An awesome wordlist repo added to TreeHouse Wordlists! Yay!
Category: Web Application Pen Testing
STOP USING DEFAULT PASSWORDS
A large trove of default username and passwords for all kinds of products!
Interested in XXE?
XXE is an awesome web application attack vector. Here is a great recommended short course on the subject!
A great example of one of my favorite cyber-attack types
Some commentary on a supply chain attack recently discovered and disclosed!
The best list for API Offensive and Defensive Security!
A MUST have for anyone who is experienced or new to API/Web Application penetration testing.
Web App Pen Test against SalesForce
First step in a web application penetration test against SalesForce.
Burp Extension for Adobe Web Apps; Sign me up
This is a must-have Burp Suite Extension for when you're testing Adobe (AEM) web applications. Use this first, then run aem_hacker to double check!
Interesting Wordlist Added to TreeHouse Wordlists
Still working on TreeHouse Wordlists. Found a super interesting resource, called DomainsProject. Check it out!!
ALL THINGS SSRF
Whether you're a Bug Bounty Hunter, Penetration Tester, Student, Researcher, CTF Player or all of the above, this knowledge about SSRF's certainly can't hurt.
Under Utilized Tools/Resources #80
A extensive "new" XSS wordlist! Grab it now while it's hot for your next web app pen test!