Building trust with OpenID Federation trust chain on Keycloak
OpenID Federation 1.0 provides a framework to build trust between a Relying Party and an OpenID Provider that have no direct relationship so that the Relying Party can send OIDC/OAuth requests to the OpenID Provider without being previously⊠â Read more
LitmusChaos at KubeCon + CloudNativeCon Europe 2025: A Recap
The cloud native community recently converged in London from April 1 â 4, 2025, for an incredible edition of KubeCon + CloudNativeCon Europe. From our perspective at LitmusChaos, it was a week filled with inspiring sessions,⊠â Read more
6.1.135: longterm
Version:6.1.135 (longterm)Released:2025-04-25Source:linux-6.1.135.tar.xzPGP Signature:linux-6.1.135.tar.signPatch:full ( incremental)ChangeLog:ChangeLog-6.1.135 â Read more
**The Fastest Way to Learn Web Hacking in 2025 (With Free Resources) **
đFree Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-fastest-way-to-learn-web-hacking-in-2025-with-free-resourc ⊠â Read more
Hidden Tricks to Spot Phishing Emails Before They Trick You!
Phishing emails are like traps set by cybercriminals to trick you into sharing personal details, clicking dangerous links, or downloadingâŠ
[Continue reading on InfoSec Write-ups ⊠â Read more
** Hostile Host Headers: How I Hijacked the App with One Sneaky Header **
Hey there!đ
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-hea ⊠â Read more
GitLab CI for Python Developers: A Complete Guide
Automating Testing, Linting, and Deployment for Python projects using GitLab CI/CD
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/gitlab-ci-for-python-developers-a-complete-guide-83794cb91 ⊠â Read more
𧟠USERS:1 FEEDS:2 TWTS:1320 ARCHIVED:86540 CACHE:2803 FOLLOWERS:21 FOLLOWING:14
** How I discovered a hidden user thanks to server responses ?**
My first real step into web hacking and it wasnât what i thought it would be.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-discovered-a-hidde ⊠â Read more
How to Build a Threat Detection Pipeline from Scratch (Like a Cyber Ninja!)
Hey, cyber fam! Have you ever asked yourself:
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-build-a-threat ⊠â Read more
Nothing changed⊠except for one detail. And that was enough to hack
Sometimes, hacking doesnât require any exploit⊠just good observation.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/nothing-c ⊠â Read more
How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes AspiringâŠ
Learn how attackers build and control botnetsâââsafely and ethicallyâââusing ⊠â Read more
**Burp, Bounce, and Break: How Web Cache Poisoning Let Me Control the App **
Hey there!đ
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-bounce-and-break-how-web-cache-poisoning-let-me-con ⊠â Read more
OWASP Juice Shop | Part 1âââScoreBoard SolutionâââStrawHat Hackers â Read more
𧟠USERS:1 FEEDS:2 TWTS:1319 ARCHIVED:86501 CACHE:2810 FOLLOWERS:21 FOLLOWING:14
I Lost $3,750 in 30 SecondsâââThe ATO Bug 99% of Hackers Miss (Hereâs How to Avoid It)
The 1 Burp Suite Mistake That Cost Me $3,750âââFix It in 30 Seconds
[Continue reading on InfoSec Writ ⊠â Read more
SOC L1 Alert Reporting : Step-by-Step Walkthrough | Tryhackme
As a SOC analyst, it is important to detect high-severity logs and handle them to protect against disasters. A SOC analyst plays theâŠ
[Continue reading on InfoSec Write-ups ⊠â Read more
**404 to 0wnage: How a Broken Link Led Me to Admin Panel Access **
Hey there!đ
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=r ⊠â Read more
How to Start Bug Bounty in 2025 (No Experience, No Problem)
â Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rssâ-7b ⊠â Read more
ïž Hacking and Securing Kubernetes: A Deep Dive into Cluster Security
Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by ⊠â Read more
𧟠USERS:1 FEEDS:2 TWTS:1317 ARCHIVED:86476 CACHE:2798 FOLLOWERS:20 FOLLOWING:14
Marekove kolĂĄÄe â sladkĂĄ pomoc z Petrovca
TrinĂĄsĆ„roÄnĂœ Marek PoniÄan z BĂĄÄskeho Petrovca je dĂŽkazom, ĆŸe aj detskĂĄ dobrota dokĂĄĆŸe meniĆ„ svet k lepĆĄiemu. Tento mladĂœ humanitĂĄrny pracovnĂk mĂĄ za sebou uĆŸ pÀƄ ĂșspeĆĄnĂœch charitatĂvnych akciĂ, vrĂĄtane najnovĆĄej veÄŸkonoÄnej, ktorĂș organizoval s maminou pomocou â od nĂĄpadu, cez peÄenie kolĂĄÄov, aĆŸ po ich balenie a predaj. TĂșto âkolĂĄÄovĂșâ akciu venoval Teodore Martinko (25) z KysĂĄÄa, na ktorĂș 1. novembra 2024 spadol prĂstreĆĄok na ĆŸelezn ⊠â Read more
This is something for @movq@www.uninformativ.de and old OS hobbyists alike: FreeDOS 1.4! Get it while itâs hot!
