HackerTrans
TopNewTrendsCommentsPastAskShowJobs

pentestercrab

no profile record

Submissions

When Dawkins met Claude – Could this AI be conscious?

unherd.com
64 points·by pentestercrab·قبل شهرين·434 comments

Ruby Array Pack Bleed

nastystereo.com
62 points·by pentestercrab·قبل 6 أشهر·1 comments

Ruby Array Pack Bleed – Impacts Ruby 1.6.7 to 4.0.0

nastystereo.com
9 points·by pentestercrab·قبل 7 أشهر·0 comments

Inline Style Exfiltration: leaking data with chained CSS conditionals

portswigger.net
1 points·by pentestercrab·قبل 11 شهرًا·0 comments

Marshal madness: A brief history of Ruby deserialization exploits

blog.trailofbits.com
25 points·by pentestercrab·قبل 11 شهرًا·4 comments

Breaking the Sorting Barrier for Directed Single-Source Shortest Paths

arxiv.org
99 points·by pentestercrab·قبل 11 شهرًا·3 comments

New Method to Leverage Unsafe Reflection and Deserialisation to RCE on Rails

elttam.com
1 points·by pentestercrab·السنة الماضية·0 comments

Escaping Ruby's Gem:SafeMarshal Sandbox

nastystereo.com
2 points·by pentestercrab·قبل سنتين·1 comments

Escaping Ruby's Gem:SafeMarshal Sandbox

nastystereo.com
3 points·by pentestercrab·قبل سنتين·0 comments

RubyGem's Gem:SafeMarshal buffer overrun with length larger than fit into a byte

github.com
1 points·by pentestercrab·قبل سنتين·0 comments

CORS Vulnerabilities in Go: Vulnerable Patterns and Lessons

pentesterlab.com
1 points·by pentestercrab·قبل سنتين·0 comments

Shiny Vulnerabilities in R's Most Popular Web Framework

nastystereo.com
1 points·by pentestercrab·قبل سنتين·0 comments

PentesterLab: Web Hacking and Security Code Review 600 exercises and 700 videos

pentesterlab.com
1 points·by pentestercrab·قبل سنتين·0 comments

Cross-Site Post Requests Without a Content-Type Header – CSRF Attack

nastystereo.com
2 points·by pentestercrab·قبل سنتين·0 comments

Execute commands by sending JSON? Ruby deserialization vulnerabilities

github.blog
2 points·by pentestercrab·قبل سنتين·0 comments

JWT Libraries Block Algorithm Confusion: Key Lessons for Code Review

pentesterlab.com
3 points·by pentestercrab·قبل سنتين·0 comments

Chosen-Prefix Collisions on AES-Like Hashing

eprint.iacr.org
2 points·by pentestercrab·قبل سنتين·0 comments

Ruby 3.4 Universal RCE Deserialization Gadget Chain

nastystereo.com
2 points·by pentestercrab·قبل سنتين·1 comments

Ruby's String Slice is Broken

nastystereo.com
3 points·by pentestercrab·قبل سنتين·2 comments

Evaluate Markdown code blocks within Vim

github.com
68 points·by pentestercrab·قبل سنتين·18 comments

comments

pentestercrab
·قبل شهرين·discuss
(63 points, 4 days ago, 431 comments) https://news.ycombinator.com/item?id=47972481
pentestercrab
·قبل 12 شهرًا·discuss
There seems to have been a recent uptick in phishers using goo.gl URLs. Yes, even without new URLs being accepted by registering expired domains with an old reference.
pentestercrab
·السنة الماضية·discuss
The risky.biz podcast episode got pulled too: https://bsky.app/profile/patrick.risky.biz/post/3lmioqiobks2...
pentestercrab
·قبل سنتين·discuss
[flagged]
pentestercrab
·قبل سنتين·discuss
Once again GTFOBins[0] proving to be a valuable resource.

[0] https://gtfobins.github.io/
pentestercrab
·قبل سنتين·discuss
Thanks for the feedback, fixed!
pentestercrab
·قبل سنتين·discuss
From the article:

Our leading theory is that the Great Firewall inside China is manipulating DNS responses due to blacklisted or blocked keywords. This affects any system that has to pass through the Great Firewall before it reaches the end-user/client. Most of the keywords relate to VPN software, proxies, adult sites, file and text sharing and torrents. This is consistent with the kinds of material that China is known to censor within its borders.
pentestercrab
·قبل سنتين·discuss
I have to agree with you. It is a shame the classic style isn’t available at an alternate subdomain or directory.

Has anyone tried rendering the current docs with the old theme?