Not a lot going on this week. Almost as if everyone has something else to think about.
...
Read More
Microsoft has created the Adversarial ML Threat Matrix. If you are in Machine Learning, it is certai...
Read More
Great explainer on using OWASP ZAP, instead of DotDotPwn, for directory traversal attacks. I h...
Read More
Totally forgot to do this last week, sorry.
Telerik released Fiddler Everywhere
https://www.t...
Read More
A list of Capture The Flags that are on now or forever!
https://captf.com/practice-ctf/
The s...
Read More
Microsoft open sourced their fuzzing framework
https://www.microsoft.com/security/blog/2020/09/15/mi...
Read More
Or Maypril 319 but who is counting.
Here's an OLD Visual Studio project that gets AES keys fr...
Read More
Cool 10,000 foot overview of web application vulnerability assessment. Clearly written and con...
Read More
Monsoon is a fast HTTP request enumerator that allows you to run a large number of tests to try out...
Read More
Update Jenkins - there is a flaw in the HTTP renderer.
https://www.jenkins.io/security/advisory/2020...
Read More
Microsoft pushed a change to ASP.NET for a DoS vulnerability. Not only should you patch, but l...
Read More
The new Open Source Security Foundation is trying to broaden the reach of information security best...
Read More