wow. this is such an interesting perspective. hadn't thought so deeply about my 'shower thought'. This expands my horizon. Might put this into the update.
When I was thinking about it, the fleeting thought was majorly about the 'newness effect' which isn't related to a subjective liking of something but is pervasive across everything, whether it be tech, music, movies etc.
A friend said KubeCon "isn't the same anymore." I asked what got worse. They couldn't answer. Turns out there's a name for this.
Three names, actually:
1. Hedonic Adaptation : Brain's inbuilt boredom machine
2. Rosy Retrospection : Your Memory is a Highlight Reel
3. Declinism : The "Kids These Days" Bias
I found an Insecure Direct Object Reference(IDOR0 security issue that led to leaking GST challans (receipts) of all the 11.8M registered taxpayers. Here's the full story alongwith a video PoC.
Note: No personal data was ever shared or harvested. This was responsibly disclosed to the authorities through proper channels and only after the disclosure timeline (120 days) was it published in the online media.
This is my first attempt at recreating a bug from its test case, feedback is highly appreciated.
RCE in git
By cloning a repo - 'git clone --recursive <git_repo>' , your machine could be compromised.
Works on MacOS and Windows
Fix - Upgrade git
Technical walkthrough and how you can reproduce it
In this blog we will see a step-by-step guide of what goes behind a successful pentest. This not only includes the technical aspects but also the business and legal aspects of it.
If you’re tasked with the responsibility for getting your organisation's app or website's pentest done, this blog would definitely help you navigate the waters easily.
Thanks for sharing this.
reply