Application Security This Week for July 12

by Bill Sempf 12. July 2020 12:13

Big news this week was the F5 zero day, of course, but on the application side you should review the code for the exploit, which is public.  I am not gonna link it here but y'all can google.  DO NOT run this on your corporate machines, use your test box and a VM, and just look.  Here is a link to the CVE:


Bestill my heart, an API driven HTTP server. Haven't played with it yet but I looks super sexy.


Common thread on this newsletter - DNS is dangerous.  Review your records.


Very nice collection of testing scripts - well worth the clone and the hour it takes to learn to use them. I'm integrating them into my test scenarios.


That's the news, folks!



Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites