skip to Main Content

Guest Blog: Breaking Bugcrowd’s Captcha by Pwndizzle

Check our his profile here: https://bugcrowd.com/pwndizzle Blog: http://pwndizzle.blogspot.com Twitter: @pwndizzle Introduction A while back Bugcrowd started a bounty for the main Bugcrowd site. While flicking through the site looking for issues I noticed they were using a pretty basic CAPTCHA. In certain sections…

Read More

Authentication Bypass

BY PAMELA O'SHEA, POSHEA [AT] RANDOMKEYSTROKES.COM When performing a penetration test of an application, tests against the authentication mechanism are always an important check. While a standard authentication mechanism may be used, it can often be implemented incorrectly or misunderstood.…

Read More
Back To Top