Web Security

[Cloudflare bypass - Discover IP addresses of Web servers in AWS Trickest](https://trickest.com/blog/cloudflare-bypass-discover-ip-addresses-aws/)
[Testing SAML security with DAST Invicti](https://www.invicti.com/blog/web-security/testing-saml-security-with-dast/)
[Bypassing OGNL sandboxes for fun and charities The GitHub Blog](https://github.blog/2023-01-27-bypassing-ognl-sandboxes-for-fun-and-charities/)
[I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS Spaceraccoon’s Blog](https://spaceraccoon.dev/analyzing-clipboardevent-listeners-stored-xss/)

Exploiting Out Of Band XXE using internal network and php wrappers

Continuous delivery, meet continuous security - Stack Overflow Blog

Practical Example Of Client Side Path Manipulation

Exploiting API Framework Flexibility

#NahamCon2022EU: Story of an RCE on Apple Through Hot Jar Swapping by Frans Rosen - YouTube

  • https://github.com/fransr/hot-jar-swapping-urlclassloader

Which XSS payloads get the biggest bounties? - Case study of 174 reports - YouTube

(29) INTIGRITI on Twitter: “Did you know you can hide your payloads in phone numbers? ☎️😱 RFC3966 specifies parameters for valid phone numbers that can contain characters. @securinti discovered that popular libraries are vulnerable and that it can lead to XSS and even ATO!🔥 #BugBountyTips #NahamCon2022EU https://t.co/tNUVyZu7Oz” / Twitter

Detecting and annoying Burp users

[Browser powered scanning 2.0 Blog - PortSwigger](https://portswigger.net/blog/browser-powered-scanning-2-0)
[Bug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass A developer’s notes in the world of security research and bug bounty, by pmnh](https://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/)
[{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF Claroty](https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf)

Bypassing Web Application Firewalls – Certitude Blog

[DataBinding2Shell: Novel Pathways to RCE Web Frameworks - Black Hat Europe 2022 Briefings Schedule](https://www.blackhat.com/eu-22/briefings/schedule/)

Hacking Salesforce-backed WebApps - Hypn.za.net

[Testing the Performance of User Authentication Flow Ddosify Blog](https://ddosify.com/blog/testing-the-performance-of-user-authentication-flow)

Tag Blending Obfuscation In Property-Based Payloads - Brute XSS

Laluka on Twitter: “For all non-french speakers out there, I finally found the time to write the article associated to “1001 ways to PWN prod!” ^.^ https://t.co/T6vIzX0mho For all those that welcomed this talk so well - cc @clintgibler @absoluteappsec @yeswehack @intigriti @chybeta @ManoMano_Tech https://t.co/iZ3O3JKK3O” / Twitter

Hack with ‘goodfaith’ - A tool to automate and scale good faith hacking - Detectify Labs

Web Security in 2022
Luca Doyensec

(1) Keynote: Why web tech is like this - Steve Sanderson - YouTube

DEF CON 30 - Samuel Erb, Justin Gardner - Crossing the KASM - a Webapp Pentest Story - YouTube

Persistent PHP payloads in PNGs: How to inject PHP code in an image –

PHP filters chain: What is it and how to use it

[Fuzzing XSS Sanitizers for Fun and Profit Tom Anthony - YouTube](https://www.youtube.com/watch?v=gJGbS8UELGw)

Pre-Auth Remote Code Execution - Web Page Test • Think Love Share

Jetty Features for Hacking Web Apps

six2dez/obsidian-pentesting-vault: Sample Obsidian’s vault for web pentesting

Protect your resources from web attacks with Fetch Metadata

Tale of Chaining Bugs for Account Takeovers

postMessage Braindump

Diving Into Electron Web API Permissions · Doyensec’s Blog

pentagridsec/PentagridScanController: Improve automated and semi-automated active scanning in Burp Pro

Effectively finding vulnerabilities in web applications by debugging the source code https://docs.google.com/presentation/d/101kN02mTv4skX2Qh4357MVy_9R-XT36DV3tapiSOT0I/edit#slide=id.p

[Advanced sqlmap Case Study A developer’s notes in the world of security research and bug bounty, by pmnh](https://h1pmnh.github.io/post/advanced-sqlmap-case-study-1/)

koenbuyens/oauth-2.0-security-cheat-sheet: oauth security guidelines

LevelUpX - Series 1: Salesforce Object Recon with B3nac - YouTube https://github.com/pingidentity/AuraIntruder?utm_source=newsletter&utm_medium=email&utm_campaign=bug_bytes_171_new_android_web_views_attacks_arbitrary_file_theft_on_android_scanning_for_pii_in_images&utm_term=2022-05-25

Frans Rosén Keynote at BSides Ahmedabad
Rosén discusses the methodology of fuzzing and info disclosure: discovering API vulnerabilities through fuzzing, discovering endpoints or hidden backend microservices, bypassing internal mechanisms, getting info from errors, forging JWT, and so forth.

Not the best camerawork, but good content and excellent speaker, so still good to check out. (Thanks Dmitry Sotnikov)

BSidesATL 2020 - Detect: Automated Web Application & API Discovery & Other Things That Sound Simple

Brooks and Lane talk about their experiences in locating shadow APIs in their network:

Using DNS enumeration Web host discovery API discovery Risk factor identification