I work on #OpenPubkey which adds user-held public keys into OpenID Connect without breaking compatibility. This means users can create digital signatures on the web that are associated with their ID Tokens. Happy to answer any questions about it
#OIDC #JSON #JWS #websec
github.com/openpubkey/o...
#OIDC #JSON #JWS #websec
github.com/openpubkey/o...
December 29, 2023 at 2:03 AM
I work on #OpenPubkey which adds user-held public keys into OpenID Connect without breaking compatibility. This means users can create digital signatures on the web that are associated with their ID Tokens. Happy to answer any questions about it
#OIDC #JSON #JWS #websec
github.com/openpubkey/o...
#OIDC #JSON #JWS #websec
github.com/openpubkey/o...
Web Security Interview Answers
In-depth (very detailed) answers for websec interview questions by twitter.com/tib3rius : tib3rius.com/interview-qu...
XSS
Blind SQL Injections
Firewall bypass
Payloads
Vertical Access Control
Password reset flow
and more.
github.com/x1trap/webse...
In-depth (very detailed) answers for websec interview questions by twitter.com/tib3rius : tib3rius.com/interview-qu...
XSS
Blind SQL Injections
Firewall bypass
Payloads
Vertical Access Control
Password reset flow
and more.
github.com/x1trap/webse...
November 1, 2023 at 12:48 AM
Web Security Interview Answers
In-depth (very detailed) answers for websec interview questions by twitter.com/tib3rius : tib3rius.com/interview-qu...
XSS
Blind SQL Injections
Firewall bypass
Payloads
Vertical Access Control
Password reset flow
and more.
github.com/x1trap/webse...
In-depth (very detailed) answers for websec interview questions by twitter.com/tib3rius : tib3rius.com/interview-qu...
XSS
Blind SQL Injections
Firewall bypass
Payloads
Vertical Access Control
Password reset flow
and more.
github.com/x1trap/webse...
🚨 Alert: New Hacktivist Alliance 🚨
WEBSEC and INTEID have officially announced a new alliance. They have recently been targeting Israel, Ukraine, Germany, Kosovo, Singapore, China, Belgium, Denmark.
WEBSEC and INTEID have officially announced a new alliance. They have recently been targeting Israel, Ukraine, Germany, Kosovo, Singapore, China, Belgium, Denmark.
April 23, 2025 at 2:46 PM
🚨 Alert: New Hacktivist Alliance 🚨
WEBSEC and INTEID have officially announced a new alliance. They have recently been targeting Israel, Ukraine, Germany, Kosovo, Singapore, China, Belgium, Denmark.
WEBSEC and INTEID have officially announced a new alliance. They have recently been targeting Israel, Ukraine, Germany, Kosovo, Singapore, China, Belgium, Denmark.
Time to make some smart introductory websec post here, no? I guess all I have is:
Hello world, good bye XSS?
Hello world, good bye XSS?
November 17, 2024 at 12:38 PM
Time to make some smart introductory websec post here, no? I guess all I have is:
Hello world, good bye XSS?
Hello world, good bye XSS?
🚨 Deadline Extended 🚨
By popular demand, the #MADWeb submission deadline is now January 14, 2025 (AoE)! 🗓️
You still have 1 week to send your papers and join us in San Diego!
📜 Submit here: madweb25.hotcrp.com
🔗 Details: madweb.work
Spread the word!
#websec #cfp #ndss
By popular demand, the #MADWeb submission deadline is now January 14, 2025 (AoE)! 🗓️
You still have 1 week to send your papers and join us in San Diego!
📜 Submit here: madweb25.hotcrp.com
🔗 Details: madweb.work
Spread the word!
#websec #cfp #ndss
MADWeb 2025
madweb25.hotcrp.com
January 8, 2025 at 3:43 PM
🚨 Deadline Extended 🚨
By popular demand, the #MADWeb submission deadline is now January 14, 2025 (AoE)! 🗓️
You still have 1 week to send your papers and join us in San Diego!
📜 Submit here: madweb25.hotcrp.com
🔗 Details: madweb.work
Spread the word!
