Insecure Design | Tutorials & Examples | Snyk Learn
Learn about insecure design, and how to mitigate and remediate the vulnerability with real-world examples from security experts.
Here are some samples of blogs that we've written for our customers.
Learn about insecure design, and how to mitigate and remediate the vulnerability with real-world examples from security experts.
Author: Luke (@hakluke) Stephens It always blows me away to think that WordPress runs 43% of all websites, including those without a content management system (CMS) š¤Æ. A single open source project is responsible for such a huge part of the internet! It's interesting to think about what might happ
5 fundamental techniques that are used for bypassing WAFs with XSS payloads. An excellent resource for hackers, but also a warning to developers: a WAF is not enough to thwart exploitation of a web application.
Bug Bounty Automation is the key to success for many expert bug bounty hunters including Hakluke. He walks through how he does it.
Docker automation is possible. Gunnar Andrews discusses how ethical hackers can scale their automation workflow by using Docker.
If youāve been following these blogs, youāll see that in the last article, we hacked together a basic attack surface monitoring platform using projectdiscovery tools. Using some of those basic building blocks, weāre going to build a basic historical DNS bot that will continuously enumerate domains and
Crowdsource hackers HaklukeĀ andĀ Farah Hawa share the top web vulnerabilities that are often missed during security testing. When hunting for bugs, especially on competitive bug bounty ...
Probably the most frequently asked question we get from SpiderFoot users is āwith so many options available, what API keys should I get for my use case?āā¦
Discover seven essential features of comprehensive External Attack Surface Management (EASM) platforms to fortify your digital defenses.
Author: Luke Stephens Like any system, there are many ways to break into a WordPress installation, to name a few: Exploiting an out of date, vulnerable WordPress coreExploting vulnerable plugins or themesMan-in-the-middle attacksSocial engineering One of the most common ways to break into
AWS S3 Buckets are one of the most popular cloud-storage options. Learn how to scan S3 Buckets for secrets using TruffleHog.
A vulnerable and outdated component is a software component that is no longer supported by the developer, making it susceptible to security vulnerabilities.
This blog provides a few advanced subdomain reconnaissance techniques to enhance an ethical hackerās EASM techniques.
COVID's impact still resonates. Remote work, AI, and a turbulent economy have made the future unpredictable, including the future of cloud security. But we still have best practices for you! Let's examine 5 cloud security predictions to be aware of in 2023
While WordPress core is well-tested and widely used, it allows plugins to be installed. Those plugins can be developed by, well, anyone! They enable many significant enhancements to the core platform but also have the potential to compromise the security of the entire website, even when they are not
Learn how broken access control exploits work with a step-by-step tutorial, as well as how to mitigate and defend against them with access control settings.
Insight into the methods that ethical hackers or even malicious attackers use to collect knowledge about an organization's assets.
Penetration testing is a great way to improve the security of your org. Much of the testās value will be determined by your readiness. Hereās how to prepare.
Learn how to create SQL queries securely and avoid SQL injection attempts by malicious third parties.
Introduction In this article we are going to build a fast one-shot recon script to collect the bulk of the information we need to serve as a starting point for our bug bounty testing. This blog post is complementary to the article on building an attack surface monitoring solution. Automation,
Author: Devansh Bordia WordPress is the world's most popular content management platform, used on 45% of websites. This also makes it an attractive target for malicious attackers! In 2021, more than 1.5 million WordPress websites were compromised. In this article, we will cover many ways that
SSRF vulnerabilities aren't a new threat vector but they're often misunderstood. Here are details about what it is and where it can be found.
The 2023 Executive Order has far-reaching implications for companies relying on AI. Here is a breakdown of it through the lens of a Security Engineer, including an analysis, a summary of the impact on AI safety and privacy protection, and a look at how the order will affect security teams.
Learn how to protect your code from directory traversal in JavaScript by exploiting a vulnerable web server.
Azure Blob Storage is one of Microsoftās cloud storage offerings. Developers often use Azure Blob Storageās scalable object storage to store all types of data including source code, configuration files, database backups, and more. That means a variety of secrets like API keys and credentials might be present inside Azure Blobs just waiting for attackers to find them.
Dive into our intriguing exploration of how we unearthed a hidden treasure trove of data in the form of an exposed AWS key within a public NPM package, opening a Pandora's box of a company's entire production database.
What is Git and why does it have secrets?
