nov 27, 2023Everything you need to know about Log4Shell vulnerabilityTo understand this vulnerability, we first need to understand its origin. Log4J is the most widely used logging framework in Java for many years. It mainly allows logging events that occur during the execution of a Java application to keep a record, ...Discusslog4shell
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Nov 23, 2023Unveiling the Unauthenticated Command Execution Vulnerability in Cisco IOS XE System WebUIhttps://tutorialboy24.blogspot.com/2023/11/unveiling-unauthenticated-command.html This article will analyze and summarize the recent critical CVEs (CVE-2023-20198, CVE-2023-20273) in Cisco IOS XE. Environment Setup A Cisco ISR 4300 router for resea...Discuss#cybersecurity
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Nov 22, 2023Confluence Vulnerability (CVE-2023-22515): A Deep Dive into Atlassian Bamboo's Chain Security LandscapeOverview Recently, a security team disclosed a vulnerability in Confluence called SafeParameterFilter, which allows an unauthenticated remote attacker to bypass XWork functionality to create new administrative user accounts. We took this opportunity ...DiscussCVE-2023-22515
Reza RashidiforDevSecOpsGuidesrezaduty-1685945445294.hashnode.dev·Nov 20, 2023Attacking Against DevOps EnvironmentSCM AUTHENTICATION Commands: 1. git clone 2. git log Example Commands: GitRob: - Command: gitrob <organization/repo> - Example: gitrob acme-corp/website - GitLeaks: - Command: gitleaks --repo-path <path-to-repo> - Example: gitleaks --repo-path ~/pro...Discuss·1.1K readsDevops
The CyberShield Chroniclescyberinsights.hashnode.dev·Nov 16, 202315 November 2023 - Microsoft Patch Tuesday IntelligenceExecutive Summary Microsoft follows this routine they call Patch Tuesday, a scheduled event that goes down every second Tuesday of the month. Essentially, it's the day when Microsoft drops a slew of updates, fixes, and patches for their software suit...Discuss·1 likeMicrosoft
Christiaan MaraisforPersonal Life Hackspersonallifehacks.hashnode.dev·Nov 9, 2023Developing Social Well-Being: An Exploration of the Craft of InteractionThe value of social relationships for our well-being in the fast-paced world of today cannot be overemphasised. Inspired by an article on "How to Be More Social" from Healthline (https://www.healthline.com/health/how-to-be-more-social), this blog pos...Discusssocial anxiety
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Nov 5, 2023Unveiling the Secrets of XSS Bypass: Harnessing JavaScript Symbols for Code ExecutionPreface I have been looking at Intigriti, yeswehack, HackerOne and Bugcrowd bounty platforms recently. It is really uncomfortable to bypass WAF. I will record the bypass scenario. Preliminary testing When I first tried XSS, I found that the user's in...DiscussXSS
Scofield IdehenforLearnHub Bloglearnhubafrica.hashnode.dev·Oct 30, 2023Vulnerabilities Exposed in LinkedIn's Voyager APILinkedIn's Voyager API has recently been scrutinized after security researchers discovered several critical vulnerabilities that could allow hackers to access sensitive user data from millions of accounts. These flaws underscore the need for improve...Discussvulnerability
The CyberShield Chroniclescyberinsights.hashnode.dev·Oct 27, 2023Unveiling the iLeakage Threat in Apple SafariExecutive Summary On October 26, 2023, a group of academic researchers hailing from Georgia Tech, the University of Michigan, and Ruhr University Bochum made waves by unveiling a proof-of-concept (POC) for a speculative side-channel attack they dubbe...Discuss·28 readsApple
