Florian WalterSubdomain Takeover: What is It? How to Exploit? How to Find Them?In this article, we shed light on Subdomain Takeovers and discuss 3 things:May 15May 15
Florian WalterHow Secure is Java’s SecureProcessing?If you’ve ever worked with secure XML parsing in Java (to prevent XXE Injections), you probably have come across an XML parser flag named…Mar 16Mar 16
Florian WalterFound a Vulnerability? 3 Easy Steps to Submitting a CVE!In my recent post, I talked about the methodology that I used to find most of my 25 CVEs (you can find this article here…Feb 261Feb 261
Florian WalterThe Easiest Way to Find CVEs at the Moment? GitHub Dorks!In this article, I will demonstrate how I used GitHub dorks to find 24 vulnerabilities in popular open-source projects in just a few weeks…Feb 84Feb 84
Florian WalterHow I Became an Ethical HackerPeople often ask me (they actually do! 😃) how they can break into the field of cybersecurity (and, particularly, ethical hacking). I…Dec 10, 20231Dec 10, 20231
Florian WalterPredicting a “Random” NumberHave you ever looked at a code snippet that creates for example a password reset token or something, uses a non-cryptographically secure…Nov 28, 2023Nov 28, 2023
Florian WalterAI vs. Human: Who is the better Vulnerability Researcher? 🧠🤖In the evolving landscape of cybersecurity, the rise of AI tools like ChatGPT has opened new horizons in code analysis and vulnerability…Nov 7, 2023Nov 7, 2023
Florian WalterDeserialization: What the Heck *Actually* Is a Gadget Chain?So if you’ve been in the security space these past couple of years, there probably is one attack that you heard over and over again…Nov 3, 2023Nov 3, 2023
Florian WalterBruteforcing Files and Directories is Easy... Right?Well, yeah, it is. You just provide a URL and a wordlist, feed it into a tool like gobuster or ffuf, and wait for the results. You may try…Sep 21, 20232Sep 21, 20232