Red Stone One Carat — TryHackMe Challenge Write-up ⌘ Read more
TryHackMe Infinity Shell Walkthrough: Web Shell Forensics & CTF Guide ⌘ Read more
** Video games goods **
Here are 3 mostly unedited paragraphs from a blog post that fizzled out and I decided not to finish…but then I posted it on mastodon and it seemed to resonate with folks, so, here it is as an RSS exclusive plus some other thoughts, too!
I have a weird relationship with video games. I love video games, but I hardly ever really play them. As a kid I wasn’t allowed to play them at home, and didn’t have much facility to play them. I’d get sneaky bits of game time with my cousin in the back of the car o … ⌘ Read more
Pretty happy with my zs-blog-template starter kit for creating and maintaining your own blog using zs 👌 Demo of what the starter kit looks like here – Basic features include:
- Clean layout & typography
- Chroma code highlighting (aligned to your site palette)
- Accessible copy-code button
- “On this page” collapsible TOC
- RSS, sitemap, robots
- Archives, tags, tag cloud
- Draft support (hidden from lists/feeds)
- Open Graph (OG) & Twitter card meta (default image + per-post overrides)
- Ready-to-use 404 page
As well as custom routes (redirects, rewrites, etc) to support canonical URLs or redirecting old URLs as well as new zs external command capability itself that now lets you do things like:
$ zs newpost
to help kick-start the creation of a new post with all the right “stuff”™ ready to go and then pop open your $EEDITOR 🤞
Migration is done \o/ So, Sorry for the noise in your rss reader. To forgive me, tonight, let’s headbang \m/ \m/
ProcessOne: 🚀 ejabberd 25.08
Release Highlights:
This release includes the support for Hydra rooms in our Matrix gateway, which fixes high severity protocol vulnerabilities.
- Improvements in Matrix gateway
- Fixed ACME in Erlang/OTP 28.0.2
- **[New
mod_providersto serve XMPP Providers file](https://www.process-one.net/blog/rss/ … ⌘ Read more
↳
In-reply-to
»
I have a Python script that transforms the original YouTube channel Atom feed into a more useful Atom feed by removing the spam description and replacing it with the video duration, filtering out videos by title, duration, etc. I just updated it to exclude the damn Shorts garbage more efficiently. Finally, YouTube updated their Atom feed generation, so that the video URL contains
⤋ Read More
/short/ if it's of this useless kind. Never thought that they ever actually will improve their Atom feeds. Thank you, much appreciated!
@kat@yarn.girlonthemoon.xyz @movq@www.uninformativ.de Sorry, I neither finished it nor in time. :-( That’s as good as it’s gonna get for the moment: https://git.isobeef.org/lyse/gelbariab/-/tree/master/rss-proxys?ref_type=heads
The README should hopefully provide a crude introduction. The example configuration file is documented fairly well, I believe (but maybe not). You probably still have to consult and maybe also modify the source code to fit your needs.
Let me know if you run into issues, have questions, wishes etc.
Ghost in the Network ⌘ Read more
Cracking JWTs: A Bug Bounty Hunting Guide [Part 6] ⌘ Read more
GraphQL Gatecrash: When an Introspection Query Opened the Whole Backend ️
Free Link 🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/graphql-gatecrash-when-an-intro … ⌘ Read more
Practical study material OSWP Part 3: WEP Walkthrough ⌘ Read more
Practical study material OSWP Part 2: WPA2-MGT Walkthrough ⌘ Read more
Practical study material OSWP Part 1: WPA2-PSK Walkthrough ⌘ Read more
Could XSS Be the Hidden Key to Account Takeover
What if I told you that a simple Cross-Site Scripting (XSS) vulnerability could be the golden ticket to a full Account Takeover (ATO)? No…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups … ⌘ Read more
OSWE Web Hacking Tips (IPPSEC): Java Reversing href=”https://we.loveprivacy.club/search?q=%232”>#2** ⌘ Read more
Crafting Standalone Python Proof of Concept Exploits
Creating standalone proof of concept exploits implementing a zero-to-hero method, requiring a single action to run.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/craf … ⌘ Read more
$560 Bounty: How Twitter’s Android App Leaked User Location
A Silent Broadcast That Let Any App Spy on You Without Asking
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/560-bounty-how-twitters-android-app-leaked- … ⌘ Read more
50 Command Line Tools You Wish You Knew Sooner
Master the terminal with these essential commands that will transform your Linux experience from novice to power user.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/50-command-line-tools-you-wis … ⌘ Read more
My Laptop Died, So I Hacked with My Phone. No Excuse ⌘ Read more
ToolHive Tutorial: Securely Deploy and Manage MCP Servers ⌘ Read more
**️ Deloitte Virtual Internship Cyber Sim Victory ** ⌘ Read more
Nintendo Switch 2 Hacked in 48 Hours — But Here’s Why It’s Just the Beginning
A harmless green line on the screen may have just opened the floodgates for hackers — inside the first real exploit on Nintendo’ … ⌘ Read more
When you play the Game of RBAC, You either validate, or the world denies your existence — like a King behind the wall.
