Open in app
Sign inGet started
Go to the profile of Xavi Méndez
Xavi Méndez

Abusing AWS cross-account relationships

Introduction

Many Amazon Web Services (AWS) deployments use separate accounts for development, production and other environments. This helps to isolate resources and Identity and Access Management (IAM) users, groups, and…

Read more…
Go to the profile of Xavi Méndez
Xavi Méndez

Wfuzz 2.2.0 released

I’m pleased to announce a new version of WFuzz!

Wfuzz has been created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload.

A payload in Wfuzz is a source of data.

This…

Read more…
Go to the profile of Xavi Méndez
Xavi Méndez

Scan for shellshock with wfuzz

In the last few weeks everyone has been talking about Shellshock, the vulnerability affecting bash and having security ramifications everywhere, from Web, DHCP or SSH servers to mail servers. It does not have any sense to extend this post trying to rehash what this…

Read more…
Go to the profile of Xavi Méndez
Xavi Méndez

Wfuzz 2.1 released !

I’m pleased to announce a new version of WFuzz!

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc.), bruteforce GET and POST parameters for checking different kind of injections, bruteforce forms…

Read more…
About Edge-SecurityLatest StoriesArchiveAbout MediumTermsPrivacyTeams