HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
31.
▲
WordPress security plugin Hide My WP addresses SQL injection, deactivation flaws
portswigger.net
51 comments
5 years ago
patchstack
75 points
32.
▲
HTTP Desync Attacks: Request Smuggling Reborn
portswigger.net
11 comments
7 years ago
karma20
75 points
33.
▲
Critical Samba flaw presents code execution threat
portswigger.net
41 comments
4 years ago
feross
74 points
34.
▲
Web App Hacker's Handbook 2nd Edition - Preview
blog.portswigger.net
14 comments
15 years ago
wglb
70 points
35.
▲
CSP bypass: How one Chrome XSS bug took 2.5 years and an HTML spec change to fix
portswigger.net
15 comments
5 years ago
weinzierl
67 points
36.
▲
DNA data of sexual assault victims exposed in breach at US laboratory
portswigger.net
23 comments
4 years ago
carride
63 points
37.
▲
Expired web domains help criminal hackers unlock enterprise defenses
portswigger.net
22 comments
5 years ago
bhartzer
60 points
38.
▲
Lessons Learned: A severe vulnerability in the OWASP ModSecurity Core Rule Set
portswigger.net
6 comments
5 years ago
feross
55 points
39.
▲
Chain of vulnerabilities led to RCE on Cisco Prime servers
portswigger.net
4 comments
4 years ago
feross
48 points
40.
▲
Same-origin violation vulnerability in Safari 15 could leak a user’s website
portswigger.net
17 comments
4 years ago
feross
47 points
41.
▲
Bypassing CSP using polyglot JPEGs
blog.portswigger.net
15 comments
10 years ago
inian
43 points
42.
▲
HTTP/1.1 must die: the desync endgame
portswigger.net
25 comments
10 months ago
sprawl_
42 points
43.
▲
Node.js was vulnerable to a novel HTTP request smuggling technique
portswigger.net
4 comments
5 years ago
xojoc
39 points
44.
▲
Google Project Zero hails dramatic acceleration in security bug remediation
portswigger.net
7 comments
4 years ago
feross
36 points
45.
▲
Cracking the Lens: Targeting HTTP's Hidden Attack-Surface
blog.portswigger.net
discuss
9 years ago
j_s
36 points
46.
▲
Go typosquatting package relays info to tech firm
portswigger.net
11 comments
5 years ago
LysPJ
32 points
47.
▲
Implementing Tic Tac Toe with 170mb of HTML – No JavaScript or CSS
portswigger.net
31 comments
3 years ago
fagnerbrack
31 points
48.
▲
Prototype Pollution (2020)
portswigger.net
11 comments
5 years ago
valand
31 points
49.
▲
Chrome is deprecating direct access to private networks from public websites
portswigger.net
7 comments
4 years ago
caaqil
27 points
50.
▲
API security: Broken access controls, injection attacks plague the enterprise
portswigger.net
discuss
4 years ago
feross
25 points
51.
▲
Stealing passwords from infosec Mastodon – without bypassing CSP
portswigger.net
1 comment
4 years ago
tosh
20 points
52.
▲
Popular websites leaking user email data to web tracking domains
portswigger.net
discuss
4 years ago
rntn
19 points
53.
▲
SnapFuzz: New fuzzing tool speeds up testing of network applications
portswigger.net
2 comments
4 years ago
feross
18 points
54.
▲
Detecting and exploiting path-relative stylesheet import vulnerabilities
blog.portswigger.net
discuss
11 years ago
restlessmedia
18 points
55.
▲
HTTP/1.1 must die: the desync endgame
portswigger.net
2 comments
a year ago
octagons
17 points
56.
▲
Pip-audit: Google-backed tool probes Python environments for vulnerable packages
portswigger.net
2 comments
5 years ago
feross
15 points
57.
▲
Implementing Tic Tac Toe with 170mb of HTML – No JavaScript or CSS
portswigger.net
5 comments
3 years ago
thunderbong
13 points
58.
▲
Connecticut becomes fifth US state to enact comprehensive consumer privacy law
portswigger.net
discuss
4 years ago
feross
12 points
59.
▲
Van Buren appeal arguments in light of Computer Fraud and Abuse Act ambiguity
portswigger.net
discuss
6 years ago
DyslexicAtheist
12 points
60.
▲
GoDaddy managed WordPress hosting service breach exposed 1.2m user profiles
portswigger.net
1 comment
5 years ago
feross
11 points
More