Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
1.
▲
Ask HN: Looking for recommendations on decent penetration testing tools
15 points
51Cards
9 years ago
8 comments
2.
▲
Ask HN: From Developer to Appsec Engineer?
2 points
desertbug
4 years ago
discuss
3.
▲
Web hacking techniques of 2021
(portswigger.net)
567 points
adrianomartins
4 years ago
50 comments
4.
▲
HTTP/2-exclusive threats caused by implementation flaws and RFC imperfections
(portswigger.net)
393 points
Berg0X00
5 years ago
112 comments
5.
▲
Microsoft pushes ahead with controversial ‘buy now, pay later’ feature for Edge
(portswigger.net)
336 points
feross
5 years ago
291 comments
6.
▲
uBlock, I exfiltrate: exploiting ad blockers with CSS
(portswigger.net)
270 points
todsacerdoti
4 years ago
99 comments
7.
▲
Researchers exploit HTTP/2, WPA3 protocols to stage ‘timeless timing’ attacks
(portswigger.net)
241 points
wglb
6 years ago
26 comments
8.
▲
HTTP/3: Everything you need to know about the next-generation web protocol
(portswigger.net)
220 points
homarp
4 years ago
156 comments
9.
▲
Targeting HTTP's Hidden Attack-Surface
(blog.portswigger.net)
207 points
skybrian
9 years ago
13 comments
10.
▲
Web Storage: the lesser evil for session tokens
(blog.portswigger.net)
195 points
kkl
10 years ago
69 comments
11.
▲
VPN users unmasked by zero-day vulnerability in Virgin Media routers
(portswigger.net)
192 points
feross
5 years ago
93 comments
12.
▲
Developers fix multitude of vulnerabilities in Apache HTTP Server
(portswigger.net)
190 points
feross
5 years ago
108 comments
13.
▲
Listen to the whispers: web timing attacks that work
(portswigger.net)
188 points
saikatsg
2 years ago
33 comments
14.
▲
Google, Mozilla Close to Finalizing Sanitizer API for Chrome and Firefox Browse
(portswigger.net)
187 points
todsacerdoti
5 years ago
100 comments
15.
▲
OAuth 2.0 Authentication Vulnerabilities
(portswigger.net)
174 points
lobo_tuerto
5 years ago
67 comments
16.
▲
OPPA: Ohio could become the third US state to enact a new consumer privacy law
(portswigger.net)
174 points
feross
5 years ago
65 comments
17.
▲
New differential fuzzing tool reveals novel HTTP request smuggling techniques
(portswigger.net)
169 points
feross
5 years ago
33 comments
18.
▲
Belgium launches nationwide safe harbor for ethical hackers
(portswigger.net)
164 points
raphinou
3 years ago
23 comments
19.
▲
Practical Web Cache Poisoning
(portswigger.net)
146 points
4kevinking
8 years ago
10 comments
20.
▲
An overview of the top web hacking techniques of 2017
(portswigger.net)
144 points
albinowax_
8 years ago
11 comments
21.
▲
Dozens of high-traffic websites vulnerable to ‘account pre-hijacking’, study
(portswigger.net)
139 points
feross
4 years ago
80 comments
22.
▲
Dangerous bug in Chrome’s ‘New Tab’ page bypassed security features
(portswigger.net)
136 points
PaulHoule
5 years ago
91 comments
23.
▲
Executing non-alphanumeric JavaScript without parentheses
(blog.portswigger.net)
123 points
kkl
10 years ago
19 comments
24.
▲
HAProxy vulnerability enables HTTP request smuggling attacks
(portswigger.net)
119 points
feross
5 years ago
25 comments
25.
▲
Smashing the state machine: the true potential of web race conditions
(portswigger.net)
112 points
chatmasta
3 years ago
32 comments
26.
▲
OAuth Attack Vectors
(portswigger.net)
106 points
arkadiyt
5 years ago
33 comments
27.
▲
New and improved Linux Random Number Generator ready for testing
(portswigger.net)
100 points
feross
5 years ago
67 comments
28.
▲
Jitsi’s Emil Ivov on scaling up during a pandemic
(portswigger.net)
97 points
em3rgent0rdr
6 years ago
21 comments
29.
▲
WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued
(portswigger.net)
91 points
feross
4 years ago
56 comments
30.
▲
Bittersweet Symfony: Devs accidentally turn off CSRF protection in PHP framework
(portswigger.net)
78 points
feross
4 years ago
55 comments
More