Content
@
0 reply
0 recast
2 reactions
Hyperfatfingger
@heapoverflow.eth
What's your perspective on issues caused by improper server configuration? Do you think problems requiring interaction with social engineering, such as missing SPF records, incorrectly configured CORS, reflective XSS, etc., are serious? are you willing to spend time fixing these?
1 reply
0 recast
5 reactions
Lord Dalresin🐝
@dalresin
When I was 13 I created a website for my school. Next day it got hacked by my classmate. That day I learned how important it is to spend as much time as needed to protect your work.
2 replies
0 recast
3 reactions
Hyperfatfingger
@heapoverflow.eth
WOW, I didn't even know what cmd was at 13, and your classmate, and your classmates are also very talented.
1 reply
0 recast
2 reactions
Lord Dalresin🐝
@dalresin
To be fair, it was written in PHP without any framework 😂
1 reply
0 recast
1 reaction
Hyperfatfingger
@heapoverflow.eth
Oh, okay, but it's pretty impressive to be able to write PHP at 13. If you use a framework and it has vulnerabilities, it can also be easily attacked (PHP and JAVA have fed half the hackers on the planet, haha). 😁
1 reply
0 recast
1 reaction
Lord Dalresin🐝
@dalresin
Yeah, that's true, lol. But nowadays, most frameworks are really well-tested. I put my trust in Laravel, to be honest.
1 reply
0 recast
1 reaction
Hyperfatfingger
@heapoverflow.eth
Since PHP 8.0, both language features and frameworks have greatly improved in terms of security, causing some security researchers to switch to JAVA security research (like me). For frameworks like Laravel, we can only wait for a 0day to appear.
1 reply
0 recast
1 reaction