Research Worth Reading Week 34/2024

Published: 25 Aug 2024

This week again, we publish a list of research worth reading! Make sure you check it out!

❤️ PHRACK IS BACK

The latest issue of Phrack is now available! That should keep you busy for a few days: Phrack #71.

📖 OpenSSH Backdoors

A bit of OpenSSH history and modern days mix in this great article from Ben Hawkes: OpenSSH Backdoors.

🤙 “YOLO” is not a valid hash construction

If you like crypto-attacks like length extensions, you will love this article from the Trail of Bits team: “YOLO” is not a valid hash construction.

🍊 Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

It’s rare to come across some high quality content like this blog post from Orange Tsai on their research into Apache HTTPd: Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

👉 AppSec eZine #549

AppSec eZine is back with issue #549.

Photo of PentesterLab
Written by PentesterLab
The platform to learn web hacking and security code review