DevGPT’s Post

Finding subdomain takeover vulnerabilities in your DNS configuration doesn't have to be a manual process. Check out dnsReaper over on our Github (https://lnkd.in/e-39S78D) or as a Docker image on Dockerhub (https://lnkd.in/e2YW4vXE).

Adding a simple feature can save millions of customers from vulnerabilities or remind them about the update. Consider a situation when a critical vulnerability is found in an application or CLI and the team releases a patch to fix it. Still, you are unaware of that release because you didn't get a notification to update it or missed the email, and you are continuing to use the outdated version in your work. In the end, the result you know very well :) Writing an API that monitors the latest release of an application is not an efficient way. Here is a small and impactable fix: https://lnkd.in/ga56cq5n Connect: https://lnkd.in/gR5TPCPy #OpenSource #RealEngineering

Disclosing a local file inclusion vulnerability in xmlhttprequest library https://lnkd.in/dXRFq6UX From an HTTP request library to a Local File Inclusion security vulnerability No CVE, because... "by design" 😅

Disclosing a local file inclusion vulnerability in xmlhttprequest library https://lnkd.in/dXRFq6UX From an HTTP request library to a Local File Inclusion security vulnerability No CVE, because... "by design" 😅

Learning about the power of Burp Suite and how to utilize it to find and exploit web vulnerabilities

Just finished learning about the basics of Broken Access Control at TryHackMe, for Web Application Security (specifically IDOR - Insecure Direct Object Reference) one of the top 10 listed vulnerabilities by OWASP.

Bug Bounty Tip Check your uploaded files for XSS vulnerabilities. Filenames can contain HTML tags on Unix-based systems. In most cases, you should manually edit the filename when the file is uploaded (e.g., using Burp Suite). report<img src onerror=alert(1)>.csv Cheers!

🔐 New Write-up Alert! 📝 Excited to share my latest insights on "Securing Web Applications: Exploring File Upload Vulnerabilities" from my recent work with PortSwigger Labs. 🌐💻 Explore practical strategies for identifying and mitigating file upload vulnerabilities to enhance web application security. Whether you're diving into cybersecurity or looking to strengthen your defenses, this write-up provides actionable insights. Let's continue the conversation on securing our digital landscapes! 🛡️💬 #Cybersecurity #WebApplicationSecurity #FileUploadVulnerabilities #PortSwiggerLabs #InfoSec #EthicalHacking #WebSecurity #LinkedInPost

Bug Bounty Tip: Stored XSS using uploaded file name #bugbounty #bugbountytips #hacking #ethicalhacking #redteaming #penetrationtesting #pentest #redteaming #redteam #cybersecurity #cybersec

As a web developer always watch for XSS or Vulnerability on the website you are building. Always have the thought that the code is vulnerable and it can't lead to a big issue for the company or brand. As a developer or a tech company make sure you have a penetration tester as friend or you find one that will help you look out for bug. GMTsoftware Adefemi Oluwaseun (Whoami) ... #bugbounty #bugbountytips