Mastodawn

https://0ut3r.space/2026/03/29/defectdojo/ #defectdojo #vulnerabilitymanagement #pentesting #security #podman #reporting #0ut3rSpace

DefectDojo – Setup, Workflow and Real Usage

I was looking for something to keep findings, scan results, and reports in one place instead of dumping everything into a notebook. For pure bug bounty work, I still think a normal notes app such as O

0ut3r Space

Rubén Santos García 1d ago

OAuth account takeover doesn't need leaked tokens. No state param = CSRF to forced account linking. Loose redirect_uri matching = code theft via open redirect chains. Implicit flow puts tokens in browser history and Referer headers. PKCE bypass when not enforced server-side. SSRF via OpenID dynamic client registration. Six patterns, all with labs. https://www.kayssel.com/newsletter/issue-43/ #OAuth #BugBounty #Pentesting #websecurity #Offsec #InfoSec

OAuth 2.0: Six Ways the Authorization Flow Breaks

Missing state CSRF, redirect_uri hijacking, open redirect code theft, implicit flow token leakage, PKCE bypass, and SSRF via OpenID dynamic client registration

Kayssel

opensourcefeed 1d ago

Kali Linux 2026.1 is out — the first release of the year.

What's new:
- 2026 theme refresh — boot, installer, login, wallpapers
- BackTrack mode in kali-undercover (BackTrack turns 20!)
- 8 new tools: AdaptixC2, MetasploitMCP, XSStrike, WPProbe, GEF & more
- Kernel bumped to 6.18
- NetHunter fixes + QCACLD-3.0 injection patch

⚠️ SDR tools (GNU Radio ecosystem) are broken this release.

https://www.opensourcefeed.org/kali-linux-2026-1-release/

#KaliLinux #Linux #FOSS #PenTesting #NetHunter

dan_nanni 2d ago

If you are interested in hacking, privacy, or the real-world events shaping today’s connected systems, these cybersecurity documentaries are worth watching 😎👇

Find high-res pdf ebooks with all my cybersecurity related infographics at https://study-notes.org

#cybersecurity #hacking #infosec #ethicalhacker #pentesting

Seasia Infotech 3d ago

Build Resilient Systems with Zero Trust Architecture

Seasia helps organisations implement zero trust architecture with robust penetration testing services to eliminate security gaps. Enhance your Zero Trust security posture and protect critical systems with continuous validation and monitoring.
🔗 https://www.seasiainfotech.com/penetration-testing-services

#ZeroTrust #CyberDefense #PenTesting #CloudSecurity #SecurityArchitecture #DigitalSecurity

RootShell 3d ago

From pentesting tips to cloud defense, today’s curated cyber playlist has it all. 🎥 https://www.youtube.com/playlist?list=PLXqx05yil_mdK9Q5RBtPutDXfADoEJHhC
#PenTesting #AppSec #CyberSecurity #ThreatIntelligence #IncidentResponse

260326 rootshell.online

YouTube

Marcel SIneM(S)US 4d ago

Da werde ich wohl ein Update durchführen 😜

#KaliLinux 2026.1 bringt neue Tools mit und erstrahlt in neuer oder Retro-Optik | Security https://www.heise.de/news/Kali-Linux-2026-1-bringt-neue-Tools-mit-und-erstrahlt-in-neuer-oder-Retro-Optik-11223739.html #Linux #PenTest #PenTesting #PenetrationTesting

Kali Linux 2026.1 bringt neue Tools mit und erstrahlt in neuer oder Retro-Optik

Die Linux-Distribution für Sicherheitsforscher Kali Linux 2026.1 ist erschienen. Sie bringt neue Tools mit und zollt Tribut für den Vorgänger BackTrack Linux.

heise online

ishotjr ✨💙✨💗✨4d ago

RE: https://chaos.social/@alexglow/116290732583697250

Going #live with @alexglow in about two hours! In #DayGlow Episode 9, we will be #hacking on Pocket #PenTesting Platforms, including the #DevKitty #CutieCat, the #FlipperZero, the #M5Stack #Cardputer, and the #LILYGO T-embed. Alex Lynd from DevKitty will also be giving away a free CutieCat to one lucky winner! Join the chaos at 3pm Eastern! 🤘🐬🤘

https://www.youtube.com/watch?v=M9a5mjuKl4c