Cure53

@cure53berlin

And there is fire where we walk. they/them

Vrijeme pridruživanja: kolovoz 2014.

Tweetovi

Blokirali ste korisnika/cu @cure53berlin

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @cure53berlin

  1. Prikvačeni tweet
    16. lis 2019.

    “Study the Great Nation" Mobile Application: Cure53 Analysis FAQ: Not all of the news articles out there reflect accurately what our report says. Please check the FAQ and let us know if anything else is unclear.

    Prikaži ovu nit
    Poništi
  2. prije 17 sati

    DOMPurify 2.0.8 has been released: Please update asap in case you use jQuery 3.x and SAFE_FOR_JQUERY.

    Prikaži ovu nit
    Poništi
  3. 1. velj

    Monday we will release DOMPurify 2.0.8 to fix a problem with SAFE_FOR_JQUERY and jQuery 3.x. If you don't use the SAFE_FOR_JQUERY combined with jQuery 3.x all is fine. If you do, please upgrade. 🙇‍♀️

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    31. sij

    Getting started with cryptographic protocol analysis is now easier than ever! Check out our new 17-minute video tutorial, now on YouTube – it covers Verifpal’s language, how to use Verifpal to verify post-compromise secrecy in Signal, and more:

    Poništi
  5. proslijedio/la je Tweet
    27. sij

    We've added 11 new XSS labs, with learning materials. There is new content on CSP, dangling markup injection, and escaping the AngularJS sandbox.

    Poništi
  6. proslijedio/la je Tweet
    27. sij

    We just concluded an audit of our crypto by with - including formal verification of the protocol using ! Here is the short rundown:

    Poništi
  7. 19. sij
    Poništi
  8. proslijedio/la je Tweet
    31. pro 2019.

    Microsoft Edge (And Internet Explorer) is the only browser that allows running JavaScript from a <script> without the end tag <script async src=data:,alert(1)>

    Poništi
  9. 23. pro 2019.

    This was one exciting project, and here is the direct link to the pentest report :)

    Poništi
  10. 19. pro 2019.

    Like what DOMPurify does to nasty markup from hell? Want to give something back and contribute? Turns out you can now sponsor the project :)

    Poništi
  11. proslijedio/la je Tweet
    17. pro 2019.

    In our latest open source spotlight, Mario Heiderich, the creator of talks about the need for sanitizer libraries, the importance of security for HTML and keeping the features minimal.

    Poništi
  12. 10. pro 2019.

    You can find a copy of the PDF here:

    Prikaži ovu nit
    Poništi
  13. 10. pro 2019.

    We had a look at libssh-0.9.0 in September 2019, check out the report. And thanks for sponsoring this 😀

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    29. stu 2019.

    My first blogpost at is online: REST path traversal to admin privileges on

    Poništi
  15. proslijedio/la je Tweet
    27. stu 2019.

    Remember the mXSS via </p> or </br> I reported? Turns out that Chrome is correct according to spec. Spec bug is submitted here:

    Poništi
  16. proslijedio/la je Tweet

    As we solve real-world privacy challenges, we're proud to share our learnings with the crypto community. Daniel Huigens and Aron Wussler from Team Proton recently spoke at the Global App Sec conference. Thanks to for the invite!

    Poništi
  17. proslijedio/la je Tweet
    18. stu 2019.

    Most awaiting offensive web security training by Dr.-Ing. Mario Heiderich (). Exploit the un-exploitable with unique payloads. Before it is too late secure your seat for Dr.-Ing. Mario Heiderich () training. More details are here

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    4. stu 2019.

    Nach Veröffentlichung seines Artikels „ identification for the judicious analyst“ wurde unser Analyst Karsten Hahn () als Speaker für die ausgewählt. Im Blog hat er seine Eindrücke der Konferenz zusammengefasst:

    Poništi
  19. 29. lis 2019.

    Enjoy our dear leader's least informative, completely value-free and frighteningly pointless keynote. One full hour, honestly best spent on something completely different.

    Poništi
  20. 21. lis 2019.

    DOMPurify 2.0.7 was released today to address several mXSS variations that were spotted during an internal audit from You can find the release here:

    Poništi
  21. 16. lis 2019.

    Articles like this (and several others) dramatically misrepresent what our report for OTF contains and what OTF expressed in their write-up. Regarding topics such as the alleged "backdoor" and alike, please refer to the original report or the FAQ.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·