TrustFoundry

At TrustFoundry, we are always looking to challenge each other! Recently, we started doing code review challenges in our weekly meetings! Can you spot the bug? Find out more information here: https://lnkd.in/dFDDkk5v Shoutout to Josiah Pierce for creating this!

PortSwigger's recent introduction of AI functionality in BurpSuite has certainly turned heads. But do you really want AI predicting and generating payloads for you? In this article, we dive into the pros and cons of this new feature. ?? Spoiler Alert: Shadow Repeater could find some unique encodings you may have missed, but may also DROP you in hot water. ?? A huge shoutout to?Toby J.?for this insightful research! https://lnkd.in/dhUCchrF

? Intigriti's January Challenge is over! ? 68 hackers found the correct solution ?? 13 hackers wrote a cool writeup ?? First blood went to drbrix, and our 3 raffle winners are Kévin Gervot, Abdul Haq and invisiblemeerkat ?? This month's challenge featured URL parsing discrepancies, path traversal and XSS ?? Here are the community writeups ?? 1?? https://lnkd.in/eHSWhYFG (Joren Verheyen) 2?? https://lnkd.in/ezcDfe8g (excile) 3?? https://lnkd.in/e_zkber2 (cedricm) 4?? https://lnkd.in/eGwxMZHB (Francesco Verardi) 5?? https://lnkd.in/eiAi-49q (Abdul Haq) 6?? https://lnkd.in/evQYy68B (Abhinav Kumar) 7?? https://lnkd.in/epkdFzdB (b0ffm4n) 8?? https://lnkd.in/eStTrWJg (silverpoison) 9?? https://lnkd.in/eDF6XvsA (Sebastiano Sartor) ?? https://lnkd.in/ewMWaZNx (phlm0x) ?? https://lnkd.in/e3ywNXb5 (Kabilan S) ?? https://lnkd.in/eqW-9PX4 (siss3l) ?? https://lnkd.in/eKuzWYqg (zimzi) Thanks again to the challenge creator; Godson Bastin from TrustFoundry ?? #intigriti #hackwithintigriti #CTF #capturetheflag #websecurity #bugbounty #pentesting #ethicalhacking #cybersecurity #infosec

???? Exploring the World of JIT Vulnerabilities in JavaScript Engines! Are you curious about the inner workings of Just-In-Time (JIT) compilation and how it can lead to vulnerabilities in JavaScript engines? ?? Check out "A Mere Mortal’s Introduction to JIT Vulnerabilities in JavaScript Engines", an insightful blog post by Josiah Pierce. This article breaks down complex concepts into simple terms, making it perfect for anyone looking to dive into JIT vulnerabilities. ?? Read it here: https://lnkd.in/dyHhiCUZ #CyberSecurity #JavaScript #JIT #Hacking #AppSec

Our Consultant Godson Bastin has recently created a challenge for the Intigriti January series! The first blood will will win a €100 swag voucher! Find the challenge here: https://lnkd.in/dXzzZhKM

Election interference has been a hot topic in the news lately, raising critical questions about the integrity of voting systems. Could blockchain technology be the answer to safeguarding elections? In this article, our Director of Consulting, Alexander Archondakis, explores the potential of blockchain to prevent election interference, along with some challenges that come with it. https://lnkd.in/dwxbYNH3

?? Found AWS temporary credentials? What next? During a recent engagement, our Director of Consulting, Alexander Archondakis, discovered AWS temporary credentials and created a blog post about what to do next! https://lnkd.in/dKp2jFcW

? New on our blog! ? Our founder & principal consultant, Alex Lauerman, recently delved into threat modeling during an engagement and noticed a significant gap—there’s not a lot of clear, practical information out there about confidential computing. Inspired by this, Alex wrote an article to bridge that gap! ?? Read the full guide here: https://lnkd.in/dyJJjNx3

The day is wrapping up with our Director of Consulting Alexander Archondakis talking about bypassing anti-automation controls!

Today we are at B-sides Vienna, kicking off the day learning about hacking LLMs