Latest posts tagged with #webappsec on Bluesky
CRITICAL: LabRedesCefetRJ WeGIA (<3.6.5) auth bypass lets attackers access admin & sensitive data. Upgrade to 3.6.5+ now to stay secure! 🔒 radar.offseq.com/threat/cve-2026-28411-cw... #OffSeq #WebAppSec #Vulnerability
I wrote a Blog post about combining ZAP with CyberChef.
#AppSec #WebAppSec #BugBountyTips
www.zaproxy.org/blog/2026-02...
@zaproxy.org Released add-ons today:
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
some days it’s dry. some days it’s gold. you only get the gold if you show up. #webappsec
Hey Bluesky. Can you get @zaproxy.org to 15k ⭐️?
#OpenSource #DAST #AppSec #WebAppSec #ITSec #CyberSec #PenTest #BugBountyTips
Current Stars 14500
github.com/zaproxy/zapr...
We're happy to announce an update to sodium_compat that improves performance.
See github.com/paragonie/so...
#PHP #cryptography #libsodium #crypto #encryption #infosec #webappsec #appsec
I just completed the Web Security Academy lab:
Authentication bypass via OAuth implicit flow
#AuthenticationBypass #WebAppSec #Cybersecurity
portswigger.net/web-security...
Now it’s even easier to:
✅ Uncover unlinked or forgotten resources
✅ Spot exposed config files, DB dumps, and admin panels
✅ Cut through static and surface real exposure - fast
📎 Try the new experience 👉 pentest-tools.com/website-vuln...
#offensivesecurity #webappsec #vulnerabilityassessment
“API security is about to have its moment.”
In our latest CISO Spotlight, Rick Bohm dives into:
- Humanizing security through storytelling
- Why APIs are the weakest link
- What tomorrow’s CISOs need to succeed
📖 Read: lab.wallarm.com/ciso-spotlig...
#APIsecurity #CyberSecurity #WebAppSec
According to LinkedIn I've been working in/on Open Source for 11 years. I suspect that's on the low side, between ZAP and OWASP, but whatever.
#DAST #AppSec #WebAppSec
Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
📖 Read more: www.helpnetsecurity.com/2025/04/25/r...
#cybersecurity #cybersecuritynews #Ruby #WebAppSec
I've just had a minor #GitHub issue in @zaproxy.org #ZAP #zaproxy progress from issue opened to PR in 4 hours followed immediately by release of the fix. Amazing work, made possible by @checkmarxzero.bsky.social support for the project. #infosec #Pentesting #WebAppSec #AppSec
Big thanks to
@psiinon.bsky.social @kingthorin.bsky.social and all
@zaproxy.org contribs for your work on #ZAP #zaproxy. Amazing #infosec #Pentesting tool. Huge thanks to @checkmarxzero.bsky.social & @crashappsec.bsky.social for supporting this important project. #WebAppSec #AppSec
The @zaproxy.org team did some stuff in March 😎 You can get the details here:
www.zaproxy.org/blog/2025-04...
#DAST #AppSec #WebAppSec #DevSecOps
11/ #Cybersecurity #InfoSec #Vulnerability #Ransomware #Malware #npm #Firefox #Pegasus #SolarInverters #DataBreach #ThreatIntel #CyberThreats #SecurityNews #WebAppSec #ZeroDay #PatchManagement #infostealer #blacklock #crushftp #mamont
📰 ZAP ⚡ release 2.16.1 just landed: www.zaproxy.org/blog/2025-03...
#AppSec #WebAppSec #BugBountyTips #PenTest #DevSecOps
Giant set of #zaproxy add-on releases this morning. Including many fixes and improvements.
#DAST #AppSec #DevSecOps #WebAppSec #RedTeam #WebAppSec
#WednesdayWin I had a PR merged this morning which means none of ZAP's core scan rules (active and passive) no longer use CWE-200 which is not supposed to be mapped 🥳🎉
#AppSec #WebAppSec #standards #DevSecOps #PenTest #Redteam #PurpleTeam
How have you WON this week?!?!
According to my VM update this morning @zaproxy.org y 2.16.0 is now available on @kalilinux.bsky.social nux
#DAST #PenTest #WebAppSec #AppSec #RedTeam #PurpleTeam
We’ve just released @zaproxy.org 2.16!!
#DAST #DevSecOps #AppSec #WebAppSec #PurpleTeam #PenTest #Pentesting
www.zaproxy.org/blog/2025-01...
Get the latest on @zaproxy.bsky.social's future from @psiinon.bsky.social & Ori Bendet via SC Magazine and Application Security Weekly podcast
#AppSec #WebAppSec #DAST #PenTesting #DevSecOps #RedTeam
www.scworld.com/podcast-segm...
I'm very excited and proud to announce that I've accepted a position with Checkmarx to work on #DAST full time! 😀
@zaproxy.bsky.social #OpenSource #AppSec #WebAppSec #RedTeam #PenetrationTesting
checkmarx.com/press-releas...
New @zaproxy community tip provided by yours truly (hit the GitHub link below).
#zaproxy #DAST #AppSec #WebAppSec
github.com/zaproxy/comm...
Recent #OpenSource work:
- datafaker 2.2.0 release
- ZAP new default Replacer Rules (Block CSP reports and prevent caching)
- ZAP new default History Tags
- ZAP logging views for the core API
- Prep work for ZAP's 2.15 release #soon
github.com/sponsors/kin...
#AppSec #WebAppSec
Did you know @OWASP has a directory of vulnerable web apps that you can test your skills and new ideas on?
#AppSec #WebAppSec #PenTest #BugBOuntyTips #OWASP
owasp.org/vwad
Do I know anyone that's attending AppSec Days Pacific Northwest Conference??
www.appsecpnw.org
twitter.com/appsecpnw
#AppSec #WebAppSec #Canda #BritishColumbia
Чи безпечно користуватися Telegram та чи повʼязаний він з ФСБ і ГРУ РФ?
#telegram #cybersecurity #infosecurity #ukraine #boycottrussia #ukrainerussiawar #infosec #infosecurity #nationalsecurity #security #messengers #securemessengers #apss #webappsec
spadok.org.ua/tekhnologiyi...
30 Tips on how to use OSINT for bug hunting
👇Check below👇
#OSINT #privacy #security #cybersec #infosec #penetrationtesting #Bughunting #webappsec #websec #hacking
Check the post in our telegram channel.
t.me/osintambitio...
Vulnversity - I have just completed this room! Check it out: https://tryhackme.com/room/vulnversity #tryhackme #recon #privesc #webappsec #video #vulnversity via @realtryhackme
Many thanks to @AsharasInABox for the systemctl tip
Note to self - read the MAN page(s)