#websec #cfp #ndss
By popular demand, the #MADWeb submission deadline is now January 14, 2025 (AoE)! 🗓️
You still have 1 week to send your papers and join us in San Diego!
📜 Submit here: madweb25.hotcrp.com
🔗 Details: madweb.work
Spread the word!
#websec #cfp #ndss
Ultimate Bug Bounty Full Course 2025 - Hunt Security Flaws & Earn Like a Hacker - Learn Bug Bounty
twuai.com/fp/UCaXkG09M...
#bugbounty #bughunters #hacking #xss #SQLi #websec #cybersec #ethicalhacking #whitehat #halloffame
twuai.com/fp/UCaXkG09M...
#bugbounty #bughunters #hacking #xss #SQLi #websec #cybersec #ethicalhacking #whitehat #halloffame
Ultimate Bug Bounty Full Course 2025 - Hunt Security Flaws & Earn Like a Hacker - Learn Bug Bounty
#Ultimate_Bug Bounty_Full_Course_2025 #Hunt_Security_Flaws_&_Earn_Like_a_Hacker #Learn_Bug_Bounty
Become a Successful Bug Bounty Hunter — Start Earning in 2024
Want to break into bug bounty hunti...
twuai.com
October 6, 2025 at 4:19 AM
Ultimate Bug Bounty Full Course 2025 - Hunt Security Flaws & Earn Like a Hacker - Learn Bug Bounty
twuai.com/fp/UCaXkG09M...
#bugbounty #bughunters #hacking #xss #SQLi #websec #cybersec #ethicalhacking #whitehat #halloffame
twuai.com/fp/UCaXkG09M...
#bugbounty #bughunters #hacking #xss #SQLi #websec #cybersec #ethicalhacking #whitehat #halloffame
Latest #Phishing trend we are tracking: A spike in codeless phishing pages created using webflow
#infosec #websec #sase
www.netskope.com/blog/attacke...
#infosec #websec #sase
www.netskope.com/blog/attacke...
Attackers Target Crypto Wallets Using Codeless Webflow Phishing Pages
Summary From April to September 2024, Netskope Threat Labs tracked a 10-fold increase in traffic to phishing pages crafted through Webflow. The campaigns
www.netskope.com
October 23, 2024 at 2:59 PM
Latest #Phishing trend we are tracking: A spike in codeless phishing pages created using webflow
#infosec #websec #sase
www.netskope.com/blog/attacke...
#infosec #websec #sase
www.netskope.com/blog/attacke...
TIL As soon as you resp. your nameserver publish a new domain to DNS, the bots are coming. Immediately! Scanning for accessible configs etc. So you better not have a misconfigured webserver running for dev purposes. Never assume: No one knows the domain. #crowdsec #websec
August 30, 2025 at 10:49 AM
Currently figuring out how to lure some internet weirdos in for the ride of a lifetime lol.
You catch a couple and it's like, Woah.
#CyberSecurity #OSINT #BotDetection #Cloudflare #Firebase #DigitalForensics #Honeypot #WebSec
You catch a couple and it's like, Woah.
#CyberSecurity #OSINT #BotDetection #Cloudflare #Firebase #DigitalForensics #Honeypot #WebSec
August 10, 2025 at 6:26 PM
Currently figuring out how to lure some internet weirdos in for the ride of a lifetime lol.
You catch a couple and it's like, Woah.
#CyberSecurity #OSINT #BotDetection #Cloudflare #Firebase #DigitalForensics #Honeypot #WebSec
You catch a couple and it's like, Woah.
#CyberSecurity #OSINT #BotDetection #Cloudflare #Firebase #DigitalForensics #Honeypot #WebSec
I wrote a post on my personal blog giving a solution to the 0.CL lab together with the the experience I had. An opportunity to say thank you to @albinowax.bsky.social and to @portswigger.net for the great research and for the fun in the academy!
#websec
poeticalhacking.net/blog/posts/0...
#websec
poeticalhacking.net/blog/posts/0...
