With AI, technical interviews are becoming harder and harder to trust. Candidates now have access to automated tools designed to help ...
I recently found a small issue in some TLS clients. More precisely, it is more of a difference between what happens ...
After reading this blog post on a bug in Github and Unicode, I started playing more and more with Unicode (even ...
Every week, our twitter account @PentesterLab publishes a list of articles worth-reading. This is the list of all the articles for ...
For a long time, I have been looking at solving a simple problem: be more efficient when scaling vulnerability research/bug hunting. ...
When building a Capture-The-Flag (for a conference), you need to have a good mix of very easy challenges and very hard ...
One of the common advice when trying to improve security at scale is to invest in QA. In this article, we ...
Since it’s something I’m really passionate about, I have decided to spend more time writing about application security at scale. Today ...
If you follow PentesterLab on Twitter, you probably saw the following tweet: Want to bypass WAF when exploiting CVE-2019-5418 ? curl ...
In this short article, I’m going to discuss a little bit on the exploitability of CVE-2019–5420. Ruby-on-Rails offers three different environments ...
Tell me a bit more about yourself? Current occupation? Aspirations? Twitter? I run my own security business called Shea Information Security ...
One of the questions I often get asked is whether or not I recommend going to university/engineering school/… or to get ...
Tell me a bit more about yourself? Current occupation? Aspirations? I’ve been playing with computers for a while now, until I ...