Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @IfrahIman_
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @IfrahIman_
-
Prikvačeni tweet
Rule -1 Recon is a Philosophy of Life
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
Hard work beats talent! Dedication beats reputation!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
┏━━┓┏━━┓┏━━┓┏━━┓ ┗━┓┃┃┏┓┃┗━┓┃┃┏┓┃ ┏━┛┃┃┃┃┃┏━┛┃┃┃┃┃ ———HACK THE PLANET———- ┃┏━┛┃┃┃┃┃┏━┛┃┃┃┃ ┃┗━┓┃┗┛┃┃┗━┓┃┗┛┃ ┗━━┛┗━━┛┗━━┛┗━━
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Got my first CVE from Microsoft & was rewarded as well
Alhamdulillah
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1075 …
#bugbountypic.twitter.com/pZb9cAvODj
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Eid Mubarak
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
Learning resources and their Twitter accounts from my talk from
@bugcrowd#LevelUp0x04 https://thehackermaker.com/learning-resources/ …@SecurityTube@WebSecAcademy@PentesterLab@vhackinglabs@eLearnSecurity@ppentestlabs@HackingTutors@cybraryIT@hackthebox_eu@SANSPenTest@OverTheWireCTF@owasppic.twitter.com/xQblc7VDfh
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
Bug Bounty Tip : When you’re testing an application using nginx as proxy, try testing for possible path traversal due to misconfigured alias in nginx config file https://github.com/PortSwigger/nginx-alias-traversal …
#bugbounty#incrowdwetrust#ethicalhackingpic.twitter.com/pjlm6LbLiV
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
#NoobTip some companies are using Online Storage,inject the XSS using onmouseover event like this:- /index.php/bvv18%22onmouseover%3d%22alert(document.domain)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22uo545 Good luck.pic.twitter.com/eOQ7MTaVRx
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
#writeup Google bug bounty: LFI on production servers in http://springboard.google.com – $13,337 USD Short story about why u must always check for dirs in 302 status pages because you will surprise that some directories listing will work https://omespino.com/write-up-google-bug-bounty-lfi-on-production-servers-in-redacted-google-com-13337-usd/ …#Bugbounty#infosecpic.twitter.com/TMtXC7zwMm
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
3 different ways to bypass the
#WAF ! Kudos to: >@Blaklis_ https://twitter.com/Blaklis_/status/1125663871056928769 … >@nicocanicolas https://twitter.com/nicocanicolas/status/1125399154560307205 … >@RenwaX23 https://twitter.com/RenwaX23/status/1125387416175546368 …#bugbountytips#BugBounty#BugBountyQuiz#XSSpic.twitter.com/nMA84yiU9q
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
Maybe one of the most valuable tips I can give you all is: be organized Due to the extreme amount of targets, techs, payloads and differents contexts, it is very easy to get lost and don't give enough attention to some of the most important details during your hunt
#bugbountytipHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
#Protip Did you know that you can bookmark google dorks? "inurl:http://hackerone.com/reports intext:$var" // per example rce or user just add a new bookmark with the following content: javascript:d=prompt('h1%20dork');location.href="http://google.com/search?q=inurl:hackerone.com/reports+intext …:"+d#BugBounty#infosecpic.twitter.com/uUhptRatsU
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
SSRF->Telnet->RCE chain in Scrapy, found by
@alertothttps://medium.com/alertot/web-scraping-considered-dangerous-exploiting-the-telnet-service-in-scrapy-1-5-2-ad5260fea0db …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
Sentry Blind SSRF (https://hackerone.com/reports/374737 /https://medium.com/@0ktavandi/blind-ssrf-in-stripe-com-due-to-sentry-misconfiguration-60ebb6a40b5 …) 1. cat aquatone/*/urls.txt | grep sentry 2. Burpsuite 3. Send it to Repeater 4. Change the value of filename: to a http://postb.in url (or similar) 5. Wait for a connection 6.
pic.twitter.com/8eJwfPZpMW
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
#ProTip Generate "Match and Replace" presets for SSRF from a file Here's my "Match and Replace" Script for@Burp_Suite Inspired by@Agarri_FR@gwendallecoguic https://github.com/Leoid/MatchandReplace … Note:you can use this script to generate your own presets for any bug class Enjoy Hacking!pic.twitter.com/nLwPNWxKmnPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
Facebook-bug-bounty-writeups:- ImageTragick XSS CSRF SSRF Logic Race Conditions Rate Limits Open Redirect Clickjacking Object Reference Page Roles Facebook Ads Facebook Groups Phone number Email address IP address Symlink Attack Secure File Transfer https://github.com/emadshanab/facebook-bug-bounty-writeups/blob/master/Bugs …pic.twitter.com/l8d1CX7vH3
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
#BugBounty#bugbountytip#infosec#Dorking Here is a google dork to find GET-Based parameters: inurl:%3D URL encoded version of '=' which finds them.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
seeing this against a number of sites. GET /wp-content/plugins/ungallery/source_vuln.php?pic=../../../../../wp-config.php GET /wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/admin/downloadAttachment.php?path=../../../../../wp-config.php
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
You can enumerate directories in some buckets with Wfuzz. Rule for Wfuzz: http(s)://<bucket-address-here>/FUZZ/ Successful: 200 Status code without content
#infosec#bugbountytipHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ifrah Iman proslijedio/la je Tweet
My honor to be the first one who purchased XSS Cheat Sheet 2019 by
@brutelogic https://brutelogic.com.br/blog/xss-cheat-sheet/ …pic.twitter.com/V3kyARpUJz
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Github Topic/BugBounty
https://twitter.com/Alra3ees/status/1093563269678272514 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.