The /r/netsec Monthly Discussion Thread - October 2020 Security News & Discussion

---

• The /r/netsec Monthly Discussion Thread - October 2020
• GitHub code scanning is now available
• Our new podcast on information security, Security Explained, hopes to provide security guidance to the non-technical and non-security-professionals. Let us know what you think!
• constant-time-js - Constant-Time Algorithms implemented in TypeScript
• Part 2 of my writeup: Exploiting fine-grained AWS IAM permissions for total cloud compromise: a real world example - @securfreakazoid
• Offensive Terraform Modules - Automated multi step offensive attack modules with Infra as Code
• CertAlert - A tool to monitor SSL/TLS certs
• Forcing Firefox to Execute XSS Payloads during 302 Redirects

The /r/netsec Monthly Discussion Thread - October 2020 Posted: 30 Sep 2020 09:36 PM PDT Overview Questions regarding netsec and discussion related directly to netsec are welcome here. Rules & Guidelines Always maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary. Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely. If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely. Avoid use of memes. If you have something to say, say it with real words. All discussions and questions should directly relate to netsec. No tech support is to be requested or provided on /r/netsec. As always, the content & discussion guidelines should also be observed on /r/netsec. Feedback Feedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox. submitted by /u/AutoModerator [link] [comments]

GitHub code scanning is now available Posted: 01 Oct 2020 01:32 AM PDT submitted by /u/0xdea [link] [comments]

Our new podcast on information security, Security Explained, hopes to provide security guidance to the non-technical and non-security-professionals. Let us know what you think! Posted: 01 Oct 2020 11:04 AM PDT submitted by /u/but_im_made_of_lava [link] [comments]

constant-time-js - Constant-Time Algorithms implemented in TypeScript Posted: 01 Oct 2020 11:33 AM PDT submitted by /u/Soatok [link] [comments]

Part 2 of my writeup: Exploiting fine-grained AWS IAM permissions for total cloud compromise: a real world example - @securfreakazoid Posted: 01 Oct 2020 11:09 AM PDT submitted by /u/securfreakazoid [link] [comments]

Offensive Terraform Modules - Automated multi step offensive attack modules with Infra as Code Posted: 01 Oct 2020 05:28 AM PDT submitted by /u/clintgibler [link] [comments]

CertAlert - A tool to monitor SSL/TLS certs Posted: 30 Sep 2020 03:47 PM PDT submitted by /u/nz_kereru [link] [comments]

Forcing Firefox to Execute XSS Payloads during 302 Redirects Posted: 30 Sep 2020 03:50 PM PDT submitted by /u/movr0spblxr2 [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States