NGINX: misconfigurations examples
KacperSzurekEN
NGINX: misconfigurations examples
6:48
Kallithea - exploit git clone functionality
KacperSzurekEN
Kallithea - exploit git clone functionality
4:44
PHP PHAR - file_exists can be dangerous
KacperSzurekEN
PHP PHAR - file_exists can be dangerous
4:14
SSH: How to login into multiple servers?
KacperSzurekEN
SSH: How to login into multiple servers?
4:08
Spring Boot Actuator - security point of view
KacperSzurekEN
Spring Boot Actuator - security point of view
3:36
How to check account type using Burp Suite?
KacperSzurekEN
How to check account type using Burp Suite?
4:50
How to handle session expiration in BURP with macros?
KacperSzurekEN
How to handle session expiration in BURP with macros?
2:55
[BURP] 12 tricks for Burp Repeater
KacperSzurekEN
[BURP] 12 tricks for Burp Repeater
4:16
XSS Polyglot
KacperSzurekEN
XSS Polyglot
6:01
postMessage: exchange data between different domains
KacperSzurekEN
postMessage: exchange data between different domains
3:45
Cross-Site Websocket Hijacking
KacperSzurekEN
Cross-Site Websocket Hijacking
5:48
Don't use assert in PHP
KacperSzurekEN
Don't use assert in PHP
9:03
Clickjacking: how to delete someone else's account?
KacperSzurekEN
Clickjacking: how to delete someone else's account?
4:42
Open redirection: can automatic redirection be harmful?
KacperSzurekEN
Open redirection: can automatic redirection be harmful?
4:12
RFD: Reflected File Download
KacperSzurekEN
RFD: Reflected File Download
3:41
Excel: CSV Injection
KacperSzurekEN
Excel: CSV Injection
3:00
Angular: XSS without HTML tags
KacperSzurekEN
Angular: XSS without HTML tags
3:43
Python: XSS using SVG file
KacperSzurekEN
Python: XSS using SVG file
3:42
PHP: escapeshellcmd vs escapeshellarg
KacperSzurekEN
PHP: escapeshellcmd vs escapeshellarg
3:16
Java: Random vs SecureRandom
KacperSzurekEN
Java: Random vs SecureRandom
3:22
YAML: code execution using !!python/object
KacperSzurekEN
YAML: code execution using !!python/object
2:46
Python SSTI: Attack Flask framework using Jinja2 template engine
KacperSzurekEN
Python SSTI: Attack Flask framework using Jinja2 template engine
3:20
PHP: Bypass filters using less-than sign
KacperSzurekEN
PHP: Bypass filters using less-than sign
3:21
Unzip: how to properly extract files? Symlinks and zip
KacperSzurekEN
Unzip: how to properly extract files? Symlinks and zip
3:08
Java XXE: Read secret files when parsing XML files
KacperSzurekEN
Java XXE: Read secret files when parsing XML files
3:05
Ruby: execute command using URL in open() function
KacperSzurekEN
Ruby: execute command using URL in open() function
2:58
Python 2: Why you shouldn’t use input function
KacperSzurekEN
Python 2: Why you shouldn’t use input function
2:41
Best Black Hat 2018 and DEF CON 26 presentations - summary #2
KacperSzurekEN
Best Black Hat 2018 and DEF CON 26 presentations - summary #2
6:37
How to create a Metasploit module in example
KacperSzurekEN
How to create a Metasploit module in example
7:06
4 common Node.js security issues inside NPM
KacperSzurekEN
4 common Node.js security issues inside NPM
11:46
Best Black Hat 2018 and DEF CON 26 presentations - summary
KacperSzurekEN
Best Black Hat 2018 and DEF CON 26 presentations - summary
8:20
Steal messages from Signal using RCE, CVE-2018-10994 explanation
KacperSzurekEN
Steal messages from Signal using RCE, CVE-2018-10994 explanation
11:28
Race condition and git hooks vs Gitea server
KacperSzurekEN
Race condition and git hooks vs Gitea server
8:56
How does Two-Factor Authentication - 2FA work?
KacperSzurekEN
How does Two-Factor Authentication - 2FA work?
14:04