Archive 2023 Update: 10 years of Internetwache.org Apr 15 2023 2018 Scanning the Alexa Top 1M for .DS_Store files Mar 12 2018 2017 in retroperspective / outlook on 2018 Jan 08 2018 2017 Certificate Transparency as a source for subdomains Dec 14 2017 Looking back on 2016 / Outlook on 2017 Jan 01 2017 2016 Analysis of a cryptomining malware or why clicking on folder icons can be dangerous Sep 09 2016 How we pwned your ICS or why you should not put your HMI on the internet Aug 18 2016 Going to Troopers 2016 Apr 04 2016 Internetwache CTF 2016 review Mar 01 2016 Going to the Security Analyst Summit #TheSAS2016 Feb 27 2016 CVE-2016-1926 - XSS in the Greenbone Security Assistant Jan 20 2016 Insomni’hack Teaser CTF 2016 - Smartcat2 writeup Jan 18 2016 Looking back at 2015 Jan 04 2016 2015 School CTF 2015 Writeups Nov 06 2015 Disassembling another spam mail Nov 01 2015 Ekoparty CTF 2015 - Writeups Oct 24 2015 Hacklu CTF 2015 Writeups Oct 22 2015 Contributing security tools to the AUR Oct 18 2015 Don’t publicly expose .git or how we downloaded your website’s sourcecode - An analysis of Alexa’s 1M Jul 28 2015 Scanning Alexa’s Top 1M for AXFR Mar 29 2015 Interesting CSRF bypass Feb 22 2015 2014 in review Jan 18 2015 Day 3 + Day 4 at the #31C3 Jan 04 2015 2014 Day 2 at the #31c3 Dec 29 2014 Day 1 at the #31c3 Dec 27 2014 XSS in Skype’s videomail API Dec 06 2014 Apostrophe encoding and XSS in modern browsers Nov 30 2014 RCE on attack-secure.com Nov 05 2014 Bad coding style can lead to XSS in Ruby on Rails Oct 14 2014 A tale of two SQLis at Avira Oct 02 2014 Review of the last months Sep 22 2014 Facebook fixes minor issues May 02 2014 Bug Bounty: Digitalocean fixes multiple CSRF vulnerabilities Mar 12 2014 Rejected CSRF at facebook.com Feb 10 2014 2013 PayPal fixes a path traversal vulnerability Sep 18 2013 Bayernspd.de fixes multiple SQL Injection flaws Aug 27 2013 Google fixes SQL Injection vulnerability Aug 11 2013 Looking for a 7 chars XSS on doubleclick.net Jun 16 2013 Spiegel.de fixes XSS vulnerability Jun 15 2013 Tuenti.com fixes a XSS vulnerability Jun 08 2013 XSS on dict.cc fixed Jun 03 2013 Ifixit.com fixes csrf vulnerability May 25 2013 Zynga fixes a XSS vulnerability May 12 2013 Two findings at lastpass.com May 05 2013 Top service and fast fixes at uberspace.de Apr 28 2013 (Un)thankful fix by adobe - Update Apr 21 2013 Tedi discount fixes some XSS issues Apr 14 2013 Dedicated abload.de team fixes some security issues Apr 07 2013 Paypal running wordpress 2.3.3 - Bug Bounty #1 Mar 31 2013 Meraki Bugbounty - Simple XSS Mar 23 2013 Spam in combination with phishing and exploiting Mar 13 2013 Pwning a paypal phishing site Mar 11 2013 Jochen Schweizer fixed security issues Mar 10 2013 Zeit.de fixes some security issues Feb 24 2013 Multiple XSS vulnerabilites fixed in a City-CMS Feb 08 2013 TeleTrust sidesteps a local file inclusion Feb 03 2013 Heise fixes XSS vulnerabilities Jan 27 2013 Handelsblatt fixes multiple security issues Jan 13 2013 Greenpeace fixes SQL Injection Jan 04 2013 2012 Focus fixes a SQL Injection vulnerability Dec 09 2012 XSS fixed by Ebay Nov 12 2012 CyberghostVPN fixes multiple XSS flaws Nov 02 2012 DHL fixes multiple XSSes Oct 21 2012 Federal court of justice Germany closes SQL injection Oct 10 2012 German bank Sparkasse liquidates security issues Sep 27 2012 Critical vulnerabilities fixed by Neckermann Sep 20 2012 Vulnerabilites fixed by Simyo Sep 16 2012 ARD fixes multiple XSS flaws Sep 12 2012 ZDF fixes some XSS holes Sep 12 2012 German ISP Telekom fixes security vulnerabilites Sep 05 2012 RTL fixes SQL Injection Sep 01 2012 N24 fixes multiple vulnerabilties Aug 29 2012 KiKa fixes one XSS Aug 26 2012 Gameforge closes security holes in KingsAge Aug 24 2012 Videoworld fixes a persistent cross site scripting issue Jul 30 2012 Lidl fixes a XSS vulnerability Jul 28 2012
Don’t publicly expose .git or how we downloaded your website’s sourcecode - An analysis of Alexa’s 1M Jul 28 2015
