📚 SecMisc

HackerTracker Disobey 2025 - Explore the schedule and events of the Disobey 2025 conference. Read More

Beej's Guide to Git - A beginner-friendly guide to mastering Git. Read More

Search CTF Writeups - Find writeups for Capture The Flag challenges. Read More

📰 SecLinks

Why I'm Joining Wiz - Rami shares insights into his decision to join Wiz. Read More

Avoid ISP Routers - Understand why you should avoid ISP-provided routers. Read More

Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? - An in-depth analysis of potential vulnerabilities. Read More

POST to XSS: Leveraging Pseudo Protocols in SSO Flows - Explore advanced techniques for exploiting SSO flows. Read More

Everyone Knows Your Location - Tracking yourself through in-app ads. Read More

Browser Syncjacking - Discover how browser extensions can be exploited. Read More

Collabfiltrator 4.0.1 Released - New SQLi exfiltration support for the Burp plugin. Read More

CSP Bypass Tactics - Bypassing form-action CSP and other techniques. Read More

CVE-2024-46507 - Yeti platform server-side template injection (SSTI). Read More

Serving a (g)zip bomb with Caddy - Learn about serving compressed payloads. Read More

DeepSeek Security Insights - Thoughts on DeepSeek's implications for security. Read More

DeepSeek Janus Security&Safety Concerns - Safety concerns and challenges of DeepSeek. Read More

Rejecting CVSS as Broken - cURL and Go teams' take on CVSS. Read More

🐦 SecX

HackerOne x AnthropicAI Bug Bounty - Test the resilience of Constitutional Classifiers with rewards up to $30K. Read More

💻 SecGit

Fuzzilli - A JavaScript engine fuzzer by Google Project Zero. Explore on GitHub

Cloudflare-jsd - Bypass Cloudflare's challenges using Python. Explore on GitHub

Bettercap v2.41.0 - The latest release of the versatile MITM framework. Explore on GitHub

Awesome Secure Defaults - Libraries for eliminating common bug classes. Explore on GitHub

← Back to Seclog