4 min readPortSwigger : Exploiting LLM APIs, LLMs typically interact with users via a chat interface, called a prompt, and their inputs are governed by validation rules. Continuer la lecture
3 min readMika discovered and reported this Open Redirection. This could allow a malicious actor to redirect users from one site to the other due to the redirect URL not being validated. Users could be tricked to visiting a legitimate site to then be redirected to a malicious site and cause a phishing incident. This vulnerability has been fixed in version 3.6.4.4. Continuer la lecture
3 min readWe will explain how to use John the Ripper, a tool used to crack passwords, to crack a passphrase of an SSH Private Key with the famous wordlist rockyou.txt. Continuer la lecture
2 min readThe plugin does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks. Continuer la lecture
2 min readReal visitor IPs in Nginx logs when using CloudFlare. Continuer la lecture
2 min readTo improve the security of your server and reduce brute force attacks, it is important to change the default SSH port to 22. Continuer la lecture
2 min readHow to hide the Nginx version? Continuer la lecture
