Outpost24’s Capture the Flag event recap: “json returns”
Application Security
31 Jan 2025
On the crisp morning of December 13th, 2024, as the clock struck 09:59 CET, anticipation filled the air. Around the...
press release
Five strategies for uncovering vulnerabilities in web applications
Application Security
19 Nov 2024
I’ve been working as an Application Security Auditor in Oupost24’s web application security testing team for almost three years now....
press release
Exploiting trust: Weaponizing permissive CORS configurations
Application Security
01 Oct 2024
If you’re a pentester, or a consumer of application security pentest reports, you’ll probably have come across Cross-Origin Resource Sharing...
CSRF simplified: A no-nonsense guide to Cross-Site Request Forgery
Application Security
13 Aug 2024
Cross-Site Request Forgery (CSRF) is a serious web security vulnerability that allows attackers to exploit active sessions of targeted users...
Cross-site scripting vulnerability found in Oracle Integration Cloud 
Application Security
24 Jul 2024
In November 2023, while conducting a security assessment on a client’s instance of the Oracle Integration Cloud Platform, I discovered...