0.CL
The story of solving the 0.CL lab of the PortSwigger Web Security Academy
poeticalhacking.net
August 28, 2025 at 4:15 PM
I wrote a post on my personal blog giving a solution to the 0.CL lab together with the the experience I had. An opportunity to say thank you to @albinowax.bsky.social and to @portswigger.net for the great research and for the fun in the academy!
#websec
poeticalhacking.net/blog/posts/0...
#websec
poeticalhacking.net/blog/posts/0...
Finaly completed the Bug Bounty Hunter on #hackthebox
Took me far longer than expected. Okay... because I was a lazy fuck :D
However, a great path which I really enjoyed!
#hacking #itsec #websec
Took me far longer than expected. Okay... because I was a lazy fuck :D
However, a great path which I really enjoyed!
#hacking #itsec #websec
February 12, 2025 at 8:25 PM
Finaly completed the Bug Bounty Hunter on #hackthebox
Took me far longer than expected. Okay... because I was a lazy fuck :D
However, a great path which I really enjoyed!
#hacking #itsec #websec
Took me far longer than expected. Okay... because I was a lazy fuck :D
However, a great path which I really enjoyed!
#hacking #itsec #websec
A research on how frame busting can prevent clickjacking. http://seclab.stanford.edu/websec/framebusting/index.php
February 11, 2024 at 12:39 AM
A research on how frame busting can prevent clickjacking. http://seclab.stanford.edu/websec/framebusting/index.php
How's my day going, I hear you ask? I discovered a new authenticator app, which is so good I'm now going back through all of my online accounts which does not have 2-Factor Authentication set up.
I feel like the WebSec king today!
#websec
I feel like the WebSec king today!
#websec
August 29, 2024 at 11:23 AM
How's my day going, I hear you ask? I discovered a new authenticator app, which is so good I'm now going back through all of my online accounts which does not have 2-Factor Authentication set up.
I feel like the WebSec king today!
#websec
I feel like the WebSec king today!
#websec
Last week, popular npm linter packages like eslint-config-prettier and eslint-plugin-prettier were hijacked. The compromised versions deployed malware via postinstall scripts, enabling remote control on Windows. Make sure you audit! www.bleepingcomputer.com/news/securit...
#npm #JavaScript #WebSec
#npm #JavaScript #WebSec
Popular npm linter packages hijacked via phishing to drop malware
Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and cre...
www.bleepingcomputer.com
July 31, 2025 at 9:12 PM
Last week, popular npm linter packages like eslint-config-prettier and eslint-plugin-prettier were hijacked. The compromised versions deployed malware via postinstall scripts, enabling remote control on Windows. Make sure you audit! www.bleepingcomputer.com/news/securit...
#npm #JavaScript #WebSec
#npm #JavaScript #WebSec
UK businesses, your website security is paramount! 🛡️ Our new article details essential steps to protect your online presence from growing cyber threats & ensure data safety. Don’t risk it! blog.redcentaur.com/go/websec-bsky
#WebsiteSecurity #CyberSecurityUK #UKBiz #DataProtection
#WebsiteSecurity #CyberSecurityUK #UKBiz #DataProtection
Website security: Protecting your UK business online
Protect your UK business online. Learn essential website security measures, safeguard sensitive data, and respond to breaches effectively.
blog.redcentaur.com
June 18, 2025 at 8:07 AM
UK businesses, your website security is paramount! 🛡️ Our new article details essential steps to protect your online presence from growing cyber threats & ensure data safety. Don’t risk it! blog.redcentaur.com/go/websec-bsky
#WebsiteSecurity #CyberSecurityUK #UKBiz #DataProtection
#WebsiteSecurity #CyberSecurityUK #UKBiz #DataProtection
🚨 Alert: New Hacktivist Alliance 🚨
AnonSec and Websec have officially announced a new alliance. They have recently been targeting India, Israel and Kosovo.
AnonSec and Websec have officially announced a new alliance. They have recently been targeting India, Israel and Kosovo.
April 14, 2025 at 1:41 PM
🚨 Alert: New Hacktivist Alliance 🚨
AnonSec and Websec have officially announced a new alliance. They have recently been targeting India, Israel and Kosovo.
