Black Hat EU 2021 - Picking Lockfiles: Attacking and Defending Your Supply Chain.

Write plain text files: Reliable, flexible, portable, independent, and long-lasting. Plain text files will be readable by future generations, hundreds of years from now.

Pwning a Server using Markdown: Hashnode is a blogging platform for developers where you can host your blogs for free with your custom domains. This is packed with features and one such feature is the "Bulk Markdown Importer".

Bounty Thursdays - live #2: news/tools and community questions with STÖK and Jason Haddix.

Sunflower Con - Charity fundraiser conference: Joe Gray from TheOSINTion and Bryan Brake from BrakeSec Podcast setup the conference to raise funds for Ukraine families.

feroxbuster 2.6.0 release: A fast, simple, recursive content discovery tool written in Rust.

Go 1.17.8 and 1.16.5 are released: Includes a security fix for regexp/syntax (CVE-2022-24921).

PentesterLab released 5 HTTP badge videos.

Gau v2.0.9 release: Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Osmedeus v4.0.3 release: A Workflow Engine for Offensive Security.

Nullcon Berlin Conference 2022 - 5th to 9th April.

Insomni'hack - March 24-25.

Women in Cyber Security (WiCyS) 2022 - March 17-19: .

Bugcrowd's Meme Madness - Submit by March 12: Submit your hacking memes to win swag. Points for originality.

Bellingcat received an unprecedented outpouring of support: Let's go!

Z-winK achieved a new 30 day record for part-time bug hunting: Awesome!

Nagli putting in work: Keep it up!

Kuldeep's most productive month: Amazing!

Z-winK on the demand of pentesters.

Ask HN - Who is hiring? (March 2022).

Dr. K about getting fired: Dr. K addresses a subreddit post about getting fired, moving on, and getting a new job.

How to make the most out of a mentoring relationship: Whether or not you have a formal or more casual mentor in your life, the benefits of a trusted confidant reach far beyond increased engagement and sense of belonging.

Reading RFCs for bug bounty hunters.

How zoid hacked a crypto company and could steal 1 million dollars worth of Bitcoin: Breaking path normalisation has been their biggest interest in the past couple of years.

More secure Facebook Canvas Part 2 - More Account Takeovers: After publishing the write-ups about the bugs they previously found in Facebook Games Platform ( Canvas ), they thought about taking a more in depth look into the code and changes made to it after fixes, as sometimes a fix of a bug can introduce another one.

Crypto is Exciting Because It Changes Incentives: Most of the talk around crypto is the argument around legitimacy. Is there a there there? Is it hype? Is it a fad? Is it the next internet? The second big conversation around crypto is about the tech itself. Bitcoin, ETH, and the thousands of others trying to carve a path.

Hackerone Stats: Hackerone Stats is a bunch of automation built to keep track of data from all public bounty programs listed on Hackerone.

param-miner-doc: Unofficial documentation for the great tool Param Miner by James 'albinowax' Kettle, who also contributed to the repo.

Bash tricks you'd share with a friend via pry0cc.

Collection of Twitter BugBounty Tips.

Basic OpSec tips and tricks for OSINT researchers.

InsecureNature Talks About Hacking, Certificate Transparency, TruffleHog, and more: Ever wanted to hear directly from one of @trufflesec / TruffleHog's founder?

"Prevention First" - An Approach to Cybersecurity w/ Minerva Labs.

Learn about Time-Based Blind SQL Injection: In this video, you are going to have a look at how to retrieve data from a PostgreSQL database by monitoring DB sleeps using the pg_sleep() function.

ImageGear JPEG Vulns, NetFilter, and a LibCurl Memory Disclosure [Binary Exploitation Podcast]: Quick episode with four somewhat simple bugs in JPEG parsing, a remote memory disclosure in libcurl due to the difference sizeof(long) on Linux vs Windows, and a heap out of bounds write in the Linux Kernel.

Introduction into APIs and Postman.

The Privacy, Security, & OSINT Show #253 - Bypassing VPN Blocks: This week discusses ways to bypass website VPN blocks and the latest privacy news.

Risky Business #656 – We expected a cyberwar but got an infowar.

Smashing Security #264 - Hacked car chargers, Telegram sextortionists, and secret bossware.

Lex Fridman Podcast #266 – Nicole Perlroth, Cybersecurity and the Weapons of Cyberwar.