BBJP_Podcast #14

【Episode 14】Speakersmorioka12 (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@scgajge12⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)mokusou (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@Mokusou4⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)RyotaK (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@ryotkak⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)Summary (Linkのみ)[大テーマ] 最近の取り組みについてBurp Suite Extension "Autorize" - https://github.com/Quitten/Autorize/Web Security Auditing Toolkit "Caido" - https://caido.io/Caido Plugin "CaidoReflector" - https://github.com/bebiksior/CaidoReflectorCaido Plugin "ui-kit" - https://x.com/caidoio/status/1904542918641160441Caido Plugin "devtools" - https://github.com/caido-community/devtoolsCaido Plugin "ParamFinder" - https://github.com/bebiksior/ParamFinderCaido Plugin "Shift" - https://shiftplugin.com/HTTPS Proxy "mitmproxy" - https://mitmproxy.org/ - https://github.com/mitmproxy/mitmproxySECCON CTF 13 Finals "not-that-short Challenge": creator RyotaK - https://x.com/ryotkak/status/1897299540598006249Critical Thinking - Bug Bounty Podcast "Ep 115": guest mokusou - https://youtu.be/zELFGXP6oeAP3NFST 2025 Winter "開催レポート" - https://issuehunt.jp/events/2025/winter/news/thanksP3NFEST 2025 Winte "コードから探す脆弱性": by RyotaK - https://ryotak.net/slides/?id=1セキュリティ診断AIエージェント "Takumi" - https://flatt.tech/takumiCVE-2025-29768 "potential data loss with zip.vim and special crafted zip files" - https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmfCVE-2025-27423 "potential code execution with tar.vim and special crafted tar files" - https://github.com/vim/vim/security/advisories/GHSA-wfmf-8626-q3r3語学アプリ "Duolingo" - https://www.duolingo.com/P3NFEST 2025 Winte "実践的なバグバウンティ入門(2025年版)" - https://speakerdeck.com/scgajge12/shi-jian-de-nabagubaunteiru-men-2025nian-banセキュリティ若手の会 "第2回 LT&交流会 開催記ブログ" - https://zenn.dev/sec_wakate/articles/3891a59ab0b4fb[中テーマ] トレンドの出来事や脆弱性についてなどCVE-2025-29927 "Authorization Bypass in Next.js Middleware" - https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffwNext.js and the corrupt middleware: the authorizing artifact - https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middlewareOne PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild - https://lab.wallarm.com/one-put-request-to-own-tomcat-cve-2025-24813-rce-is-in-the-wild/IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX - https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilitiesHackerOne "Hai" - https://x.com/jobertabma/status/1904947501649830366Bug Bounty Village CFP - https://x.com/BugBountyDEFCON/status/1902853396257710489[Q&A] なしWeb Page⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bugbountyjppodcast.notion.site/Bug-Bounty-JP-Podcast-8bf1080383a54c4a8848f10bfeb874b3?pvs=4⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Survery⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://forms.gle/wkr2jkc3m9o8NhPk7⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠BBJP_Podcast で話して欲しいテーマや聞きたいことなどを Google Form で募集しています。感想も X(Twitter)でハッシュタグ「#BBJP_Podcast」や Google Formでいただけると嬉しいです。

There are no comments yet.

Please log in to write the first comment.