Inon Shkedy – Medium

Inon Shkedy

Pinned

A Deep Dive On The Most Critical API Vulnerability — BOLA

Intro

Nov 5, 2019

A Deep Dive On The Most Critical API Vulnerability — BOLA

Nov 5, 2019

OWASP API Top 10 for Dummies — Part #2

Welcome back to our blog series on the OWASP API Top 10! This is continued from Part I. If you haven’t read the first part, check it out…

Nov 27, 2022

OWASP API Top 10 for Dummies — Part #2

Nov 27, 2022

Get an email whenever Inon Shkedy publishes.

By signing up, you will create a Medium account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.

Medium sent you an email at to complete your subscription.

OWASP API Top 10 for Dummies — Part #1

Introduction

Nov 27, 2022

OWASP API Top 10 for Dummies — Part #1

Nov 27, 2022

Log4Shell — Simple Techincal Explanation of the Exploit

Last week’s Log4Shell vulnerability is a dramatic example of how modern applications, interconnected services and pervasive APIs can…

Dec 17, 2021

Log4Shell — Simple Techincal Explanation of the Exploit

Dec 17, 2021

Hacking your mind — Mindfulness Journey from a hacker perspective

Intro

Sep 23, 2021

Hacking your mind — Mindfulness Journey from a hacker perspective

Sep 23, 2021

31 Tips — Advanced Bug Bounty & Pentesting

To welcome Blackhat & Defcon conferences, we published a daily tip on Bug Bounty & AppSec during the month of July 2021.

Aug 23, 2021

31 Tips — Advanced Bug Bounty & Pentesting

Aug 23, 2021

Behind the Scenes of SAST — The Challenges of Code Scanning

I love the idea behind Static Application Security Testing (SAST) tools — they aim to create a utopian world clean from application…

Apr 19, 2021

Behind the Scenes of SAST — The Challenges of Code Scanning

Apr 19, 2021

Behind the Scenes of DAST — How do Security Scanners Work ?

The idea behind Dynamic Applications Security Testing (DAST) is pretty clever — a tool that simulates a human penetration tester. With the…

Mar 16, 2021

Behind the Scenes of DAST — How do Security Scanners Work ?

Mar 16, 2021

Modern Application Security — Good and Bad News

This is the second article in a 2-part blog series. In the previous article, we talked about the major changes in application development…

Aug 26, 2020

Modern Application Security — Good and Bad News

Aug 26, 2020

Modern Application Security — What are Modern Applications?

What are Modern Applications?

Aug 26, 2020

Modern Application Security — What are Modern Applications?

Aug 26, 2020

Published in
InfoSec Write-ups

31 Tips — API Security & Pentesting

To welcome the new year, we published a daily tip on API Security during the month of January 2020.

Feb 4, 2020

31 Tips — API Security & Pentesting

Feb 4, 2020

Published in
Salt Security

What Moving To the Bay Area Taught Me About Loving My Pentesting Tools

Let’s talk for a moment about love, relationships and commitment…

Dec 6, 2018

What Moving To the Bay Area Taught Me About Loving My Pentesting Tools

Dec 6, 2018

Published in
Salt Security

API Protection — What You Need To Know In The New API Economy

Technology is constantly evolving. We’ve seen this in recent years in the way applications are developed (e.g. CI/CD), delivered (e.g…

Nov 14, 2018

API Protection — What You Need To Know In The New API Economy

Nov 14, 2018

Studying APK reverse engineering by breaking the anonymity of BlindSpot app

BlindSpot is an Israeli app that provides anonymous chat features, and was founded by Dor Refaeli (Bar Refaeli’s brother)

Jan 8, 2018

Studying APK reverse engineering by breaking the anonymity of BlindSpot app

Jan 8, 2018

Export Injection

This article will talk about a new server side vulnerability that I discovered in the PDF export process. Many servers are still…

Jan 4, 2018

Export Injection

Jan 4, 2018

Inon Shkedy

Inon Shkedy

I love to learn, build and break things. Head of Security Research @ Traceable.ai

Following

Help
Status
About
Careers
Press
Blog
Privacy
Rules
Terms
Text to speech