Marque extrêmement visible dans le monde, Decathlon a pris le virage du digital depuis quelques années. Pour s’assurer du niveau de sécurité de ses sites et de ses applications, l’enseigne a fait l...

PDG de Wallix, fleuron de la cybersécurité tricolore, Jean-Noël de Galzain dirige l'axe cybersécurité du comité stratégique de la...-Cybersécurité

Gisec Global conference in Dubai hears of the evolving threats to cyber security as criminals adapt to advanced AI tools

Enjeu majeur de la digitalisation des entreprises et des services publics, la cybersécurité est devenue une question centrale avec la multiplication des cyberattaques. Guillaume Vassault-Houlière, le co-fondateur et CEO de YesWeHack, nous livre sa vision…

PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.

Des participants à une campagne de Bug Bounty ont remporté une prime avec le soutien de ChatGPT. Ils ont ainsi montré que l’IA générative peut être utile aux hackers éthiques.

Hi, my name is Alex, I’ve been an IT security professional since 2007 and I’ve recently entered the start-up world with my project bughuntr.io. In putting together this project, security has been a primary concern for me. This is both due to my background…

Atlassian ran a project on Bugcrowd looking for bugs in their proposed implementation of Kata Containers within the BitBucket Pipelines CI/CD environment. Whilst participating in this project, I identified a vulnerability in Kata Containers which could allow…

If you're reading this, it's a blog post that's not my regular write-up but more of an investigation and a hypothesis on the anatomy of a scam. I also put it together to raise awareness for those who read my blog and who might not be overtly technical-focused.

Hello Everyone,

This a short blog post to announce I have finally published my second book after several years of work. I have spent nearly five writing it; like my first one, it follows the path of getting into and progressing in the industry, while LTR101…

BYODC or bring your own domain controller is a post-exploitation technique and another option for performing a DCSync in a more opsec safe manner.

Attack paths and compromising systems are something we, as attackers, thrive in. Many areas of system weakness can be attacked and leveraged to gain a foothold or an upper hand within an environment.

tl;dr We have released BSEEPT - Burp Suite Enterprise Edition Power Tools which: Is a command line tool to drive all aspects of the BSEE GraphQL API. Is a Python client library to allow you to easily