In this article, Gunnar Andrews writes how hacking is a challenge, but can be made easier with the right environment, workflows and mindset.
My name is Jude, Iām a Security Analyst working with a Security Operations Center (SOC) team based in Australia. Outside of the usual SOC tasks (alertā¦
Efficient, extensible, flexible, open source vulnerability scanning. Introduction Nuclei is a fast, efficient, and extensible vulnerability scanner. It can scan thousands of hosts in just a few minutes. The nuclei engine uses text-file templates to define the steps required to detect a vulnerability. It is an open-source tool that encourages
Learn how to protect your code from directory traversal in JavaScript by exploiting a vulnerable web server.
WordPress powers about 60% of all websites on the internet, which is a staggering figure by any standard. Most of these WordPress instances lack many basic security features that can mean the difference between your website being hacked andā¦ well, not hacked. In this article, we're going to run t
Learn what a logging vulnerability is, including logging too much or logging too little, and how to protect your organization.
For the past 8 years, security researchers and threat actors have patrolled Travis CIās public log files for leaked API keys and passwords, often with amazing success. Just last year, security researchers discovered 73,000 credentials in Travis CI logs!
Learn how an XXE attack works, and how to mitigate and fix the XXE vulnerability with real-world examples from security experts.
Learn what ReDos is, why you should be aware of it, and how you can prevent and remediate the vulnerability in your organization
Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
Author: Duncan Jepson 22% of compromised WordPress websites occurred via vulnerabilities in their installed plugins. This was a staggering statistic to me when I first heard it. Because of this, I decided to take a bit of a dive into researching WordPress plugins and their vulnerabilities
Introduction Let's start with this: A DNS takeover is not the same as a subdomain takeover. Subdomain takeovers are old news. Hackers who caught onto them early made busloads of bounties by automating their detection and exploitation. They're still out there, but competition is fierce. Crafty hackers built bots that
Before busting out your arsenal of tools to rip a website apart, it can be really useful to just go back to basics and start by simply making a request toā¦
A vulnerable and outdated component is a software component that is no longer supported by the developer, making it susceptible to security vulnerabilities.
A simple tutorial on how to use TruffleHog to scan Jira for secrets.
We've curated a collection of 10 AI security articles that cover novel threats to AI models as well as strategies for developers to safeguard their models.
In this blog weāll discuss the basics of proxies, explain what Proxify is and how it can be used. Youāll learn how to: 1. Install and run Proxify 2. Customize proxy output files and addresses 3. Use DSL language to match and/or replace requests/responses from CLI.
A step-by-step guide on how to hack a web application from an ethical hacker so your security team can better learn what threats to consider.
Hack with 'Goodfaith' : A new tool that is intended to help hackers avoid generating traffic against out-of-scope targets and stay in scope.Ā
How to ensure an EASM tool provides a unified view of assets and infrastructure, enabling you to better navigate across disparate applications
An EASM program has become a necessity for security so your company's external assets don't fall into a state of vulnerability at some point.
Efficient, extensible, flexible, open source vulnerability scanning. Introduction Nuclei is a fast, efficient, and extensible vulnerability scanner. It can scan thousands of hosts in just a few minutes. The Nuclei engine uses YAML-based templates to define the steps required to detect a vulnerability. As an open-source tool we encourage community
If you're into hacking, there's a good chance that at least one of ProjectDiscovery's tools has been added to your toolbox over the last couple of years. In all honesty, ProjectDiscovery's tools now make up the majority of my toolbox. For this reason, I get excited when they release something
Devansh Bordia explores a series of common misconfigurations in AWS Services that lead to security vulnerabilities.
Introduction In this article, weāre going to walk through hacking together a simple attack surface monitoring platform by using ProjectDiscovery tools, bash, and flask. We will also be using MongoDB & Redis for scan data and scan queues. This tool was written for the pure purpose of this article, if
My name is Luke, but you might know me as @hakluke! Iām a cybersecurity professional, primarily focusing on application security and red teaming.ā¦
Improve data quality from your bug bounty hunts by using AWS QuickSight to develop dashboards to visualize and navigate the data outputs.
TL/DR: Crowdsource hacker Luke āhaklukeā StephensĀ documents a tool for discovering the origin host behind a reverse proxy which is useful for bypassing WAFs and other ...
Finding hacking targets can be a challenge. Gunnar Andrews talks through how recon and automation can be powerful tools for ethical hackers.
