#WebSecurity — Search

No JavaScript? That's cool, but you'll need to disable Turbo mode as it uses JavaScript in the client.

Day 75 of my ALX Africa offensive security journey. Security testing isn't about randomly attacking things. It's about understanding how data flows and where trust breaks down. Methodology beats guesswork. Always. 🔒@ALX_Africa@thecybermentor@nahamsec #WebSecurity #infosec

shakquraa @shakquraa · 16m

ffuf just got smarter 🤖⚡ ffufai brings AI into fuzzing — smarter payloads, better endpoint discovery, less noise. Stop guessing. Start targeting. 🎯 🔗 Sourcgithub.com/jthack/ffufaivBV #BugBounty #Infosec #WebSecurity #Recon

GitHub - jthack/ffufai: AI-powered ffuf wrapper

AI-powered ffuf wrapper. Contribute to jthack/ffufai development by creating an account on GitHub.

From github.com

HostEnova @EnovaHost99010 · 4h

🔐 Smart security for your website. ✔ SSL encryption ✔ Threat monitoring ✔ Malware protection Stay secure with Hostenova 🚀 hostenova.comGtM #CyberSecurity #WebSecurity #HostenoxYr

Scan Malware @scanmalware · 11h

🚫 Web Malware Scan Results Website:pucksol.topm Security Verdict: CONFIRMED SCAM Full analysis & details:scanmalware.com/scan/2f45a3d1-…u #InfoSec #WebSecurity #ISO27001

Security Scan: $PUCK - The Woodland Degen

✅ Low Risk - http://pucksol.top/

From scanmalware.com

WordPress & VPS Expert @Farukunsalli · 13h

Security first. 🔒 We’ve successfully updated the SSL certificates across our WordPress infrastructure at WebPred. Faster, safer, and fully encrypted for a better user experience. �� #WordPress #SSL #WebSecurity #WebPreLY

Jeet Mondal @MondalJeet31109 · 17h

Day 21/100 – #100DaysOfTech 🚀 Topic: #CORS -> why it exists & what it protects Key learnings: • A browser security mechanism that restricts cross-origin requests • It protects users, not servers, by preventing unauthorized access from malicious websites #WebSecurity #backend

Aviatrix Threat Research Center @aviatrixtrc · 17h

TRC analysis shows attackers exploiting PolyShell vulnerabilities in Magento to deploy WebRTC-based payment skimmers. The malware establishes peer-to-peer connections for data exfiltration, bypassing CSP controls and traditional detection methods. #WebSecurity #Ecommerce 🔗 Full breakdown:aviatrix.ai/threat-researc…X

Hossam Shady @Hossam__shady · 19h

Spent more than 4 years me and Mr @wadgamaraldeen gathering and preparing full bug bounty methodology that you need to start bug bounty I think You need to look at it , gathered alot of scenarios that can't be inside courses Let's Do it chambray-onion-9d4.notion.site/Methodology-90… #WebSecurity #AppSec #WebAppSecurity #Pentesting #PenTest #RedTeam #Vulnerability #VulnerabilityResearch #ExploitDevelopment #OWASP #OWASPTop10 #XSS #SQLInjection #IDOR #RCE #SSRF #LFI #bugbountytips #bugbounty #SecurityTesting #BugBounty #CyberSecurity #EthicalHacking #InfoSec #HackerOne #Bugcrowd #SecurityResearch #OWASP

Methodology | Notion

Subdomain enumeration

From chambray-onion-9d4.notion.site

156

5.6K

bigmacd @bigmacd16684 · 21h

Replying to @bigmacd16684

Check pub/media/custom_options/ for web shells and focus on updating to the patched release once it's available in production. #cybersecurity #websecurity

CVERiskPilot @cveriskpilot · 23h

If you run Craft CMS, stop scrolling. CVE-2025-32432 is on the CISA KEV — remote code execution, no auth required, actively exploited in the wild. This is not a theoretical risk. Attackers are using it right now. Patch today, not next sprint. #AppSec #WebSecurity

181

Bugv @bugvsecurity · 1d

Understanding the OWASP Top 10 vulnerabilities is essential for every developer and security professional. Read the full guide: buff.ly/HAHLJq8 #OWASP #WebSecurity #CyberSecurity #Bugv #ApplicationSecurity #SecureCoding

OWASP Top 10 Explained With Bugv Examples - Bugv Blog

The most commonly used list of security risks that are considered critical to web applications is the OWASP Top 10. The Open Worldwide Application Security Project updates it periodically according...

From blog.bugv.io

reverseame @reverseame · 1d

SVG clickjacking #SVGClickjacking #WebSecurity #SVGFilters #PixelReading #BrowserVulnerability lyra.horse/blog/2025/12/s…

1.1K

Abdurrahmon @AbdurRahmon244 · 1d

Replying to @AbdurRahmon244

join @hack_ademy today, @Officialwhyte22 #CyberSecurity #EthicalHacking #WebSecurity

Samarth Ahuja @SamarthAhuja9 · 1d

Authentication done wrong is a gift to attackers. #SoftwareEngineering #BackendDevelopment #WebSecurity #Authentication #CyberSecurity #Startups #Founders #BuildInPublic #SaaS

Chandrasekar Rathinam @chandrusecurity · 1d

⚡ Arjun finds hidden HTTP parameters in seconds using smart request chunking. • 🔎 Faster than brute force • 🎯 Perfect for bug bounty Blog Link �hackersmail.com/blog/arjun-the…qr3] #Infosec #Pentesting #WebSecuriKXs

Jay 🙈🙉🙊 @Jay52_TX · 1d

Goodbye innerHTML, Hello setHTML for Stronger XSS Protection || #JavaScript #WebDev #WebSecurity mzl.la/4dCPw67

X CyberSec @xcybersecnews · 2d

🚨 Critical threat for e-commerce sites! A new WebRTC skimmer is bypassing CSP to steal customer payment data. Understand the risks & protect your users. #Cybersecurity #WebSecuritythehackernews.com/2026/03/webrtc…N

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

From thehackernews.com

Hassaan Abubakar @HBaker_40 · 2d

I think @Acurast should make use of this. Security is a massive issue in the web3 space and it would be great for the protocol to do everything it can to ensure proper security is adopted. #cyfrin #depin #websecurity

Patrick Collins @PatrickAlphaC · 2d

The @battlechain testnet is now LIVE. Come enter the ultimate red-team platform. Give us feedback so we can launch mainnet very soon, and fix web3 security.

UK Cheapest @ukcheapestx · 2d

Every domain needs: 🔒 SSL 📧 Email forwarding 🧭 DNS management UK Cheapest has it all-in-one #UKCheapest #FreeTools #WebSecurity

LIndaWP @lindawpsupport · 2d

WordPress powers 43% of all websites — making it the #1 target for hackers. Is your site protected? Here are the security best practices every WP site owner needs in 2026: → wp.co.ke/wordpress-secu… #WordPress #WebSecurity #CyberSecurity #WordPressTips