Application Security This Week for July 5

Happy Independence Day for my US readers!

BugCrowd released a really cool looking Burp extension to help find bug bounty items.

https://portswigger.net/bappstore/059343223d094d16a0a8440485bc5c5e

Some guidance I am using right now on a test to bypass file upload filters.

https://stazot.com/boltcms-file-upload-bypass/

Fantastic analysis of the SAML flaw in Palo Alto devices by my friends at TrustedSec.

https://www.trustedsec.com/blog/cve-2020-2021-pan-os-saml-security-bypass/

That’s the news, folks.  Go hack something.