Earl

@0xWeeb

just a wanna be dev

under your bed
Vrijeme pridruživanja: lipanj 2018.

Tweetovi

Blokirali ste korisnika/cu @0xWeeb

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @0xWeeb

  1. proslijedio/la je Tweet

    🔥 CVE-2019-18426 for Web and Desktop contained multiple vulnerabilities, which, when combined together, could have even allowed remote attackers to read files from a victim's local file-system just by sending messages. Read details:

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    3. velj

    When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.

    Poništi
  3. proslijedio/la je Tweet
    4. velj

    GDA Android Reversing Tool - A New Decompiler Written Entirely In C++, So It Does Not Rely On The Java Platform, Which Is Succinct, Portable And Fast, And Supports APK, DEX, ODEX, Oat - ...

    Poništi
  4. proslijedio/la je Tweet
    4. velj

    Gotcha! get_nr_swap_pages not implemented -- see your local kernel hacker current_is_kswapd not implemented -- see your local kernel hacker

    Poništi
  5. proslijedio/la je Tweet
    3. velj

    Five reasons you should use Apache Wicket - a stateful, component-based web development framework.

    Poništi
  6. proslijedio/la je Tweet
    4. velj

    CVE-2019-19273 On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.

    Poništi
  7. proslijedio/la je Tweet
    4. velj

    Check out my interview with from my stream last week! Tons of great tips on recon, using , asset management with , and looking for bugs with high impact! Full interview:

    Poništi
  8. proslijedio/la je Tweet
    4. velj

    XSS filter bypass leveraging </p> tag stripping, by <</p>iframe src=javascript:alert()//

    Poništi
  9. proslijedio/la je Tweet

    Twitter warns hackers exploited an API bug on its platform to inappropriately match and learn linked phone numbers of millions of users. Based on IP addresses engaged in the attack, believes some of them may have ties to state-sponsored actors.

    Poništi
  10. proslijedio/la je Tweet

    I saw a developer today. No company swag hoodie. No stickers on their laptop. No mechanical keyboard. No Windows or macOS. He just sat there. Typing away in vim IDE running on Arch Linux and older ThinkPad. Like a psychopath.

    Poništi
  11. proslijedio/la je Tweet
    4. velj

    Monolith started using today: , pays: 50$ min.

    Poništi
  12. proslijedio/la je Tweet
    3. velj

    Do you have a big file w/ URLs w/ many of them being default pages, wildcards etc? Use 's get-title hack to grep out common titles: cat urls.txt | get-title -c 300 > titles.txt cat titles.txt | grep -v "PATTERN" | awk -F '[()]' '{print $2}'

    Poništi
  13. proslijedio/la je Tweet
    4. velj

    CVE-2013-2676 Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view private IP addresses and other sensitive information.

    Poništi
  14. proslijedio/la je Tweet
    4. velj

    When testing for SSRF using a black list, take internal IP addresses and when encoding them, dont encode entire IP. Encode 1 octet of the IP address, or 2 or 3. For Instance: AWS Metadata - 0251.254.169.254 (this got the $160,000 payout in Oct 2018)

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    4. velj

    Nfstream - A Flexible Network Data Analysis Framework

    Poništi
  16. proslijedio/la je Tweet
    4. velj
    Poništi
  17. proslijedio/la je Tweet
    4. velj

    During his research into web-cache poisoning, stumbled upon a new route-poisoning trick for systems built on Zend and Symfony frameworks. Try it for yourself:

    Poništi
  18. proslijedio/la je Tweet
    4. velj

    Project-Black - Pentest/BugBounty Progress Control With Scanning Modules

    Poništi
  19. proslijedio/la je Tweet
    4. velj

    Download - Huge Dying Light CheatEngine table leak from XdarionX

    Poništi
  20. 4. velj

    Lets learn buffer overflow coz i fucking suck at everything

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·