Web security news and views. The latest on bug bounty programs, technical research, hacking tools, and more. DMs open for tips.
Joined July 2017
- Tweets 6,933
- Following 390
- Followers 10,959
- Likes 838
137 Photos and videos
Pinned Tweet
2 Mar 2023
We’re going teetotal: PortSwigger announces the closure of The Daily Swig
portswigger.net/daily-swig/w…
22
27
115
57,188
28 Feb 2023
This month’s #BugBountyRadar: Fresh targets from Grindr and Miro, infosec drama with XSS Hunter’s new host, and Belgium rolls out the red carpet for ethical hackers
portswigger.net/daily-swig/b…
1
6
2,368
28 Feb 2023
Attackers could have created counterfeit driving licenses by exploiting a vulnerability – now patched – in the website of India’s road transport ministry (credit @_RobinJustin_)
portswigger.net/daily-swig/i…
2
6
2,831
27 Feb 2023
Password managers part II: The Daily Swig looks at enterprise-grade tech capable of managing login credentials, encryption keys, API tokens and more
portswigger.net/daily-swig/a…
2
3
1,349
27 Feb 2023
Chromium bug allowed SameSite cookie bypass on Android devices
portswigger.net/daily-swig/c…
5
6
1,278
25 Feb 2023
‘Standard web app security tests result in false negatives for web APIs’ – @hAPI_hacker on the need for bespoke defenses against increasingly popular attacks portswigger.net/daily-swig/m…
2
11
2,000
24 Feb 2023
Deserialized web security roundup: Twitter 2FA backlash, GoDaddy attack campaign, and XSS Hunter adds e2e encryption
portswigger.net/daily-swig/d…
3
3
852
23 Feb 2023
The US National Institute of Standards and Technology is planning a major reform of its Cybersecurity Framework, an authoritative guideline on managing cybersecurity risk
portswigger.net/daily-swig/n…
3
3
888
22 Feb 2023
Maintainers of new XSS Hunter fork add end-to-end encryption following backlash over privacy fears portswigger.net/daily-swig/n…
1
7
1,063
22 Feb 2023
A flaw in ClamAV anti-malware software has resulted in a vulnerability in Cisco security products
portswigger.net/daily-swig/c…
1
1
1
799
21 Feb 2023
Weaknesses in the CVSS system have been highlighted through new research, with existing metrics blamed for 'overhyping' vulnerabilities
portswigger.net/daily-swig/c…
3
2
847
20 Feb 2023
API security expert Corey J Ball (@hAPI_hacker) on how to ‘arm the testers, and help prevent that next API-related data breach’
portswigger.net/daily-swig/m…
5
21
5,211
18 Feb 2023
Belgium will protect ethical hackers under a nationwide safe harbor framework announced this week portswigger.net/daily-swig/b…
2
6
1,090
17 Feb 2023
A HTTP request smuggling bug has been patched in HAProxy
portswigger.net/daily-swig/h…
4
6
1,065
15 Feb 2023
Belgium launches Europe’s first nationwide safe harbor for ethical hackers
portswigger.net/daily-swig/b…
14
35
9,316
15 Feb 2023
Although Apache Kafka software has not transformed into a giant insect, it has spawned a serious security bug
portswigger.net/daily-swig/r…
3
7
1,611
14 Feb 2023
Part one of our two-part series looks at the security pros and cons of consumer-focused password managers and what they can offer users
portswigger.net/daily-swig/p…
1
2
770
10 Feb 2023
Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack
portswigger.net/daily-swig/d…
3
3
685
10 Feb 2023
Research into chaining OAuth flaws tops annual @PortSwigger web hacking list for 2022 (kudos @fransrosen)
portswigger.net/daily-swig/o…
1
15
39
8,525
10 Feb 2023
Zero-day XSS bugs impacting four enterprise management platforms uncovered by @rapid7
portswigger.net/daily-swig/r…
1
3
680