For those who don’t know who SendGrid is… SendGrid provides unmatched deliverability, scalability, and reliability. We deliver email on behalf of happy customers such as: […]
Detect the latest Joomla! SQL Injection vulnerability online
SecureLayer7 released a online scanner for the Joomla 3.4.4 Core SQL injection Vulnerability. Check it out http://joomlatest.securelayer7.net/
Hack.lu 2015 slides download
Slides from Hack.lu can now be downloaded at http://2015.hack.lu/archive/2015/ Enjoy!
Joomla SQL Injection Vulnerability
Trustwave disclosed a security report on a SQL Injection on popular CMS Joomla! that will result in full administrative access. Awesome work! https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/
Attacking Ruby on Rails
I want to share a interesting reading that I noticed when searching Mr. G for Ruby security. I still didn’t finished reading it because lack […]
Hack to the Future with Cobalt
Cobalt.io published a nice image on Twitter with some of the security researchers. Can you guess who’s there?
Get a bounty on a WordPress blog
I would like describe a step-by-step of my latest “appreciation program” reward on a security issue in a WordPress plugin. First things first – check […]
Free online proxy using Bing Translator
This method is already known on many other servers like Google Translator and other online services. I don’t know if I might consider this to […]
Events Made Easy WordPress plugin CSRF + Persistent XSS
Plugin link: https://wordpress.org/plugins/events-made-easy/ Active Installs: 10,000+ Version tested: 1.5.49 CVE Reference: Waiting Events Made Easy is a full-featured event management solution for WordPress. Events Made […]
Free online tools to help your #bugbounty
I’m getting a few emails asking some tips on how to get some bounties. Because I like to help others and I’m a share knowledge […]