Lab: Exploiting server-side parameter pollution in a query string
Server Side parameter pollution
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-server-side-parameter-pollution-in-a … ⌘ Read more
Breaking Twitter’s VPN: $20,160 Bounty for a Pre-Auth RCE via Pulse Secure Chain
How Orange Tsai & Meh Chang Combined File Read, Session Hijack, and Admin Injection to Breach Twitter’s Internal … ⌘ Read more
**One Endpoint to Rule Them All: How I Chained 3 Bugs into Full Account Takeover **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/one-endpoint-to-rule-them-all-h … ⌘ Read more
Demystifying Cookies : The Complete Guide for Bug Bounty Hunters — Part 1
Everything you need to know about cookies to expand your attack surface and find real bugs.
[Continue reading on InfoSec Write-ups »](h … ⌘ Read more
**Silent but Deadly: How Blind XSS in Email Notifications Gave Me Root Alerts **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/silent-but-deadly-how-blind-xss-in-email … ⌘ Read more
DFIR: An Introduction | TryHackMe Write-Up | FarrosFR
Here is my article on the walkthrough of a free room: DFIR: An Introduction. Introductory room for the DFIR module. I wrote this in 2025…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ … ⌘ Read more
MITM HTTPS Payload with Python
A lightweight MITM tool for monitoring encrypted traffic and detecting threats powered by AI and built in Python
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mitm-https-payload-with-python-499ebf8e933f?source=rss—-7b722bfd1b8d— … ⌘ Read more
**From CSP to OMG: How a Tiny Misconfigured Header Let Me Run JS Anywhere **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/from-csp-to-omg-how-a-tiny-misconfigured-header-let- … ⌘ Read more
I Gave Myself 60 Minutes to Find a Bug — This Is What Happened
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/i-gave-myself-60-minutes-to-find-a-bug-this-is-what-happened-e5fa76563a33?so … ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1353 ARCHIVED:87369 CACHE:2680 FOLLOWERS:22 FOLLOWING:14
Maybe you’ll enjoy this as well:
I still have one of my first modems, a Creatix LC 144 VF:
I think this was the modem that I used when I first connected to the internet, but I’m not sure.
I plugged it in again and it still works:
The firmware appears to be from 1994, which sounds about right. I don’t think we had internet access before that. We certainly did use local mailboxes, though. (Or BBS’s, as you might call them.)
I now want to actually use that modem again. For the moment, I can only use a phone to dial into it, I lack a second modem to actually establish a connection. Here’s a video:
Not spectacular, but the modem does answer after me entering ATA.
I bought another cheap old modem on eBay and am now waiting for it to arrive. Once it’s here, I want to simulate an actual dial-up session, hopefully from OS/2 or Windows 3.x.
Trump crashes Russian stock market: minus US$1 billion in few hours ⌘ Read more
Drones hit Russia’s Shahed drone factory 1,200 km from Ukraine again ⌘ Read more
支付寶證書原理和使用 Golang 集成
支付寶證書驗證機制是保障交易安全的核心環節,主要是基於 PKI(公鑰基礎設施)體系構建。其驗證流程包含以下幾個關鍵部分:1,證書體系支付寶使用兩套證書,應用證書和支付寶根證書。應用證書由開發者上傳到支付寶開放平臺,支付寶根證書用於驗證支付寶返回數據的真實性。2,簽名驗證流程請求時,開發者使用私鑰對請求參數簽名,支付寶使用應用公鑰驗證。響應時,支付寶使用私鑰對返回數據簽名,開發者使用支付寶公鑰驗證。 ⌘ Read more
支付寶證書原理和使用 Golang 集成
支付寶證書驗證機制是保障交易安全的核心環節,主要是基於 PKI(公鑰基礎設施)體系構建。其驗證流程包含以下幾個關鍵部分:1,證書體系支付寶使用兩套證書,應用證書和支付寶根證書。應用證書由開發者上傳到支付寶開放平臺,支付寶根證書用於驗證支付寶返回數據的真實性。2,簽名驗證流程請求時,開發者使用私鑰對請求參數簽名,支付寶使用應用公鑰驗證。響應時,支付寶使用私鑰對返回數據簽名,開發者使用支付寶公鑰驗證。 ⌘ Read more
微服務架構:必懂的 5 種設計模式
1. Database per Service (每個服務一個數據庫)目標 / 目的實現微服務之間的松耦合。 增強服務的獨立性、可伸縮性和數據封裝。 關鍵概念 / 工作方式每個微服務管理自己的私有數據庫。 數據庫只能由擁有該服務的服務訪問。 強制執行清晰的邊界並促進單一職責原則。 數據隔離 減少服務之間的依賴。 技術靈活性 服務可以使 ⌘ Read more
From Zero to $1000/Month | Bug Bounty Automation Blueprint
Proven Tactics, Tools, and Code to Automate Your Way to Consistent Bounties
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/from-zero-to-1000-month-bug-boun … ⌘ Read more
️My Top 7 Mistakes as a New Bug Hunter (And How to Avoid Them)
Free Article Link only for you
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Fmy-top-7-mistakes-as-a-new-bug-hunter- … ⌘ Read more
** The Misconfigured Magnet: How Public Buckets Exposed Millions of User Files **
Hey there😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-misconfigured-magnet-how-public-buck … ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1352 ARCHIVED:87359 CACHE:2686 FOLLOWERS:22 FOLLOWING:14
UE1 homebrew 1-bit vacuum computer in action
full series playlist
🧮 USERS:1 FEEDS:2 TWTS:1351 ARCHIVED:87339 CACHE:2704 FOLLOWERS:22 FOLLOWING:14
↳
In-reply-to
»
@kat I don’t like Golang much either, but I am not a programmer. This little site, Go by example might explain a thing or two.
