NIS 2 in brief, security tech hype cycle, Italy’s first ever live Bug Bounty – OffSec roundup for CISOs 2024-09-20 True True Limitations are just an illusion - advanced server-side template exploitation with RCE everywhere 2024-08-27 True True ORM leaks, CSRF is alive, lockpicking lessons – ethical hacker news roundup 2024-08-14 True True Partial SolarWinds reprieve, CrowdStrike lessons, LLM kryptonite – OffSec roundup for CISOs 2024-08-06 True True Dojo challenge #34 winners! 2024-08-05 True True Hack Me I’m Famous #2: Louis Vuitton sets trend with first live hacking event in luxury fashion sector 2024-07-30 True True White-box penetration testing with Xdebug: Debugging for PHP vulnerabilities 2024-07-19 True True Sam Curry modem masterclass, PHP threat to Windows Servers, Calls for AI safety Bug Bounties – ethical hacker news roundup 2024-07-09 True True Apple declines to pay Kaspersky vuln reward, Bug Bounty ‘extortion’ dispute, Microsoft Recall backlash – OffSec roundup for CISOs 2024-07-02 True True Dojo challenge #33 winners! 2024-06-25 True True Dojo challenge #32 winners! 2024-05-17 True True Dojo challenge #31 winners! 2024-04-16 True True Dojo challenge #30 winners! 2024-03-12 True True ‘Adapt payloads to your targets’: Brumens’ Bug Bounty tips for newbies 2024-03-07 True True ‘Be curious, be persistent’: Icare on thriving as a Bug Bounty hunter 2024-03-01 True True Unveiling Dojo v2: Our new CTF and realistic challenge-building framework 2024-02-07 True True 'ROI is easy to justify’: Bug Bounty success story from a luxury goods retailer 2024-02-01 True True DOJO Challenge #28 Winners! 2023-11-14 True True DOJO Challenge #27 Winners! 2023-10-09 True True DOJO Challenge #26 Winners! 2023-09-04 True True DOJO Challenge #25 Winners! 2023-07-27 True True LeHACK recap: hunters push boundaries at YesWeHack Live Bug Bounty with Red Cross and Les Mousquetaires 2023-07-11 True True DOJO CHALLENGE #20 Winners! 2023-06-06 True True DOJO Challenge #23 Winners! 2023-05-15 True True DOJO Challenge #22 Winners! 2023-04-07 True True Server side prototype pollution, how to detect and exploit 2023-02-15 True True DOJO CHALLENGE #21 Winners! 2023-02-14 True True Exploring JavaScript's exploits: A deep dive into XSS vulnerabilities 2022-12-08 True True HTTP Header Exploitation 2022-11-16 True True Back to Decathlon’s Live Bug Bounty 2022-06-15 True True DOJO CHALLENGE #17 Winners! 2022-06-13 True True Getting started with smart contract in Bug Bounty 2022-04-05 True True Getting Started with iOS Penetration Testing (Part 2) 2022-03-18 True True DOJO CHALLENGE #15 Winners! 2022-02-28 True True DOJO CHALLENGE #19 Winners! 2022-02-12 True True Getting Started with iOS Penetration Testing (Part 1) 2022-01-19 True True DOJO CHALLENGE #10 Winners! 2021-05-25 True True File Upload Attacks (Part 1) 2021-05-12 True True DOJO CHALLENGE #9 Winners! 2021-04-26 True True DOJO CHALLENGE #8 Winners! 2021-03-29 True True How to exploit GraphQL endpoint: introspection, query, mutations & tools 2021-03-24 True True DOJO CHALLENGE #7 Winners! 2021-03-12 True True PimpMyBurp #1 – PwnFox + Autorize: The perfect combo to find IDOR 2021-02-03 True True DOJO CHALLENGE #6 Winners! 2020-12-22 True True