Welcome to the Top 10 (novel) Web Hacking Techniques of 2020, our annual community-powered effort to identify the must-read web security research released in the previous year. Over the past few weeks

A kotlin multiplatform wrapper for libsodium, using directly built libsodium for jvm and native, and libsodium.js for js targets. - ionspin/kotlin-multiplatform-libsodium

Learn more about how the same JSON document can be parsed with different values across microservices, leading to a variety of potential security risks.

Hi, this blog post is just a short post to address the technique part in one of my Red Team cases last year. I believe it’s worth sharing, so I reproduced this in my lab environment and made this topi

Hi, this blog post is just a short post to address the technique part in one of my Red Team cases last year. I believe it’s worth sharing, so I reproduced this in my lab environment and made this topi

Introduction Every time I see an opportunity to attempt an External Entity Injection (XXE) attack I get excited. In my experience it has a high chance of success when compared to many other vulnerability types. Many of the XXE exploitation methods require…

Burp Extension that copies a request and builds a FFUF skeleton - d3k4z/burp-copy-as-ffuf

This article is now available in Japanese: 紙と鉛筆でビットコインをマイニング：1日に0.67ハッシュ and Russian: Майним Bitcoin с помощью бумаги и ручки . I decided...

История Франсуа Прот (1852–1879) был фермером-самоучкой, который жил во французской деревне Во-деван-Дамлу недалеко от Вердена. Рассматриваемая здесь теорема, является одним из четырех полученных им...

Personal blog of Julien (jvoisin) Voisin