Common security flaws in password reset functionality compiled from twitter, writeups, disclosed reports. [1] Password Reset Token Leak Via Referrer

Organizations often have no clue about what they are exposing to the Internet. The post presents a simple framework for doing black box reconnaissance that will reveal the company's public-facing services.

Collection of useful features in Burp Suite Application

رویدادها و کنفرانس های حوزه امنیت سایبری در سطح جهان کنفرانس Black Hat اولین کنفرانسی که قرار است معرفی کنیم Black Hat Briefing میباشد که از آن به عنوان

This blog post is intended to be a guide on effective and efficient methods of identifying broken access control. This is not an end-all-be-all guide and explanation of broken access controls. What Are Access Controls?Access controls are policies put in place…

Have you ever wondered how hackers find and exploit IDOR (Insecure Direct Object Reference)?
In this video STÖK get schooled by Fisher who shows him how to setup and hunt for IDORS using BURP Suite & plugins like Autorize and AutoRepeter.

Fisher:
https:…

yes you can

Security Through Intelligent Automation

Contribute to bp0lr/gauplus development by creating an account on GitHub.

As usual I was doing recon using Censys (https://censys.io/) and Shodan (https://www.shodan.io/). I was looking for Django debug mode…

Part 1: Recon