Some of the advantages that coding knowledge can give you when you start ethical hacking. Aimed at developers who want to learn hacking.
If you're into hacking, there's a good chance that at least one of ProjectDiscovery's tools has been added to your toolbox over the last couple of years. In all honesty, ProjectDiscovery's tools now make up the majority of my toolbox. For this reason, I get excited when they release something
Learn how to protect your code from directory traversal in JavaScript by exploiting a vulnerable web server.
Devansh Bordia explores a series of common misconfigurations in AWS Services that lead to security vulnerabilities.
A tour of ProjectDiscovery's less-known public tools, and how to use them by @pry0cc Introduction For those unaware, ProjectDiscovery is a group of talented hackers and creators that have massively disrupted the offensive tooling industry by creating tooling that genuinely makes the lives of hackers easier. If youāre active
In a lot of major cities in the world, pickpocketing and phone-snatch robberies are very common. Modern smartphones are expensive and easy to sell, and itā¦
Sharing access to social media accounts is a common task for organisations - but itās also a huge cybersecurity risk! In this article we discuss the secure way to share access, and the potential consequences if you donāt.
Secrets leak in CI/CD pipelines routinely. Continuous integration/deployment (CI/CD) workflows typically require developers to provide valid credentials for the third party resources their pipeline interacts with. Want to automatically deploy code changes to an EC2 instance? Provide an AWS access key. Want to deploy an artifact to NPM? Provide an NPM API key.
Introduction Let's start with this: A DNS takeover is not the same as a subdomain takeover. Subdomain takeovers are old news. Hackers who caught onto them early made busloads of bounties by automating their detection and exploitation. They're still out there, but competition is fierce. Crafty hackers built bots that
One of the key trends in information security over the last decade has been the proliferation of the concept that monitoring an organizationās externalā¦
While WordPress core is well-tested and widely used, it allows plugins to be installed. Those plugins can be developed by, well, anyone! They enable many significant enhancements to the core platform but also have the potential to compromise the security of the entire website, even when they are not
Security is a crucial factor for both small and large enterprises. This has led to the evolution of DevOps into DevSecOps, which integrates security at an internal level. As we have discussed in previous blogs, it is important to implement security within your DevOps cycle to ensure that it becomes
Python is a pretty common choice for a lot of security specialists developing tooling due to its elegant syntax and a huge library of handy modules,ā¦
A step-by-step guide on how to hack a web application from an ethical hacker so your security team can better learn what threats to consider.
Bug Bounty Automation is the key to success for many expert bug bounty hunters including Hakluke. He walks through how he does it.
Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
Why security defenders need an EASM solution that combines policy control, vulnerability detection, and a crowdsource element going forward
Before busting out your arsenal of tools to rip a website apart, it can be really useful to just go back to basics and start by simply making a request toā¦
Learn how to create SQL queries securely and avoid SQL injection attempts by malicious third parties.
SSRF vulnerabilities aren't a new threat vector but they're often misunderstood. Here are details about what it is and where it can be found.
Author: Luke (@hakluke) Stephens It always blows me away to think that WordPress runs 43% of all websites, including those without a content management system (CMS) š¤Æ. A single open source project is responsible for such a huge part of the internet! It's interesting to think about what might happ
Introduction In today's digital world, online security is more important than ever. As we rely increasingly on the internet, we must have a way to keep our communications private and secure. That's where SSL and TLS come in. SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are like secret
Taking a little break from our regular OSINT-themed posts, we wanted to mix it up a little this time and talk about the power of OSINT through a littleā¦
Learn how to protect your code from server-side request forgery (SSRF) attacks by exploiting a vulnerable web app as part of this Snyk Learn tutorial.
We recently published a bunch of posts about the top 5 APIs for Threat Intelligence, Attack Surface Monitoring, Security Assessments and Peopleā¦
This is the ultimate list of resources for beginner hackers from Hakluke which includes the best blogs, influencers, youtube channels, etc.
Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
Learn how a cross site request forgery (CSRF) attack works, and how to detect and fix it with real-world examples from security experts.
Meet Hakluke. He's been nominated by the Detectify network as a Hacker Hero. He gives his tips for both Red and Blue teams.
Learn how to protect your applications against malicious code injection by exploiting a vulnerable web app as part of this Snyk Learn lesson.
