👩‍💻IW Weekly #8: Cloudflare WAF, OAuth, TLS Fingerprinting, Talosplus, and more...
Hey đź‘‹
Welcome to the eighth edition of Infosec Weekly - the Monday newsletter that brings the best insights in Infosec straight to your inbox.
In today’s edition, we’ve handpicked some of the most trending and latest articles of InfoSec Write-ups to help you understand new and interesting concepts in Infosec.
Sounds good? Let’s dive in👇
#1 - Learn how to bypass cloudflare waf to trigger stored XSS.
#2 - Want to run bash scripts at a faster rate by executing commands in parallel using goroutines? Read about this tool talosplus which could run the most complex bash scripts in the easiest way possible.
Read these 3 blogs to understand/setup this tool :
#3 - PWN101 Walkthrough of tryhackme.
#5 - Learn how an Oauth misconfiguration could lead to account takeover.
#6 - Learn how to make boot2root VM’s with ease.
That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter.
Videos of the week
Here are the 2 new IWCON2022 recordings of the week:
- Zseano talked about how to find bugs on NFT websites for fun and profit. If you’re interested in the NFT world and want to learn how to find amazing bugs there, you should definitely watch this talk.
- Dhiyaneshwaran DK gave insights on Security automation,(re) defined - Security Through Intelligent Automation using Nuclei. Watch it here.
Before we say bye…
If you found this newsletter interesting, and know other people who would too, we'd really appreciate if you could forward it to them 📨
If you have questions, comments, or feedback, just reply to this email or let us know on Twitter @InfoSecComm.
See you again next week.
Lots of love
Editorial team,