Katie Paxton-Fear (InsiderPhD)<p>What is an API? What makes them special? And what kind of APIs are out there? <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a> <a href="https://infosec.exchange/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a> <a href="https://infosec.exchange/tags/bugbountytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbountytips</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBounty</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
en.osm.town is one of the many independent Mastodon servers you can use to participate in the fediverse.
An independent, community of OpenStreetMap people on the Fediverse/Mastodon.
Funding graciously provided by the OpenStreetMap Foundation.
Administered by:
Server stats:
264active users
en.osm.town: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#bugbountytips
0 posts · 0 participants · 0 posts today
kingthorin_rm<p>Did you know <span class="h-card" translate="no"><a href="https://infosec.exchange/@owasp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>owasp</span></a></span> has a directory of vulnerable web apps that you can test your skills and new ideas on?</p><p><a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebAppSec</span></a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PenTest</span></a> <a href="https://infosec.exchange/tags/BugBOuntyTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBOuntyTips</span></a> <a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OWASP</span></a></p><p><a href="https://owasp.org/vwad" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">owasp.org/vwad</span><span class="invisible"></span></a></p>
Katie Paxton-Fear (InsiderPhD)<p>If you've seen the updated OWASP API Top 10 you may be a bit confused by the "Authorisation" vulnerabilities - aren't they all just explaining the same thing? Here's a breakdown of the 4 access control issues you common see in APIs 👇👇 <br><a href="https://www.craft.me/s/CysIiph247P5AQ" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">craft.me/s/CysIiph247P5AQ</span><span class="invisible"></span></a><br><a href="https://infosec.exchange/tags/bugbountytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbountytips</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBounty</span></a></p>
Doyensec<p>Announcing the release of ProtoBurp++ (our fork of ProtoBurp)! ProtoBurp++ is a <a href="https://infosec.exchange/tags/burpsuite" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>burpsuite</span></a> extension that enables <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> researchers to encode/decode and fuzz custom Protobuf messages. It allows for fuzzing inputs using Burp's Repeater, Intruder tools and Active Scanner, as well as proxying traffic from other tools (e.g., sqlmap). Check it out today!</p><p><a href="https://infosec.exchange/tags/doyensec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>doyensec</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a> <a href="https://infosec.exchange/tags/websecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>websecurity</span></a> <a href="https://infosec.exchange/tags/bugbountytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbountytips</span></a> </p><p><a href="https://github.com/doyensec/protoburp" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/doyensec/protoburp</span><span class="invisible"></span></a></p>
Sam Stepanyan :verified: 🐘<p><a href="https://infosec.exchange/tags/ProtonMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ProtonMail</span></a> - great writeup from @sonarsource on mind-blowing <a href="https://infosec.exchange/tags/XSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XSS</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> chain leading to attackers potentially reading your messages. <br>Sanitiser bypass with a neat trick of using CSS cross-fade()🤯<br>Fascinating read:<br><a href="https://infosec.exchange/tags/BugBountyTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBountyTips</span></a> <br><a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppSec</span></a> <br>👇</p><p><a href="https://www.sonarsource.com/blog/code-vulnerabilities-leak-emails-in-proton-mail/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">sonarsource.com/blog/code-vuln</span><span class="invisible">erabilities-leak-emails-in-proton-mail/</span></a></p>
Vasileiadis A. (Cyberkid)<p>HTTP Status Code</p><p><a href="https://defcon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://defcon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://defcon.social/tags/cybersecuritytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecuritytips</span></a> <a href="https://defcon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://defcon.social/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://defcon.social/tags/informationsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>informationsecurity</span></a> <a href="https://defcon.social/tags/CyberSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSec</span></a> <a href="https://defcon.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networking</span></a> <a href="https://defcon.social/tags/networksecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecurity</span></a> <a href="https://defcon.social/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosecurity</span></a> <a href="https://defcon.social/tags/cyberattacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberattacks</span></a> <a href="https://defcon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://defcon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://defcon.social/tags/cybersecurityawareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurityawareness</span></a> <a href="https://defcon.social/tags/bugbounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbounty</span></a> <a href="https://defcon.social/tags/bugbountytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbountytips</span></a></p>
Vasileiadis A. (Cyberkid)<p>Shodan Cheat Sheet </p><p><a href="https://defcon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://defcon.social/tags/cybersecuritytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecuritytips</span></a> <a href="https://defcon.social/tags/Bug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bug</span></a> <a href="https://defcon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://defcon.social/tags/CyberThreatIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberThreatIntelligence</span></a> <a href="https://defcon.social/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://defcon.social/tags/bugbountytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbountytips</span></a> <a href="https://defcon.social/tags/OSINT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OSINT</span></a> <a href="https://defcon.social/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBounty</span></a> <a href="https://defcon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://defcon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload