101010.pl

Linux MagazineLinux Magazine 296: Pen Testing is available now! Learn to think like an attacker and find resources to get started with penetration testing. This month's DVD includes <a href="https://fosstodon.org/@fedora" class="u-url mention" rel="nofollow noopener" target="_blank">@fedora</a> Workstation 42 Live and <a href="https://mastodon.social/@ubuntubudgie" class="u-url mention" rel="nofollow noopener" target="_blank">@ubuntubudgie</a> 25.04 <a href="https://www.linux-magazine.com/Issues/2025/296?utm_source=mlm" rel="nofollow noopener" translate="no" target="_blank">https://www.linux-magazine.com/Issues/2025/296?utm_source=mlm</a> <a href="https://fosstodon.org/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#PenTesting</a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://fosstodon.org/tags/EUOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#EUOS</a> <a href="https://fosstodon.org/tags/Lomiri" class="mention hashtag" rel="nofollow noopener" target="_blank">#Lomiri</a> <a href="https://fosstodon.org/tags/Nushell" class="mention hashtag" rel="nofollow noopener" target="_blank">#Nushell</a> <a href="https://fosstodon.org/tags/Ptcpdump" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ptcpdump</a> <a href="https://fosstodon.org/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#Python</a> <a href="https://fosstodon.org/tags/deborphan" class="mention hashtag" rel="nofollow noopener" target="_blank">#deborphan</a> <a href="https://fosstodon.org/tags/KiCad" class="mention hashtag" rel="nofollow noopener" target="_blank">#KiCad</a> <a href="https://fosstodon.org/tags/NiceGUI" class="mention hashtag" rel="nofollow noopener" target="_blank">#NiceGUI</a> <a href="https://fosstodon.org/tags/FreshRSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreshRSS</a>

Adam Shostack :donor: :rebelverified:Anyone want to offer odds on how long before the first bug bounty win?[Updated on the same day, see below]<blockquote>It took me a few days to build the library [cloudflare/workers-oauth-provider] with AI.I estimate it would have taken a few weeks, maybe months to write by hand.That said, this is a pretty ideal use case: implementing a well-known standard on a well-known platform with a clear API spec.</blockquote>(Quoting <a href="https://fedi.simonwillison.net/@simon" class="u-url mention" rel="nofollow noopener" target="_blank">@simon</a> quoting Kenton Varda)<a href="https://simonwillison.net/2025/Jun/2/kenton-varda/#atom-everything" rel="nofollow noopener" translate="no" target="_blank">https://simonwillison.net/2025/Jun/2/kenton-varda/#atom-everything</a><a href="https://infosec.exchange/tags/llm" class="mention hashtag" rel="nofollow noopener" target="_blank">#llm</a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a><a href="https://hails.org/@hailey/114618621907081062" rel="nofollow noopener" translate="no" target="_blank">https://hails.org/@hailey/114618621907081062</a>

nickbearded12 hours of testing on VirtualBox on my poor old PC. Zero crashes. BashCoreX is stable, fast, ready.Debian-based, XFCE-powered, loaded with essential tools for ethical hacking. Minimalism meets performance.<a href="https://mastodon.social/tags/BashCoreX" class="mention hashtag" rel="nofollow noopener" target="_blank">#BashCoreX</a> <a href="https://mastodon.social/tags/BashCore" class="mention hashtag" rel="nofollow noopener" target="_blank">#BashCore</a> <a href="https://mastodon.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://mastodon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Debian</a>

Konstantin :C_H:Just a reminder to always lock your door! <a href="https://infosec.exchange/tags/LatchSlipping" class="mention hashtag" rel="nofollow noopener" target="_blank">#LatchSlipping</a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/PhysicalPentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#PhysicalPentesting</a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a>

Julian OliverAn excellent and especially thorough list of bypasses available to just about any bad actor that can reach a shell on a misconfigured UNIX system.<a href="https://gtfobins.github.io/" rel="nofollow noopener" translate="no" target="_blank">https://gtfobins.github.io/</a>(Thanks to one of my students, Susana, for sending this in)<a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a>

dan_nanniDNS cache poisoning is a security attack that corrupts a DNS resolver’s cache by injecting false records, causing users to be redirected to fake IP addresses instead of the legitimate domainHere is how the attack works and how to protect from it 😎👇 <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/dns" class="mention hashtag" rel="nofollow noopener" target="_blank">#dns</a> <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a>Find pdf books with all my <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> related infographics at <a href="https://study-notes.org" rel="nofollow noopener" translate="no" target="_blank">https://study-notes.org</a>

LMG SecurityAI-powered features are the new attack surface! Check out our new blog in which LMG Security’s Senior Penetration Tester Emily Gosney <a href="https://infosec.exchange/@baybedoll" class="u-url mention" rel="nofollow noopener" target="_blank">@baybedoll</a> shares real-world strategies for testing AI-driven web apps against the latest prompt injection threats.From content smuggling to prompt splitting, attackers are using natural language to manipulate AI systems. Learn the top techniques—and why your web app pen test must include prompt injection testing to defend against today’s AI-driven threats.Read now: <a href="https://www.lmgsecurity.com/are-your-ai-backed-web-apps-secure-why-prompt-injection-testing-belongs-in-every-web-app-pen-test/" rel="nofollow noopener" translate="no" target="_blank">https://www.lmgsecurity.com/are-your-ai-backed-web-apps-secure-why-prompt-injection-testing-belongs-in-every-web-app-pen-test/</a><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/PromptInjection" class="mention hashtag" rel="nofollow noopener" target="_blank">#PromptInjection</a> <a href="https://infosec.exchange/tags/AIsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#AIsecurity</a> <a href="https://infosec.exchange/tags/WebAppSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebAppSecurity</a> <a href="https://infosec.exchange/tags/PenetrationTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#PenetrationTesting</a> <a href="https://infosec.exchange/tags/LLMvulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#LLMvulnerabilities</a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#DFIR</a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISO</a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ITsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#ITsecurity</a>

Karl Voit :emacs: :orgmode:Who says that <a href="https://graz.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> isn't helping people in real-life situations?Consider yourself a bad <a href="https://graz.social/tags/hacker" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacker</a>, breaking in a company <a href="https://graz.social/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#SharePoint</a> server. With <a href="https://graz.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a> <a href="https://graz.social/tags/CoPilot" class="mention hashtag" rel="nofollow noopener" target="_blank">#CoPilot</a>, you're able to determine recent <a href="https://graz.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a> reports, plain text <a href="https://graz.social/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwords</a> and other crucial information for your attack right away. As if you get direct help by an insider. Amazing.If you find an interesting sensitive file you don't have reading permission for, you can ask CoPilot to show it to you, overriding all the <a href="https://graz.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> permission measures. Even better: this is not even logged as a file access. No need to clean up afterward.Exactly the software you will need for your work. <a href="https://graz.social/tags/Pentester" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentester</a> and attackers could not have asked for a better tool. Your victims will pay for this handy service themselves. Great to get that kind of important support by Microsoft. 😉 Read about that on: <a href="https://www.pentestpartners.com/security-blog/exploiting-copilot-ai-for-sharepoint/" rel="nofollow noopener" translate="no" target="_blank">https://www.pentestpartners.com/security-blog/exploiting-copilot-ai-for-sharepoint/</a><a href="https://graz.social/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#LLM</a> <a href="https://graz.social/tags/fail" class="mention hashtag" rel="nofollow noopener" target="_blank">#fail</a> <a href="https://graz.social/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#backdoor</a> <a href="https://graz.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a>

Konstantin :C_H:<script>alert(1)</script> - 403 Forbidden <img src=x onerror=console.log(1)> - 403 Forbidden <svg onload=print()> - 403 ForbiddenI've recently encountered a web application firewall in a pentest, blocking all my attempts to insert an XSS payload.In such cases, I love to use the <a href="https://infosec.exchange/tags/PortSwigger" class="mention hashtag" rel="nofollow noopener" target="_blank">#PortSwigger</a> cross-site scripting cheat sheet: <a href="https://portswigger.net/web-security/cross-site-scripting/cheat-sheet" rel="nofollow noopener" translate="no" target="_blank">https://portswigger.net/web-security/cross-site-scripting/cheat-sheet</a>I copied all payloads to the clipboard, pasted them into the Intruder's word list and hit the "Start attack" button.Within seconds, I had a working proof of concept.How do you use the XSS cheat sheet? I'm keen to know!<a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#BugBounty</a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hacking</a>