⤋ Read More
One of the nicest things about Go is the language itself, comparing Go to other popular languages in terms of the complexity to learn to be proficient in:
- Go:
25keywords (Stack Overflow); CSP-style concurrency (goroutines & channels)
- Python 2:
30keywords (TutorialsPoint); GIL-bound threads & multiprocessing (Wikipedia)
- Python 3:
35keywords (Initial Commit); GIL-bound threads,asyncio& multiprocessing (Wikipedia, DEV Community)
- Java:
50keywords (Stack Overflow); threads +java.util.concurrent(Wikipedia)
- C++:
82keywords (Stack Overflow);std::thread, atomics & futures (en.cppreference.com)
- JavaScript:
38keywords (Stack Overflow); single-threaded event loop &async/await, Web Workers (Wikipedia)
- Ruby:
42keywords (Stack Overflow); GIL-bound threads (MRI), fibers & processes (Wikipedia)
↳
In-reply-to
»
i wish it was realistic for me to learn golang but every single time i try to comprehend any go code i'm like What the fuck am i looking at. why is all of this so short and condensed GIVE ME VERBOSE CODE
⤋ Read More
@movq@www.uninformativ.de i feel like when i read go code i’m reading some algebra shit where every part is 1-5 letters long and then there’s weird symbols like := and it’s just infinitely harder for me to parse and infer meaning from lol. it’s such a me problem
More than 1,900 Americans applied for UK citizenship as Trump began second term ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1350 ARCHIVED:87332 CACHE:2725 FOLLOWERS:22 FOLLOWING:14
U.S. reports cases of new COVID variant NB.1.8.1 behind surge in China ⌘ Read more
↳
In-reply-to
»
Over the past few weeks I've been experimenting with and doing some deep learning and researching into neutral networks and evolutionary adaptation of them. The thing is I haven't gotten very far. I've been able to build two different approaches so far with limited results. The frustrating part is that these things are so "random" it isn't even funny. Like I can't even get a basic ANN + GA to evolve a network that solves the XOR pattern every time with high levels of accuracy. 😞
⤋ Read More
This is one of my attempts: 
$ go build ./cmd/xor/... && ./xor
Generation 95 | Fitness: 0.999964 | Nodes: 9 | Conns: 19
Target reached!
Best network performance:
[0 0] → got=0 exp=0 (raw=0.000) ✅
[0 1] → got=1 exp=1 (raw=0.990) ✅
[1 0] → got=1 exp=1 (raw=0.716) ✅
[1 1] → got=0 exp=0 (raw=0.045) ✅
Overall accuracy: 100.0%
Wrote best.dot – render with `dot -Tpng best.dot -o best.png`
Trump recommends 50% tariff on European Union starting June 1 ⌘ Read more
fit 1 $ spin (saw 0.1 * sign fxy) $ rect 0 1 - rect 0 0.99 >> add;#punctual #livecoding #creativecoding #videoart
🧮 USERS:1 FEEDS:2 TWTS:1349 ARCHIVED:87324 CACHE:2738 FOLLOWERS:22 FOLLOWING:14
Adafruit Hit With $36K Tariff Bill on 1,000 lbs of Electronics
Adafruit CEO responds to The Lunduke Journal with details and stays non-political about changing tariffs. ⌘ Read more
6.1.140: longterm
Version:6.1.140 (longterm)Released:2025-05-22Source:linux-6.1.140.tar.xzPGP Signature:linux-6.1.140.tar.signPatch:full ( incremental)ChangeLog:ChangeLog-6.1.140 ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1348 ARCHIVED:87166 CACHE:2773 FOLLOWERS:22 FOLLOWING:14
Natalie Bergman – Dance
Natalie Bergman’s My Home Is Not In This World is out in July on Third Man Records. Video directed by Alan Del Rio Ortiz / choreography by Sandi Denton… Continue reading… ⌘ Read more
** They Missed This One Tiny Parameter — I Made $500 Instantly**
✨Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/they-missed-this-one-tiny-parameter-i-made-500-instantly-f2f7d1c1c1d9?source=rss—-7 … ⌘ Read more
The Battle for Python’s Soul: How uv is Challenging pip’s Championship Reign
The stadium lights flicker on. The crowd falls silent. In the blue corner, weighing in with over a decade of dominance and … ⌘ Read more
解密轉轉收銀臺背後的路由系統
1 引言—-在電商交易場景中,支付環節是整個用戶購物環節中的關鍵節點。用戶從搜索、推薦、瀏覽、比較、加購、下單,到最終的支付環節,每一步都經歷了層層漏斗的篩選。當用戶到達支付環節時,已經展現出強烈的購買意向,這時的流量價值已經遠超最初環節。支付環節的體驗直接關係到最終的成交轉化,因此收銀臺不僅要確保支付流程的順暢,更要保證支付的安全性和可靠性。隨着業務規模的不斷擴大,支付場景的日益複雜,如何構 ⌘ Read more
如何畫架構圖 - 軟件設計架構師必學的一門課
前言:是時候乾點正事了,架構圖在做架構設計的時候尤爲重要,有了架構圖,很多時候你能給別人講清楚一些技術上的事情。常見架構圖的分類常見架構圖的畫法2.1 業務架構定義:描述系統對用戶提供了什麼業務功能,類似於 4+1 視圖的場景視圖。技巧:通過不同的顏色來標識業務狀態;業務分組管理。示例:2.2 客戶端架構、前端架構定義:客戶端和前端的領域邏輯架構,類似於 4+1 視圖的邏輯視圖。技巧:通過不同顏色 ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1347 ARCHIVED:87160 CACHE:2773 FOLLOWERS:22 FOLLOWING:14