Florian WalterSubdomain Takeover: What is It? How to Exploit? How to Find Them?In this article, we shed light on Subdomain Takeovers and discuss 3 things:5 min read·4 days ago----
Florian WalterHow Secure is Java’s SecureProcessing?If you’ve ever worked with secure XML parsing in Java (to prevent XXE Injections), you probably have come across an XML parser flag named…3 min read·Mar 16, 2024----
Florian WalterFound a Vulnerability? 3 Easy Steps to Submitting a CVE!In my recent post, I talked about the methodology that I used to find most of my 25 CVEs (you can find this article here…5 min read·Feb 26, 2024--1--1
Florian WalterThe Easiest Way to Find CVEs at the Moment? GitHub Dorks!In this article, I will demonstrate how I used GitHub dorks to find 24 vulnerabilities in popular open-source projects in just a few weeks…7 min read·Feb 8, 2024--4--4
Florian WalterHow I Became an Ethical HackerPeople often ask me (they actually do! 😃) how they can break into the field of cybersecurity (and, particularly, ethical hacking). I…7 min read·Dec 10, 2023----
Florian WalterPredicting a “Random” NumberHave you ever looked at a code snippet that creates for example a password reset token or something, uses a non-cryptographically secure…4 min read·Nov 28, 2023----
Florian WalterAI vs. Human: Who is the better Vulnerability Researcher? 🧠🤖In the evolving landscape of cybersecurity, the rise of AI tools like ChatGPT has opened new horizons in code analysis and vulnerability…3 min read·Nov 7, 2023----
Florian WalterDeserialization: What the Heck *Actually* Is a Gadget Chain?So if you’ve been in the security space these past couple of years, there probably is one attack that you heard over and over again…7 min read·Nov 3, 2023----
Florian WalterBruteforcing Files and Directories is Easy... Right?Well, yeah, it is. You just provide a URL and a wordlist, feed it into a tool like gobuster or ffuf, and wait for the results. You may try…6 min read·Sep 21, 2023--2--2