shubs
@infosec_au
Co-founder, security researcher. Building an attack surface management platform, @assetnote
ID: 1674598830
https://assetnote.io 16-08-2013 02:55:36
4,4K Tweet
51,51K Takipçi
1,1K Takip Edilen
If you're in Melbourne and interested in our recent ServiceNow disclosure, my very talented colleague hashkitten is presenting at Ruxmon on the 26th of July: meetup.com/en-AU/ruxmon/e…
Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! blog.orange.tw/2024/08/confus… Highlights include: ⚡ Escaping from DocumentRoot to System Root ⚡ Bypassing built-in ACL/Auth with just a '?' ⚡ Turning XSS into RCE with legacy code
Super excited to be dropping “Surfacing Security” today, a new podcast from Assetnote. My co-host Michael and I dive deep into Attack Surface Management topics and beyond! Spotify: open.spotify.com/show/3zyCwP4S6… Apple Podcasts: podcasts.apple.com/us/podcast/sur… Youtube: youtube.com/playlist?list=…
In my fwd:cloudsec presentation on Getting into AWS Security Research as a N00bcake, I challenged folks to just go try it and publish the results. It took a little longer than a week but Sid did it, and the results are pretty awesome. plerion.com/blog/your-queu…
I had so much fun recording this ep. My requirement was for Justin Gardner not to see the slides prior so what you see in the video are his genuine reactions as they happen live, from WTF to FOMO to "why did I not think of this before". Enjoy!
later this month on the 27th of september, Michael Gianarakis and I are going to be demonstrating DNS poisoning related attacks across 30m+ domains at BSides Canberra. we will release a blog post alongside. I promise it doesn’t have any crazy preconditions and it has real impact :)