𧟠USERS:1 FEEDS:2 TWTS:1316 ARCHIVED:86446 CACHE:2799 FOLLOWERS:20 FOLLOWING:14
MicroPython v1.25.0 Released with ROMFS, RISC-V Assembler, and Expanded Board Support
MicroPython has reached a major milestone with the release of version 1.25.0, delivering significant enhancements after over three years of development. This update introduces the long-anticipated ROMFS (Read-Only Memory File System), new processor support, TLS improvements, and expanded board compatibility across multiple architectures. One of the most notable additions is R ⊠â Read more
Regex Isnât Hard - Tim Kellogg đ this is a pretty good conscience article on regexes, and I agree, regex isnât that hardâą â However I think I can make the TL;DR even shorter đ
Regex core subset (portable across languages):
Character sets
âą a matches âaâ
âą [a-z] any lowercase
âą [a-zA-Z0-9] alphanumeric
âą [^ab] any char but a or b
Repetition (applies to the preceding atom)
âą ? zero or one
âą * zero or more
âą + one or more
Groups
âą (ab)+ matches âabâ, âababâ, âŠ
âą Capture for extract/substitute via $1 or \1
Operators
âą foo|bar = foo or bar
âą ^ start anchor
âą $ end anchor
Ignore nonâportable shortcuts: \w, ., {n}, *?, lookarounds.
ïž Free TryHackMe Jr Penetration Tester Roadmap with Resources and Labs
A free, TryHackMe-inspired roadmap with resources and labs to kickstart your penetration testing journey.
[Continue read ⊠â Read more
I Clicked a Random Button in Google SlidesâââThen Google Paid Me $2,240
The strange trick that exposed a hidden security flaw (and how you can find bugs like this too).
[Continue reading on InfoSec Write-ups »](https://in ⊠â Read more
Lab: Exploiting an API endpoint using documentation
We will solve this lab based on the API documentation exposed to delete Carlosâs user.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-d ⊠â Read more
** HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ïž**
Free Linkđ
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.co ⊠â Read more
↳
In-reply-to
»
#event:abc123 Go Meetup â Sat Apr 27, 3pm @ Darling Harbour
†Read More
#event:abc123 RSVP: yes +1
golf.vim v0.1.1 - fixed keystroke logging, removed ultraâshort runs, now captures all modes â Read more
𧟠USERS:1 FEEDS:2 TWTS:1315 ARCHIVED:86386 CACHE:2781 FOLLOWERS:20 FOLLOWING:14
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minutes
đFree Article LinkâŠ
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-1 ⊠â Read more
Exposed Secrets in JavaScript Files
đ„Free Article https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?sk=ffd9ca6c8ede38ac77dcb68a507b9299
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exposed-secrets-in-javascript-fi ⊠â Read more
ïž TryHackMe: Agent T Walkthrough
âA sneaky mission to uncover secrets from Agent Tâs server.â
Wazuh Installation & Configuration: A Step-by-Step Tutorial
Hello, my digital adventurers! In this article, I will provide you with a step-by-step guide for installing and configuring the WazuhâŠ
[Continue reading on InfoSec Write-ups » ⊠â Read more
**CORSplay of the Century: How I Hijacked APIs with One Misconfigured Header **
Free Linkđ
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/corsplay-of-the-century-how-i-hijacked-apis- ⊠â Read more
**Bypassing Like a Pro: How I Fooled the WAF and Made It Pay **
Hi there!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rssâ-7b722bf ⊠â Read more
Hmmm thereâs a bug somewhere in the way Iâm ingesting archived feeds đ€
sqlite> select * from twts where content like 'The web is such garbage these days%';
hash = 37sjhla
feed_url = https://twtxt.net/user/prologic/twtxt.txt/1
content = The web is such garbage these days đ Or is it the garbage search engines? đ€
created = 2024-11-14T01:53:46Z
created_dt = 2024-11-14 01:53:46
subject = #37sjhla
mentions = []
tags = []
links = []
sqlite>
𧟠USERS:1 FEEDS:2 TWTS:1314 ARCHIVED:86338 CACHE:2754 FOLLOWERS:20 FOLLOWING:14
Should we adopt 1 or 2 cats? â Read more
↳
In-reply-to
»
@lyse It wasnât our building, yeah, luckily. But Iâm pretty scared it might happen some day. I think Iâll put more effort into preparing for that. But whatever I do, it would be horrific to lose all your stuff and the memories attached to it âŠ
†Read More
@prologic@twtxt.net @bmallred@staystrong.run Ah, I just found this, didnât see it before:
https://restic.net/#compatibility
So, yeah, they do use semver and, yes, theyâre not at 1.0.0 yet, so things might break on the next restic update ⊠but they âpromiseâ to not break things too lightheartedly. Hm, well. đ Probably doesnât make a big difference (they donât say âdonât use this software until we reach 1.0.0â).
↳
In-reply-to
»
Some A hole has been trying to pull every single Twtxt feed that existed/still exists since forever. How do I know? Welp' They've been querying my Timelineâą instance for all of it, every single twtxt file and twt Hash they can find. đđ€Š It must have been going on for days and I have just noticed... + it's all coming from the same ASN
†Read More
AS136907 HWCLOUDS-AS-AP HUAWEI CLOUDS
@prologic@twtxt.net This shi_ is as fun as it is frustrating! đ the bot is poking at me from a different ASN now, Alibabaâs.
- Short term solution: Iâve geo-locked my Timeline instance since Iâm the only one using it (and I only do so for reading twts when Iâm away from terminal).
- Long term: I took a look at your Caddy WAF but couldnât figure things out on my own; until then, Iâll be poking at Caddy-Defender, maybe throw in a Crowdsec for lols⊠#FUN
We adopted Klaus today! He has 1 eye, half of each ear, and a partially amputated tail, but we think heâs a perfect handsome baby. â Read more
𧟠USERS:1 FEEDS:2 TWTS:1311 ARCHIVED:86261 CACHE:2761 FOLLOWERS:18 FOLLOWING:14