<h3 id="heading-links">Links</h3>
<ul>
<li>[site] <a target="_blank" href="https://digital.ai/learn/devsecops-periodic-table/">Periodic Table of DevSecOps Tools | Digital.ai</a>
</li>
<li>[vuln] <a target="_blank" href="https://secops.group/understanding-gitlab-ee-ce-account-takeover-cve-2023-7028/">Understanding GitLab EE/CE Account TakeOver (CVE-2023-7028) • The SecOps Group</a>
</li>
<li>[artigo] <a target="_blank" href="https://www.rapid7.com/blog/post/2024/01/16/application-security-posture-management/">Application Security Posture Management | Rapid7 Blog</a>
</li>
<li>[academy] <a target="_blank" href="https://portswigger.net/web-security/llm-attack">Web LLM attacks | Portswigger</a>
</li>
<li>[artigo] <a target="_blank" href="https://sysdig.com/blog/fuzzing-and-bypassing-the-aws-waf/">Fuzzing and Bypassing the AWS WAF – Sysdig</a>
</li>
<li>[site] <a target="_blank" href="https://learn.microsoft.com/en-us/security/">Microsoft Security documentation and training - Security documentation | Microsoft Learn</a>
</li>
<li>[vuln] <a target="_blank" href="https://securitylab.github.com/advisories/GHSL-2023-268_GHSL-2023-270_NginxUI/">GHSL-2023-268_GHSL-2023-270: Arbitrary command execution and SQL injection in Nginx-UI | GitHub Security Lab</a>
</li>
<li>[video] <a target="_blank" href="https://www.youtube.com/watch?v=wHFO8D2tU4o">Top 7 Smart Contract Security Vulnerabilities @QuickNode (youtube.com)</a>
</li>
</ul>
<h3 id="heading-siga-o-guia-de-appsec-nas-redes">Siga o Guia de AppSec nas redes!</h3>
<ul>
<li>Youtube: <a target="_blank" href="http://youtube.com/@GuiadeAppSec"><a href="http://youtube.com/@GuiadeAppSec" class="autolinkedURL autolinkedURL-url" target="_blank">youtube.com/@GuiadeAppSec</a></a>
</li>
<li>Twitter / X: <a target="_blank" href="http://youtube.com/@GuiadeAppSec"><a href="http://twitter.com/guiadeappsec" class="autolinkedURL autolinkedURL-url" target="_blank">twitter.com/guiadeappsec</a></a>
</li>
<li>Site: <a target="_blank" href="http://youtube.com/@GuiadeAppSec"><a href="http://guiadeappsec.com.br" class="autolinkedURL autolinkedURL-url" target="_blank">guiadeappsec.com.br</a></a>
</li>
</ul>

### Links

* \[site\] [Periodic Table of DevSecOps Tools | Digital.ai](https://digital.ai/learn/devsecops-periodic-table/)
    
* \[vuln\] [Understanding GitLab EE/CE Account TakeOver (CVE-2023-7028) • The SecOps Group](https://secops.group/understanding-gitlab-ee-ce-account-takeover-cve-2023-7028/)
    
* \[artigo\] [Application Security Posture Management | Rapid7 Blog](https://www.rapid7.com/blog/post/2024/01/16/application-security-posture-management/)
    
* \[academy\] [Web LLM attacks | Portswigger](https://portswigger.net/web-security/llm-attack)
    
* \[artigo\] [Fuzzing and Bypassing the AWS WAF – Sysdig](https://sysdig.com/blog/fuzzing-and-bypassing-the-aws-waf/)
    
* \[site\] [Microsoft Security documentation and training - Security documentation | Microsoft Learn](https://learn.microsoft.com/en-us/security/)
    
* \[vuln\] [GHSL-2023-268\_GHSL-2023-270: Arbitrary command execution and SQL injection in Nginx-UI | GitHub Security Lab](https://securitylab.github.com/advisories/GHSL-2023-268_GHSL-2023-270_NginxUI/)
    
* \[video\] [Top 7 Smart Contract Security Vulnerabilities @QuickNode (youtube.com)](https://www.youtube.com/watch?v=wHFO8D2tU4o)
    

### **Siga o Guia de AppSec nas redes!**

* Youtube: [**youtube.com/@GuiadeAppSec**](http://youtube.com/@GuiadeAppSec)
    
* Twitter / X: [**twitter.com/guiadeappsec**](http://youtube.com/@GuiadeAppSec)
    
* Site: [**guiadeappsec.com.br**](http://youtube.com/@GuiadeAppSec)

AppSec Newsletter 0024

Tornando a vida do security champion um pouco mais fácil a cada dia =)
