Auditing GitLab: Public Gitlab Projects on Internal Networks
A great place that can sometimes be overlooked on an internal penetration test are the secrets hidden in plain sight. That is, a place where no authentication is required in […]
audit
When Infosec and Weed Collide: Handling Administrative Actions Safely
BB King//* The state of Ohio recently validated a webapp pentest finding that sometimes goes overlooked. It relates to the details of administrative functions, how they can be abused, and […]