Live Recon Interview in the Smart Contract Series with ret2jazzy. more

Bypass firewalls with of-CORs and typo-squatting. more | video | repo

2022 was a record-breaking growth year for CVE data. Jerry goes through the data and highlights some of the most interesting data points. more | repo

Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and more. more

The Top 10 web hacking techniques of 2022 nominations are open. more

Intigriti has a new content creator: CryptoCat. more

reconFTW v2.5.1 is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. more

DOMPurify 2.4.3 is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. more

OWASP Vulnerability Management Guide on January 12th. more

First episode of the Critical Thinking Bug Bounty Podcast comes out today (Monday). more

MrTuxracer on his first bug of 2023: A quite crazy authentication bypass affecting a firewall vendor. Keep an eye out for CVE-2023-22620. Keep it up! more

Masonhck357 found his first crit of the year on a 3 year old program. Yessir! more

Valerio Brussani celebrates 2022. Awesome! more

Jason Haddix will be the new CISO and Hacker in Charge at BuddoBot Inc. Let’s go! more

Top 3 things you need to change in 2023 if you’re serious about getting a job in 2023 and more. more

zseano is still having a rough time, dealing with sickness. Feel better soon! more

I_Am_Jakoby is looking to collaborate with content creators in the cyber security field. Anyone interested? more

Alethe had a awful experience with CompTIA. more

Yassine Aboukir is flying out of Bali. Safe travels! more

MrTuxracer shares his Bug Bounty goals for 2023. Crush it! more

Manipulating AES Traffic using a Chain of Proxies and Hardcoded Keys. more

Corben Leo hacked a large company (70k+ employees) through social engineering. Legally of course. more

Leaking Secrets From GitHub Actions: Reading Files And Environment Variables, Intercepting Network/Process Communication, Dumping Memory. more

Why 2022 was a record-breaking year in bug bounty awards for GitLab. more

The Auditooor Grindset. So, you want to become a smart contract auditor. more

Offensive Security & Reverse Engineering (OSRE) course. This is the whole course that was covered at Champlain College during Spring 20/21. more | labs| notes | slides

Adrian on how to become a Web3 Bug Bounty Hunter in 2023. more

The top 20 bug bounty creators according to Intigriti. more

A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources by ARPSyndicate. more

Educational content related to Smart contract auditing and web3 security throughout the 365 days of the year by Sm4rty-1. more

I Hope This Sticks: Analyzing ClipboardEvent Listeners for XSS by spaceraccoon, a NahamCon2022EU talk. more

sec4dev 2022 talk: Scaling AppSec by Clint Gibler. more

HackTheBox - Health - 00:00 - Intro more

Another NahamCon2022EU talk: Hunting for Amazon Cognito Security Misconfigurations by Yassine. more

LevelUpX - Series 13: SPI Flash for Bug Bounty Hunters with Nerdwell. more

Darknet Diaries top 13 most listened to episodes. more

The Privacy, Security, & OSINT Show 287 - Listener Questions, UNREDACTED 5, & OSINT 10. more

Malicious Life - Cyberbunker, Part 1. more

Huberman Lab - Jocko Willink: How to Become Resilient, Forge Your Identity & Lead Others. more

Derek Sivers – How to Live as a Creator and Why You Should Focus Like a Monomaniac. more