Introduction In this article, weāre going to walk through hacking together a simple attack surface monitoring platform by using ProjectDiscovery tools, bash, and flask. We will also be using MongoDB & Redis for scan data and scan queues. This tool was written for the pure purpose of this article, if
Hack with 'Goodfaith' : A new tool that is intended to help hackers avoid generating traffic against out-of-scope targets and stay in scope.Ā
Intel 471 empowers cybersecurity teams worldwide to be proactive with its TITAN platform and comprehensive coverage into the criminal underground.
My name is Jude, Iām a Security Analyst working with a Security Operations Center (SOC) team based in Australia. Outside of the usual SOC tasks (alertā¦
Millions of businesses use Stripeās payment processing platform everyday to handle sensitive credit card transactions. But what could happen if a Stripe API key is leaked (or stolen)?
Letās explore four big questions that are solved by having a comprehensive External Attack Surface Management (EASM) program in place.
Author: Luke Stephens Like any system, there are many ways to break into a WordPress installation, to name a few: Exploiting an out of date, vulnerable WordPress coreExploting vulnerable plugins or themesMan-in-the-middle attacksSocial engineering One of the most common ways to break into
My name is Jude, Iām a Security Analyst working with a Security Operations Center (SOC) team based in Australia. Outside of the usual SOC tasks (alertā¦
Why did more GCP (Google Cloud Platform) keys leak onto GitHub in 2022 than any other key type? The answer is perhaps unsurprisingly related to the ebb and flow of cryptocurrency mining, and its relative popularity in 2022.
Learn how broken access control exploits work with a step-by-step tutorial, as well as how to mitigate and defend against them with access control settings.
If youāre one of the thousands of people getting started in Information Security, Cyber Security or Private Investigation, you have probably already heardā¦
A tour of ProjectDiscovery's less-known public tools, and how to use them by @pry0cc Introduction For those unaware, ProjectDiscovery is a group of talented hackers and creators that have massively disrupted the offensive tooling industry by creating tooling that genuinely makes the lives of hackers easier. If youāre active
If youāve been following these blogs, youāll see that in the last article, we hacked together a basic attack surface monitoring platform using projectdiscovery tools. Using some of those basic building blocks, weāre going to build a basic historical DNS bot that will continuously enumerate domains and
It is critical that an organisation secures all of their assets along their entire software supply chain. For instance, in a DevOps lifecycle, as a developer, ensuring the security and stability of your code is crucial. One effective way to do this is by implementing automated security testing as part
This is the ultimate list of resources for beginner hackers from Hakluke which includes the best blogs, influencers, youtube channels, etc.
Detectify Crowdsource is not your average bug bounty platform. Itās an invite-only community of the best ethical hackers who are passionate about securing modern technologies ...
5 fundamental techniques that are used for bypassing WAFs with XSS payloads. An excellent resource for hackers, but also a warning to developers: a WAF is not enough to thwart exploitation of a web application.
Author: Devansh Bordia WordPress is the world's most popular content management platform, used on 45% of websites. This also makes it an attractive target for malicious attackers! In 2021, more than 1.5 million WordPress websites were compromised. In this article, we will cover many ways that
TL/DR: Crowdsource hacker Luke āhaklukeā StephensĀ documents a tool for discovering the origin host behind a reverse proxy which is useful for bypassing WAFs and other ...
My name is Jude, Iām a Security Analyst working with a Security Operations Center (SOC) team based in Australia. Outside of the usual SOC tasks (alertā¦
Crowdsource hackers HaklukeĀ andĀ Farah Hawa share the top web vulnerabilities that are often missed during security testing. When hunting for bugs, especially on competitive bug bounty ...
One of the biggest cybersecurity risks to organisations today is not knowing what assets they have online, and the solution is having a good Attack Surface Management (ASM) program! Itās about more than just discovering assets.
Penetration testing is a great way to improve the security of your org. Much of the testās value will be determined by your readiness. Hereās how to prepare.
One of the biggest cybersecurity risks to organisations today is not knowing what assets they have online, and the solution is having a good Attack Surface Management (ASM) program! Itās about more than just discovering assets.
From business logic vulnerabilities to server-side request forgery, ethical hacker details how you can hack web applications in simple steps
Author: Duncan Jepson 22% of compromised WordPress websites occurred via vulnerabilities in their installed plugins. This was a staggering statistic to me when I first heard it. Because of this, I decided to take a bit of a dive into researching WordPress plugins and their vulnerabilities
Learn how DOM based XSS exploits work, and how to mitigate and remediate the vulnerability with step-by-step interactive tutorials from security experts.