👩💻 Join our community of thousands of amazing developers!
Recently, Tinder Security Labs gave a talk at Recon Village @ Defcon 30 called “Scanning your way into internal systems via URLScan.” We went over examples of sensitive links indexed by URLScan that could be leveraged to gain access into corporate systems. In addition, we went over some mitigation examples that can help prevent accidental disclosure/indexing of these links.Sensitive links and URLScanWe wanted to specifically create queries that would identify indexed sensitive links. The service...