Sometimes we’re solving some challenges with friends like "Intigriti Monthly Challenges", do you guys have any other alternatives? I like this concept but Intigriti is monthly and others are not updated, solving them is fun, but … Continue reading Alternative Monthly Challenges→
In September 2023, Google Chrome will stop showing the lock icon when a site loads over HTTPS, partly due to the now ubiquitous use of the protocol. The misunderstood Lock icon It took many years, but the unceasing push by Google, other browser makers … Continue reading Google Chrome will lose the “lock” icon for HTTPS-secured sites→
I am logged in to my banking site and I see this kind of form POST data in the Developer tools of Chrome:
accountNo: removed for security reason
branchCode: removed for security reason
fromDate: U2FsdGVkX1+73zpLsKOLUO+go3Ft2z9qV+rvOGEfcnk=… Continue reading Banking site POST data obfuscated. Why?→
I have a website that I opened two years ago. My website got hacked a lot a year ago and as a result it crashed. I put my website back online a year ago, but in the last year too many cyber attacks have been targeting my website.
Now I hav… Continue reading Safely sell website [migrated]→
I have found out that in most browsers the following code won’t execute:
But the same code without blank will.
My question is, is it possible to exploit an XSS in… Continue reading XSS in a href with target=_blank→
I stumbled across suspicious file download behaviour from a site, but I am perplexed as to how it worked.
Search for the company name
On the list of results, click the company’s link
Instead of being directed to their web… Continue reading Malware delivered when clicking a Google Search link, but only on Windows→
I had an issue with woocommerce.
A user completed a purchase having the product in his cart after one year (Yes One Year), and bought at a different price, how is that possible?
I understand that Woocommerce limits the time to 48 hours. An… Continue reading Woocommerce cart dwell time [migrated]→
Let’s say I have 2 SPAs (single page applications), SPA A and SPA B.
I want to share data between the 2 applications for an end-to-end flow.
How can I safely share data such that it would not be susceptible to a MITM attack. Even if the da… Continue reading How to safely share data between 2 SPAs?→
Cybersecurity is such a complex field that even the best-trained, best-equipped, and most experienced security managers will sometimes struggle to decide which of several paths to take. Let’s consider uncategorized web traffic, for instance. I define t… Continue reading Known unknowns: Refining your approach to uncategorized web traffic→
When I try to enter my website from direct link everything is normal, but when I enter it from the website button on my page on google maps, it shows nudity ads once I click on buttons on website.
My website link is : electricienautosfmj.c… Continue reading Website shows nudity ads when entring it from google my business button? What could be the problem [duplicate]→