dan_nanniKali Linux is a purpose-built Linux distribution tailored for cybersecurity experts and ethical hackers, offering a wide range of tools for penetration testing, digital forensics, and security researchHere is a categorized breakdown of key information security tools included in Kali <a href="https://mastodon.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> 😎👇 <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a>Find high-res pdf books with all my <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> related infographics at <a href="https://study-notes.org" rel="nofollow noopener" translate="no" target="_blank">https://study-notes.org</a>

CybersecKylePentest a Meta Quest 2.Quest Accepted: Setting Up a Pentesting Environment for the Meta Quest 2 <a href="https://blog.securityinnovation.com/setting-up-a-pentesting-environment-for-the-meta-quest-2" rel="nofollow noopener" translate="no" target="_blank">https://blog.securityinnovation.com/setting-up-a-pentesting-environment-for-the-meta-quest-2</a><a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

G33kst4 :verified:Today as every monday new <a href="https://hachyderm.io/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> video from the series Pentest 101<a href="https://hachyderm.io/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a> <a href="https://hachyderm.io/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://hachyderm.io/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://hachyderm.io/tags/education" class="mention hashtag" rel="nofollow noopener" target="_blank">#education</a> Let me know what you think!<a href="https://youtu.be/P57q0Mqb5RM" rel="nofollow noopener" translate="no" target="_blank">https://youtu.be/P57q0Mqb5RM</a>

Mike ShewardMini Pen Test Diaries Story:During the open source enumeration phase of an external footprint test, I found a virtual machine that bore the name of the client in its NetBIOS response in Shodan.Connecting to the machine over HTTP, I found a web app that was very relevant to the industry of the client - so I knew it was likely related.The strange thing, however, was that Shodan was telling me NetBIOS and SMB were open (that’s how I found the machine in the first place), but I was unable to connect to it over SMB. Port scan showed closed.I needed to figure out why Shodan was telling me one thing, but my reality was different.The machine was hosted in Azure, so I figured I’d try rerunning my port scan from a source IP in my own Azure account, to see if I’d get a different result.Sure enough, SMB was open when scanned from an Azure machine. They’d opened it up to any IP in Azure. No auth. Just an open file share accessible to anyone who was connecting to it from an Azure public source IP.I reported it, and it turned out that the machine was hosted by a vendor on behalf of the client.The vendor was insistent that my description of “public access to SMB share” was wrong, since technically it wasn’t open to the internet - just to Azure.I then pointed out that hey, Azure is a famous example of a “public” cloud for a reason.They fixed it.Lesson: always try from different perspectives - such as from within the same providers IP space, you might find what I found.For more, slightly less mini stories like this ones check out <a href="https://infosecdiaries.com" rel="nofollow noopener" translate="no" target="_blank">https://infosecdiaries.com</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a>

Konstantin :C_H:Am 16.05. empfangen mein Kollege Nick Lorenz und ich euch in Köln zu den usd Hackertagen. Bei Pizza und Tschunk reden wir übers Hacken und Pentesten.Praktische Hands-On Erfahrung könnt ihr in unserer Trainingsumgebung, dem PentestLab, sammeln.Wir freuen uns auf alle, die vorbeischauen.📅 16.05.2025, 13:00 - 18:30 Uhr + Gemeinsamer Ausklang bei Pizza und Tschunk 💲 kostenlosMehr Infos hier: <a href="https://www.usd.de/cst-academy/events/usd-hackertage/" rel="nofollow noopener" translate="no" target="_blank">https://www.usd.de/cst-academy/events/usd-hackertage/</a><a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hacking</a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/Education" class="mention hashtag" rel="nofollow noopener" target="_blank">#Education</a>

