06:48
NGINX: misconfigurations examples
04:44
Kallithea - exploit git clone functionality
04:14
PHP PHAR - file_exists can be dangerous
04:08
SSH: How to login into multiple servers?
03:36
Spring Boot Actuator - security point of view
04:50
How to check account type using Burp Suite?
02:55
How to handle session expiration in BURP with macros?
04:16
[BURP] 12 tricks for Burp Repeater
06:01
XSS Polyglot
03:45
postMessage: exchange data between different domains
05:48
Cross-Site Websocket Hijacking
09:03
Don't use assert in PHP
04:42
Clickjacking: how to delete someone else's account?
04:12
Open redirection: can automatic redirection be harmful?
03:41
RFD: Reflected File Download
03:00
Excel: CSV Injection
03:43
Angular: XSS without HTML tags
03:42
Python: XSS using SVG file
03:16
PHP: escapeshellcmd vs escapeshellarg
03:22
Java: Random vs SecureRandom
02:46
YAML: code execution using !!python/object
03:20
Python SSTI: Attack Flask framework using Jinja2 template engine
03:21
PHP: Bypass filters using less-than sign
03:08
Unzip: how to properly extract files? Symlinks and zip
03:05
Java XXE: Read secret files when parsing XML files
02:58
Ruby: execute command using URL in open() function
02:41
Python 2: Why you shouldn’t use input function
14:04
How does Two-Factor Authentication - 2FA work?
08:56
Race condition and git hooks vs Gitea server
11:28
Steal messages from Signal using RCE, CVE-2018-10994 explanation
08:20
Best Black Hat 2018 and DEF CON 26 presentations - summary
11:46
4 common Node.js security issues inside NPM
07:06
How to create a Metasploit module in example
06:37
Best Black Hat 2018 and DEF CON 26 presentations - summary #2
X
About
Tags