Himanshu Anand
#security
#webhooks
#threathunting
#bugbounty
Practical guide for hunters and defenders: hunting webhooks, detection, PoC examples and mitigations.
#security
#phishing
#typosquatting
#punycode
#nodejs
#supply-chain
A 2-minute browser game to practice spotting typosquatted domains numbers for letters, Unicode homoglyphs and Punycode.
#security
#llm
#appsec
#blue team
LLM generated code can ships demo logic with security issues not defenses. Here is a real world example and how it could be abused.
#security
#secure code review
#libpng
#CVE-2014-9495
#learning
#bug hunting
A beginner’s journey into secure code review, and how I accidentally rediscovered an 11-year-old vulnerability in libpng.