OIDC: The Digitally signed Pinky Swear “It’s Me” (Part I)
Whenever an Elbow-Shake Protocol is being established, there’s always Users try to communicate safely during Corona pandemic!
[Continue reading on InfoSec Write-ups »](https://infosecwrit … ⌘ Read more
WebSocket Wizardry: How a Forgotten Channel Let Me Sniff Private Chats in Real-Time ️♂️
Hey there!😁
[Continue reading on InfoSec Write-ups »]( … ⌘ Read more
Rethinking the guest network to improve my home network security ⌘ Read more
Business logic allows any user to be blocked from creating an account
FREE READ
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/business-logic-allows-any-user-to-be-blocked-from-creating- … ⌘ Read more
Understanding Misconfiguration Exploits: A Beginner’s Guide to Offensive Security Thinking.
Misconfigurations are among the most common — and most dangerous — vulnerabiliti … ⌘ Read more
Cracking JWTs: A Bug Bounty Hunting Guide [Part 5] ⌘ Read more
**Abuse-ception: How I Turned the Abuse Report Feature Into a Mass Email Spammer **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/abuse-ception-how-i-turned-the- … ⌘ Read more
$1,000 Bug: Firefox Account Deletion Without 2FA or Authorization
How a Missing Backend Check Let Attackers Nuke Accounts With Just a Password
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/1-000-bu … ⌘ Read more
The 5 Cybersecurity Roles That Will Disappear First
Think your job is safe from AI? Think again. These are the first cybersecurity roles AI will eat.”
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-5-cybersecurity-role … ⌘ Read more
Living Off The Land: The Stealth Art of Red Team Operations ⌘ Read more
21 Secret Linux Commands Hackers and Sysadmins Don’t Want You to Know About
Not your usual ‘ls’ and ‘pwd’ — these are the real tools used by professionals.
[Continue reading on InfoSec Write-ups »](https://info … ⌘ Read more
From Classic SOC to Autonomous SOC: The Future of Cyber Defense
Modernize your SOC into an Autonomous Security Operations (ASO) model. what it means, why it matters, and how to prepare your team.
[Continue reading on InfoS … ⌘ Read more
** Race Condition Rumble: How I Bought 100 Products for the Price of One ️️** ⌘ Read more
How I Captured a Password with One Command
Many beginner-friendly sites or older web applications still use HTTP, which transmits data without encryption.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/why-htt … ⌘ Read more
$7,500 Bug: Exposing Any HackerOne User’s Email via Private Program Invite
How One GraphQL Query Turned Private Invites into Public Data Leaks
[Continue reading on InfoSec Write-ups »](https://infosecwrite … ⌘ Read more
How to Set Up a VPN with Tailscale: Overcoming CGNAT Challenges ⌘ Read more
OIDC: Integrate Kubernetes authentication with Azure AD via OIDC (Part IV)
You want to authenticate Kubernetes users by integrating it with Azure AD using OIDC. This setup involves configuring the following … ⌘ Read more
Create own Hacking SERVER Instead of Portswigger exploit server
This article describes about to create your own server that helps to exploit CORS vulnerability or more.
[Continue reading on InfoSec Write-ups »](https://i … ⌘ Read more
OIDC: The Fellowship of the Token (Part III)
One token to rule them all, one token to find them, One token to bring them all, and in the cluster spawn them (I meant the pods.).
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/oidc-the-fellowsh … ⌘ Read more
How I Hacked 100+ Accounts Using Just XSS
One Small Flaw, 100+ Accounts Stolen — Here’s How It Happened
Part 3: How to Become a Pentester in 2025:Practical Practice: Labs & CTFs ⌘ Read more
** The “Unlimited Leave” Hack I Found at My College** ⌘ Read more
How Simple RECON Earned Me ₹XX,000 at Zerodha ⌘ Read more