Seclog - #36

AWS WAF Bypass: invalid JSON object and unicode escape sequences

Streamlining Websocket Pentesting with wsrepl

Melting the DNS Iceberg: Taking over your infrastructure Kaminsky style

How hackers may steal your Ethers and why does eth_sign function

Securing macOS: A Closer Look At Built-In macOS Application Security

RedTeam Pentesting - Blog - Bringing Monsoon to the Next Level

Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform

How Secrets Leak in CI/CD Pipelines

SVG Security Risks - not just a scalable graphic

Server-Side Spreadsheet Injection - Formula Injection to…

Serverless Functions Post-Mortem

Don’t you (forget NLP): Prompt injection with control characters in ChatGPT

New techniques and tools for web race conditions

Downfall Attacks

ignis-sec/puff

omar2535/GraphQLer

doyensec/wsrepl

scipag/websocket_fuzzer

henry-richard7/Browser-password-stealer

nullenc0de/ChromeAudit

LemonSec/johnnyapplethief

yunuscadirci/XboxOneDirectoryTraversal

padok-team/cognito-scanner

adityatelange/bhhb

Escape-Technologies/goctopus

hahwul/noir

Suggestions & Feedback

Enjoyed this post? Subscribe to Seclog for more in-depth security analysis and updates.

For any suggestions or feedback, please contact us at: [email protected]

Enjoyed this post? Subscribe for more in-depth security analysis and updates direct to your inbox.

No spam. Only high-security insights. Unsubscribe at any time.

Share this Seclog: