A quieter week that perfectly fits the two deep dives! đź“š ORM Leaking More Than You Joined For The latest opus ...
SAML bypasses & LLM-assisted crash triage. đź”’ The Fragile Lock: Novel Bypasses for SAML Authentication Ruby SAML falls again. An extraordinary ...
WAF bypasses, CVE research & constant-time crypto. ⏰ Introducing constant-time support for LLVM to protect cryptographic code Trail of Bits explains ...
Articles worth reading discovered last week. This week feels like a giant "how to find your own CVE"... 🤖 An Evening ...
Android, Request Smuggling and Markdown Sanitizer! 📸 Pixnapping Attack It has been a while since the last vulnerability with its own ...
Busy week: Android, Django and MCP! 🤖 Runtime Android Object Instrumentation A great write-up on runtime instrumentation for Android using SQLite ...
Passports, WIFI and AI-SAST! 🛂 The cryptography behind electronic passports A great write-up on the security of electronic passports using a ...
Another great week! 🧠CSP Bypass Search What if there was a place you could copy/paste a CSP policy and instantly ...
Security code review doesn't have to be intimidating. In Go codebases, certain patterns appear repeatedly. These mistakes are easy to spot ...
AI, AI, SSRF-XSLT! 🤖 Building the Leading Open-Source Pentesting Agent: Architecture Lessons from XBOW Benchmark The latest write-up on how to ...
ADB and JWT, a quiet but interesting week! đźš™ Technical Advisory: Tesla Telematics Control Unit - ADB Auth Bypass Learn how ...
Content worth checking discovered last week: 🤖 Hacking with AI SASTs A great write-up evaluating the current state of AI-augmented SAST: ...
Tabletop exercises are the secret weapon for building resilient AppSec teams. They're not just training; they're relationship builders, blind spot finders, ...
A good mix of everything to please everyone: CVEs, AI, Integrity Bypass and Unicode đź› ksmbd - Fuzzing Improvements and Vulnerability ...
Rails relies on signed sessions to keep track of logged-in users. Since Rails 5.2, those sessions use AES GCM for authenticated ...
When you are doing code review, penetration testing, bug bounty or threat modeling, it is easy to get tunnel vision and ...
For the past few months, I’ve been noticing a pattern on LinkedIn: people celebrating their success in obtaining our Code Review ...
Stop everything you’re doing! Phrack is out! 📰 Phrack Issue 0x48 The latest Phrack is out! As usual, lots of amazing ...
h5::after { display:none !important; } .tag-color { background-color: #448AB1; } h7 { font-family: SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", ...
TL;DR: You don’t need a fresh 0-day to prove you can hack. Break down existing vulnerabilities and security mechanisms instead. You’ll ...
Enumeration is where every great hack starts. Our Recon Badge gives you a realistic playground to master those first, crucial steps ...
JSON Web Tokens (JWTs) are widely used for authentication, authorization, and secure information exchange in modern web applications. They're often used ...
The Perceived HierarchyIn the world of offensive security, many people view security research as the ultimate goal, a prestigious badge of ...
When reviewing code, you often uncover problematic patterns or weaknesses. Unfortunately, discovering something concerning doesn't automatically mean you have found an ...
JWT.io is widely known among developers for its convenient JWT debugger and its curated list of libraries supporting JSON Web Tokens ...
Secure code review is a fundamental practice in software security, aimed at identifying vulnerabilities, weaknesses, or areas for security improvement directly ...
For years, organizations have relied on CVSS to assess and prioritize vulnerabilities. The framework was built by incredibly smart people, and ...
I’ve been thinking a lot about AI-generated code lately—and the impact it has and will continue to have on security code ...
I recently gave a workshop at OWASP Bay Area and presented a fresh slide deck. My main goal was to explain ...
When talking with security folks about the benefits of running an internal Capture the Flag (CTF) event or signing developers up ...
I often get asked about pentesting and code review methodologies. It seems like people are hoping for a secret sauce that ...
We recently released a lab on MongoDB IDOR and how to guess ObjectIds. Basically, you need to find the ObjectId of ...
A lot of people, when testing for security issues, jump right into "full exploitation" mode. They might flip multiple parameters in ...
With the new version of the famous OWASP Top 10 on the horizon, it’s a great time to talk about its ...
In a world where software vulnerabilities and data breaches dominate headlines, application security has become a top priority. Yet achieving consistent, ...
When we talk about “networking” in InfoSec—especially for aspiring pentesters—most people immediately think of IP addresses, ports, and three-way handshakes. But ...
Training developers in security code review goes beyond simply enhancing their ability to write secure code. It equips them with the ...
Scoping a security code review is a critical step in ensuring a successful engagement. Without proper scoping, you risk falling into ...
While developing the "Criminal Mind" is crucial for uncovering vulnerabilities, there is another equally important skill to master: developing the "Engineer ...
In the world of security testing and vulnerability research, there’s a specific mindset that sets some individuals apart—a way of thinking ...
A secure password reset process is a cornerstone of account security for any web application. If not implemented correctly, it can ...
Security internships are a fantastic way to learn, gain experience, and establish a foothold in the cybersecurity industry. However, they come ...
PentesterLab is widely recognized as a top-tier training platform for application security (AppSec) professionals, penetration testers, and code reviewers. However, our ...
PentesterLab is a comprehensive platform designed for application security engineers focused on identifying weaknesses, vulnerabilities, and areas for improvement in real-world ...
Recently, I was in Brisbane to give a talk on JWT algorithm confusion vulnerabilities. During a conversation with my friend Luke ...
As we gear up for the new year, many of us reflect on how we can improve and grow. For those ...
Bug bounty hunting has become an exciting way to develop security skills, earn some extra income, and contribute to securing applications ...
My friend Luke recently published a great blog post titled: The Ruby on Rails _json Juggling Attack. Please make sure you ...
I've read the source code of many JWT libraries—some might say, too many. In doing so, I've seen patterns of both ...
After my recent article on CORS Vulnerabilities in Go: Vulnerable Patterns and Lessons, I started exploring similar issues in Rust. Interestingly, ...
If you read this blog regularly, you know that I like looking at CVE. I do that to create labs and ...
When talking with aspiring hackers, bug bounty hunters, or application security engineers, it often feels that there’s some misunderstanding around encoding. ...
Web hacking is a domain that rewards curiosity, persistence, and a hands-on approach to learning. To master the intricacies of web ...
If you want to take your web skills to the next level, one tool you really need to master is curl. ...
When I wrote the first lab on algorithm confusion, I remember spending a bit of time trying to find a vulnerable ...
When doing security code review, you sometimes come across infuriating code—code that appears to be vulnerable but isn't, due to unexpected ...
A notable threat in application security arises when applications execute commands within directories that may be under an attacker's influence. It's ...
In the early days of software development, secure coding was indispensable in safeguarding applications against common security threats. Developers had to ...
In many sports and activities, deliberate practice is the key to improvement. Chess masters break down their training into openings, middle ...
In the world of application security and code review, there’s a misconception that the success of a review is measured solely ...
In a previous blog post titled "Hiring Your First AppSec Engineer", we discussed some key recommendations for hiring your first application ...
Recently, I was asked by a CISO for recommendations on hiring their first AppSec or product security professional. This sparked a ...
One of the things I enjoy doing is looking at CVEs. I find it a great way to learn about new ...
In today’s world, there is an overwhelming obsession with productivity. Efficiency is the gold standard, and procrastination is seen as the ...
One of the classic examples of SQL Injection is using ' or 1=1 -- in a username to bypass the authentication ...
In the world of software development, the allure of writing clever code is strong. Developers, especially those who are highly skilled, ...
The discovery of a new bug or the analysis of a Common Vulnerabilities and Exposures (CVE) can often feel like a ...
I woke up this morning and saw that yet another certification is now available. You can now be "XYZ" certified! The ...
In the field of application security, two crucial types of training often come up: secure coding training and security code review ...
One of the recurring questions I get during my Web Security Code Review Training is how to keep notes when multiple ...
Bad code reviewers use grep... well, good code reviewers use grep, but they are good code reviewers! You are probably not ...
When running our Web Security Code Review Training, I use an analogy on the difference between "They are French" and "They ...
As a security engineer, and like many people in security, I prefer bulletproof solutions to patches that fix only half of ...
We are currently building our ORM Leak labs and found a quirk worth sharing. The goal of our labs is to ...
When it comes to the security of programming languages, the conversation often revolves around memory safety and typing. These features, while ...
There’s been a lot of chatter about PHP being insecure, but as Luke Stephens points out in his article, "People who ...
I think the hardest part for pentesters transitioning into security code review is going back to the low level of confidence ...
One effective way to accelerate your security code review or pentest is to understand what developers get for free! In this ...
In web hacking, scripting is a key skill that separates good hackers from great ones. If you follow top web hackers, ...
You wrote the perfect resume, the interview is going well! Now the classic “Do you have any questions for us?” is ...
When handling customer support for PentesterLab, we often get emails from people who can’t solve a challenge: “… I have been ...
In the world of hacking, the right tools can make all the difference. However, when you’re just starting out, it’s crucial ...
In every field, people eventually hit plateaux in their progression. Security code review is no different. In this article, we explore ...
Tell a bit more about yourself? My name is Ryan Montgomery, also known in the cybersecurity world as 0day. I’ve been ...
JSON Web Tokens (JWT) are widely used for authentication in modern applications. As their use increases, so does the importance of ...
In this blog post, we are going to cover a strategy to help you get a job as a pentester or ...
Too often (me included), savvy code reviewers recommend to get started into code review by “Just reading code” and that is ...
I recently found a small issue in some TLS clients. More precisely, it is more of a difference between what happens ...
After reading this blog post on a bug in Github and Unicode, I started playing more and more with Unicode (even ...
Every week, our twitter account @PentesterLab publishes a list of articles worth-reading. This is the list of all the articles for ...
For a long time, I have been looking at solving a simple problem: be more efficient when scaling vulnerability research/bug hunting. ...
When building a Capture-The-Flag (for a conference), you need to have a good mix of very easy challenges and very hard ...
One of the common advice when trying to improve security at scale is to invest in QA. In this article, we ...
Since it’s something I’m really passionate about, I have decided to spend more time writing about application security at scale. Today ...
If you follow PentesterLab on Twitter, you probably saw the following tweet: Want to bypass WAF when exploiting CVE-2019-5418 ? curl ...
In this short article, I’m going to discuss a little bit on the exploitability of CVE-2019–5420. Ruby-on-Rails offers three different environments ...
Tell me a bit more about yourself? Current occupation? Aspirations? Twitter? I run my own security business called Shea Information Security ...
One of the questions I often get asked is whether or not I recommend going to university/engineering school/… or to get ...
Tell me a bit more about yourself? Current occupation? Aspirations? I’ve been playing with computers for a while now, until I ...
Tell me a bit more about yourself? Current occupation? Aspirations? Twitter? I’m Robert Kugler (@robertchrk), a 22 year-old penetration tester & ...
Tell me a bit more about yourself? Current occupation? Aspirations? I started using PentesterLab at around 2014. At that point of ...
The HackIM 2018/NullCon CTF just wrapped up. PentesterLab wrote 3 challenges for this CTF: “JWT V” (web4) worth 200 points “JWT ...
At PentesterLab, we have been helping thousands of people become pentesters or better pentesters: with PentesterLab PRO offering for students/individuals/enterprises with ...
Since you now have the perfect resume, you probably land some interviews! We decided to put together some advices on how ...
One of most common and potentially most painful task you will have to perform as a penetration tester is retesting. If ...
If you are familiar with PentesterLab, you may have looked into our Play XML Entities exercise. Recently, we decided to create ...
As a pentester, most clients will judge your work by the quality of your reports. Your resume is the best way ...
We put together some advice for new pentesters; we hope you will like them! Be precise One of the key issues ...
Scoping is one of the most important parts of a penetration testing engagement as it will determine if you will be ...
Ensuring that your team stays up-to-date is a hard problem. The security field is always evolving and new vulnerabilities and attacks ...
Keeping notes is one of the key aspects of penetration testing. In this article I’m going to share some information on ...