Mike ShewardIndependent Bookstore Day - happy that all of my books are available on Bookshop.org, which supports local bookstores, thus: <a href="https://bookshop.org/contributors/mike-sheward" rel="nofollow noopener" translate="no" target="_blank">https://bookshop.org/contributors/mike-sheward</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#blueteam</a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a> <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#dfir</a> <a href="https://infosec.exchange/tags/independentbookstoreday" class="mention hashtag" rel="nofollow noopener" target="_blank">#independentbookstoreday</a>

dan_nanniThis infographic showcases Linux-based tools commonly used by red teams to simulate attacks and test defenses 😎👇This tool collection is shared to promote awareness of potential threats and defensive tactics. Use responsibly—unauthorized use is both illegal and unethical. Stay informed , but stay ethical! <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a>Find high-res pdf books with all my <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> and <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> related infographics at <a href="https://study-notes.org" rel="nofollow noopener" translate="no" target="_blank">https://study-notes.org</a>

0x40kMan, this whole AI hype train... Yeah, sure, the tools are definitely getting sharper and faster, no doubt about it. But an AI pulling off a *real* pentest? Seriously doubt that's happening anytime soon. Let's be real: automated scans are useful, but they just aren't the same beast as a genuine penetration test.Honestly, I think security needs to be woven right into the fabric of a company from the get-go. It can't just be an afterthought you tack on when alarms are already blaring.Now, don't get me wrong, AI definitely brings its own set of dangers – disinformation is a big one that springs to mind. But here's the thing: we absolutely *have* to get our heads around these tools and figure them out. If we don't keep pace, we risk becoming irrelevant pretty quick.So, curious to hear what you all think – where do the greatest pitfalls lie with AI in the security field? What keeps you up at night?<a href="https://infosec.exchange/tags/AISecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#AISecurity</a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#OffensiveSecurity</a>

5h15hwow .. this is amazing: A handheld <a href="https://techhub.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> terminal (running <a href="https://techhub.social/tags/kali_linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#kali_linux</a>) using <a href="https://techhub.social/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#RaspberryPi</a> Zero 2W as Core with 4" 720X720 TFT display and the original BlackBerry Keyboard <a href="https://github.com/ZitaoTech/Hackberry-Pi_Zero" rel="nofollow noopener" translate="no" target="_blank">https://github.com/ZitaoTech/Hackberry-Pi_Zero</a> <a href="https://techhub.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://techhub.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://techhub.social/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#ethicalhacking</a> <a href="https://techhub.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://techhub.social/tags/kalilinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#kalilinux</a>

IT NewsPhysical Key Copying Starts With a Flipper Zero - A moment’s inattention is all it takes to gather the information needed to make a ... - <a href="https://hackaday.com/2025/03/25/physical-key-copying-starts-with-a-flipper-zero/" rel="nofollow noopener" translate="no" target="_blank">https://hackaday.com/2025/03/25/physical-key-copying-starts-with-a-flipper-zero/</a> <a href="https://schleuss.online/tags/lockpickinghacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#lockpickinghacks</a> <a href="https://schleuss.online/tags/duplicating" class="mention hashtag" rel="nofollow noopener" target="_blank">#duplicating</a> <a href="https://schleuss.online/tags/flipperzero" class="mention hashtag" rel="nofollow noopener" target="_blank">#flipperzero</a> <a href="https://schleuss.online/tags/lockpicking" class="mention hashtag" rel="nofollow noopener" target="_blank">#lockpicking</a> <a href="https://schleuss.online/tags/locksports" class="mention hashtag" rel="nofollow noopener" target="_blank">#locksports</a> <a href="https://schleuss.online/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentesting</a>

Konstantin :C_H:With <a href="https://infosec.exchange/tags/CVE_2025_29927" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE_2025_29927</a>, Next.js has now suffered its second major vulnerability in just three months, following <a href="https://infosec.exchange/tags/CVE_2024_51479" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE_2024_51479</a>.I originally built CVE Crowd with <a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NextJS</a>.However, as the application became more complex (especially with authentication), I decided to switch to a framework I was more familiar with.Honestly, I’m feeling a bit relieved about that right now...<a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#BugBounty</a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hacking</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/CVECrowd" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVECrowd</a>

Recent searches

Search options

Administered by:

Server stats:

#pentesting