Spring is a set of frameworks for developing Applications in Java. It is widely used, and so it is not unusual to encounter it during a security audit or penetration test. One of its features that I recently encountered during a Whitebox audit is actuators. In this series of articles, I will use the..

👨‍🚀 ByteVibe, a space out of space 👨‍🚀─✅ Museum-quality poster✅ Made on long-lasting semi-glossy (silk) paper✅ Durable colors✅ Vibrant colors✅ Shipped in sturdy packaging protecting the poster✅ Enviro...

EpilogueI reported the exploitation scenario and was rewarded €500, as the impact was high. Be patient, don’t give up, and think out of the box. In this case, I used the company’s service to exploit the bug.Source :- https://tutorialboy24.blogspot.com/2022/09/turning-cookie-based-xss-into-account.ht..

IntroductionCountless applications rely on Amazon Web Services’ Simple Notification Service for application-to-application communication such as webhooks and callbacks. To verify the authenticity of these messages, these projects use certificate-based signature validation based on the SigningCertURL..

IntroductionAs a representative of cloud-native management and orchestration systems, Kubernetes (K8S for short) is receiving more and more attention. A report [1] shows that 96% of organizations are using or evaluating K8S, and its market share in production environments is Visible.The functions of..

Everything about Machine Learning for Cybersecurity and in-between.

👨‍🚀 ByteVibe, a space out of space 👨‍🚀─✅ Museum-quality poster✅ Made on long-lasting semi-glossy (silk) paper✅ Durable colors✅ Vibrant colors✅ Shipped in sturdy packaging protecting the poster✅ Enviro...

When you hear the term “security breach,” chances are that risks like malware or ransomware attacks come to mind. These exploits tend to feature in headlines about major cybersecurity attacks.

Malware analysis determines if a program/file is malicious. There are two phases in malware analysis.

The key to succeeding in information security and cyber threat intelligence is recognizing what you’re dealing with, and adapting accordingly.

Azure AD is a powerful cloud-based IdP from Microsoft that many organizations have “free” access to through their M365 subscriptions for Office 365 / Exchange Online.

Caesar ciphers map out characters to other characters based on a number key chosen by the designer of the Caesar cipher.