all InfoSec news
Exploiting SSRF in PDF HTML Injection: Basic and Blind
Jan. 23, 2024, 4:40 p.m. | Joward
InfoSec Write-ups - Medium infosecwriteups.com
On a recent application assessment, I encountered an endpoint that would take HTML from user input and generate a PDF from it. I knew that it was possible to perform SSRF by inserting an iframe, but I wanted to know how this would be abused in more complex scenarios. How about resources on different servers? How does CORS effect exploitation? What if I didn’t have access to the request response? I started exploring these in a bit more …
More from infosecwriteups.com / InfoSec Write-ups - Medium
Subdomain takeover via AWS s3 bucket
4 days, 6 hours ago |
infosecwriteups.com
Understanding the CrowdStrike 2024 Global Threat Report
4 days, 6 hours ago |
infosecwriteups.com
Prevent Cross-Site Scripting Attacks in Node.js
4 days, 6 hours ago |
infosecwriteups.com
HTB: Bizness walkthrough
4 days, 6 hours ago |
infosecwriteups.com
CozyHosting HTB Easy | Walkthrough
4 days, 6 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)