Fuzzing is finding security bugs faster than CVEs can be issued, HTTP desync attacks advance, China's censorship power is felt around the world.
DevSecCon Seattle 2019 Round Up
Notes from an AppSec Cali 2019 panel, AWS security tools, fuzzing with grammars and Gitlab, and Google P0's iOS exploit chain discovery.
Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.
[tl;dr sec] #5 - Stepping Up Our Game (Black Hat 2017 keynote by Alex Stamos)
[tl;dr sec] #4: Data Driven Bug Bounty ๐
[tl;dr sec] (in)Secure Development - Why some product teams are great and others arenโt...
[tl;dr sec] Research from Portswigger, fuzzing papers, and CORS tricks
![[tl;dr sec] #9 - Autonomous Bug Reporting, HTTP Desync Attacks, & Censorship](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2024-11-21_at_10.48.21_AM.png)
