HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
1.
▲
Ask HN: Looking for recommendations on decent penetration testing tools
8 comments
9 years ago
51Cards
15 points
2.
▲
Ask HN: From Developer to Appsec Engineer?
discuss
4 years ago
desertbug
2 points
3.
▲
Web hacking techniques of 2021
portswigger.net
50 comments
4 years ago
adrianomartins
567 points
4.
▲
HTTP/2-exclusive threats caused by implementation flaws and RFC imperfections
portswigger.net
112 comments
5 years ago
Berg0X00
393 points
5.
▲
Microsoft pushes ahead with controversial ‘buy now, pay later’ feature for Edge
portswigger.net
291 comments
5 years ago
feross
336 points
6.
▲
uBlock, I exfiltrate: exploiting ad blockers with CSS
portswigger.net
99 comments
5 years ago
todsacerdoti
270 points
7.
▲
Researchers exploit HTTP/2, WPA3 protocols to stage ‘timeless timing’ attacks
portswigger.net
26 comments
6 years ago
wglb
241 points
8.
▲
HTTP/3: Everything you need to know about the next-generation web protocol
portswigger.net
156 comments
4 years ago
homarp
220 points
9.
▲
Targeting HTTP's Hidden Attack-Surface
blog.portswigger.net
13 comments
9 years ago
skybrian
207 points
10.
▲
Web Storage: the lesser evil for session tokens
blog.portswigger.net
69 comments
10 years ago
kkl
195 points
11.
▲
VPN users unmasked by zero-day vulnerability in Virgin Media routers
portswigger.net
93 comments
5 years ago
feross
192 points
12.
▲
Developers fix multitude of vulnerabilities in Apache HTTP Server
portswigger.net
108 comments
5 years ago
feross
190 points
13.
▲
Listen to the whispers: web timing attacks that work
portswigger.net
33 comments
2 years ago
saikatsg
188 points
14.
▲
Google, Mozilla Close to Finalizing Sanitizer API for Chrome and Firefox Browse
portswigger.net
100 comments
5 years ago
todsacerdoti
187 points
15.
▲
OAuth 2.0 Authentication Vulnerabilities
portswigger.net
67 comments
5 years ago
lobo_tuerto
174 points
16.
▲
OPPA: Ohio could become the third US state to enact a new consumer privacy law
portswigger.net
65 comments
5 years ago
feross
174 points
17.
▲
New differential fuzzing tool reveals novel HTTP request smuggling techniques
portswigger.net
33 comments
5 years ago
feross
169 points
18.
▲
Belgium launches nationwide safe harbor for ethical hackers
portswigger.net
23 comments
3 years ago
raphinou
164 points
19.
▲
Practical Web Cache Poisoning
portswigger.net
10 comments
8 years ago
4kevinking
146 points
20.
▲
An overview of the top web hacking techniques of 2017
portswigger.net
11 comments
8 years ago
albinowax_
144 points
21.
▲
Dozens of high-traffic websites vulnerable to ‘account pre-hijacking’, study
portswigger.net
80 comments
4 years ago
feross
139 points
22.
▲
Dangerous bug in Chrome’s ‘New Tab’ page bypassed security features
portswigger.net
91 comments
5 years ago
PaulHoule
136 points
23.
▲
Executing non-alphanumeric JavaScript without parentheses
blog.portswigger.net
19 comments
10 years ago
kkl
123 points
24.
▲
HAProxy vulnerability enables HTTP request smuggling attacks
portswigger.net
25 comments
5 years ago
feross
119 points
25.
▲
Smashing the state machine: the true potential of web race conditions
portswigger.net
32 comments
3 years ago
chatmasta
112 points
26.
▲
OAuth Attack Vectors
portswigger.net
33 comments
5 years ago
arkadiyt
106 points
27.
▲
New and improved Linux Random Number Generator ready for testing
portswigger.net
67 comments
5 years ago
feross
100 points
28.
▲
Jitsi’s Emil Ivov on scaling up during a pandemic
portswigger.net
21 comments
6 years ago
em3rgent0rdr
97 points
29.
▲
WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued
portswigger.net
56 comments
4 years ago
feross
91 points
30.
▲
Bittersweet Symfony: Devs accidentally turn off CSRF protection in PHP framework
portswigger.net
55 comments
4 years ago
feross
78 points
More