AnonSec and Websec have officially announced a new alliance. They have recently been targeting India, Israel and Kosovo.
Immuniweb checkne nejen websec v celku, ale i zabezpečení SSL jako takového
doménupoháhní #SEO ++
bit.ly/wp-rocket-cz bit.ly/wp-hosting-cz danielberanek.cz
doménupoháhní #SEO ++
bit.ly/wp-rocket-cz bit.ly/wp-hosting-cz danielberanek.cz
December 20, 2024 at 6:05 PM
Immuniweb checkne nejen websec v celku, ale i zabezpečení SSL jako takového
doménupoháhní #SEO ++
bit.ly/wp-rocket-cz bit.ly/wp-hosting-cz danielberanek.cz
doménupoháhní #SEO ++
bit.ly/wp-rocket-cz bit.ly/wp-hosting-cz danielberanek.cz
When you think Click-jacking is a relic of the past, someone comes up with double-click-jacking
Take care guys where you double click.
#itsec #websec #itsecurity #hacking
www.forbes.com/sites/daveyw...
Take care guys where you double click.
#itsec #websec #itsecurity #hacking
www.forbes.com/sites/daveyw...
Don’t Click Twice—New Chrome, Edge, Safari Hack Attack Warning
As a new hack attack has been identified, all web browser users are warned—don’t click twice. Here’s what you need to know.
www.forbes.com
January 5, 2025 at 5:50 PM
When you think Click-jacking is a relic of the past, someone comes up with double-click-jacking
Take care guys where you double click.
#itsec #websec #itsecurity #hacking
www.forbes.com/sites/daveyw...
Take care guys where you double click.
#itsec #websec #itsecurity #hacking
www.forbes.com/sites/daveyw...
Just completed the "Web Attacks" module on Hack The Box. This was a really fun one. Skill assessment wasn't too hard, but still a nice challenge.
Next module: Session Security
#htb #hacking #itsec #websec #ethicalhacking
academy.hackthebox.com/achievement/...
Next module: Session Security
#htb #hacking #itsec #websec #ethicalhacking
academy.hackthebox.com/achievement/...
Completed Web Attacks
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and...
academy.hackthebox.com
January 8, 2025 at 1:47 PM
Just completed the "Web Attacks" module on Hack The Box. This was a really fun one. Skill assessment wasn't too hard, but still a nice challenge.
Next module: Session Security
#htb #hacking #itsec #websec #ethicalhacking
academy.hackthebox.com/achievement/...
Next module: Session Security
#htb #hacking #itsec #websec #ethicalhacking
academy.hackthebox.com/achievement/...
very excited to see post on auto template escaping project on google websec blog! http://bit.ly/15ba4 congrats Mugdha & Jad :)
November 2, 2024 at 4:38 PM
very excited to see post on auto template escaping project on google websec blog! http://bit.ly/15ba4 congrats Mugdha & Jad :)
30 Tips on how to use OSINT for bug hunting
👇Check below👇
#OSINT #privacy #security #cybersec #infosec #penetrationtesting #Bughunting #webappsec #websec #hacking
Check the post in our telegram channel.
t.me/osintambitio...
👇Check below👇
#OSINT #privacy #security #cybersec #infosec #penetrationtesting #Bughunting #webappsec #websec #hacking
Check the post in our telegram channel.
t.me/osintambitio...
THE OSINT AMBITION
30 Tips how to use OSINT for bug hunting:
1. Use Google Dorks to find vulnerabilities in web applications.
2. Use Shodan to find vulnerable IoT devices.
3. Use Whois to find information about domain...
t.me
October 23, 2023 at 2:52 AM
30 Tips on how to use OSINT for bug hunting
👇Check below👇
#OSINT #privacy #security #cybersec #infosec #penetrationtesting #Bughunting #webappsec #websec #hacking
Check the post in our telegram channel.
t.me/osintambitio...
👇Check below👇
#OSINT #privacy #security #cybersec #infosec #penetrationtesting #Bughunting #webappsec #websec #hacking
Check the post in our telegram channel.
t.me/osintambitio...