Recently Slack moved from using "Validation Tokens" to validate that Slash Command requests were actually from Slack to signing the requests with a "Client Signing Secret". This seems like a simple change but
I have to be honest, life is just too busy this year for me to actually write a full report in the context of the story. Suffice it to say, I really enjoyed
I was using theHarvester the other day and had to do a little extra work to get the data I wanted out of the results. There are plenty of posts out there about
Link to the repo at the bottom...Precursor to this post: https://ratil.life/slackbots-for-fun-and-profit/A few months back I decided to find a way to lighten the load of ad hoc vulnerability
Certainly nothing groundbreaking here, just my experience diving into the world of code testing. Code Testing Any book, blog, or article about software development is going to tell you that you should always