WELCOME TO 7SEAS
REWIRE HOW YOU PENTEST APPLICATIONS
OUR MISSION
We test all things appsec, from web applications and APIs of all types, to mobile applications, to thick clients, to even applications leveraging Generative AI. There's some great content available, especially with the surge of awesome creators in the bug bounty space. However, when it comes to some of my favorite vulnerability classes, like business logic flaws or authorization/authentication issues, I felt like after discovering tons of intricate vulnerabilities over the years that I could provide some good content to the InfoSec community around these issues.
The main goal with our content is to cause a systemic change in how you look at applications. This should be the goal of any web app hacking series, really. With that being said, we wanted to take a different approach by tackling appsec/pentesting from a more holistic perspective.
Portswigger’s Web Security Academy Series
Our goal with this first series of hopefully many is to take a deep dive reviewing application functionality with a focus on breaking down discovery methodology.
When learning about the “how” and “why” of vulnerabilities like XSS, SQLi, SSTI, etc. sometimes the discovery methodology, especially from a greybox and blackbox perspective, may not be as clear to those learning how to comprehensively test web applications. I thought it'd be interesting if we took a look at this aspect and broke it down using Portswigger’s Web Security Academy!
We have a lot more in store that we want to put out there, so we hope you stay tuned!
FEEDBACK OR QUESTIONS?
Contact Us - tel: (888) 789-1890 | email: support@7seas-sec.com
WELCOME TO 7SEAS
REWIRE HOW YOU PENTEST APPLICATIONS
OUR MISSION
We test all things appsec, from web applications and APIs of all types, to mobile applications, to thick clients, to even applications leveraging Generative AI. There's some great content available, especially with the surge of awesome creators in the bug bounty space.
However, when it comes to some of my favorite vulnerability classes, like business logic flaws or authorization/authentication issues, I felt like after discovering tons of intricate vulnerabilities over the years that I could provide some good content to the InfoSec community around these issues.
The main goal with our content is to cause a systemic change in how you look at applications. This should be the goal of any web app hacking series, really. With that being said, we wanted to take a different approach by tackling appsec/pentesting from a more holistic perspective.
Portswigger’s Web Security Academy Series
Our goal with this first series of hopefully many is to take a deep dive reviewing application functionality with a focus on breaking down discovery methodology.
When learning about the “how” and “why” of vulnerabilities like XSS, SQLi, SSTI, etc. sometimes the discovery methodology, especially from a greybox and blackbox perspective, may not be as clear to those learning how to comprehensively test web applications. I thought it'd be interesting if we took a look at this aspect and broke it down using Portswigger’s Web Security Academy!
We have a lot more in store that we want to put out there, so we hope you stay tuned!
FEEDBACK OR QUESTIONS?
Contact Us - tel: (888) 789-1890 | email: support@7seas-sec.com