Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @KarimPwnz
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @KarimPwnz
-
Karim Rahal proslijedio/la je Tweet
@ngalongc,@EdOverflow, and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover. https://blog.reconless.com/samesite-by-default/ …pic.twitter.com/5R23YmpksT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
Open staging environments can lead to production account takeover
If they use a separate DB, but same JWT secret
If the username or e-mail address is used as identifier
This is an excellent #BugBountyTip, thanks@kapytein!pic.twitter.com/yZkBoDBO1d
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
I wrote a blog post about that time I broke GitHub's OAuth flowhttps://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
17 hours to triage, resolve, and reward! That’s how fast
@Zomato’s program on@Hacker0x01 is. I’d like to also give a shoutout to@EdOverflow. In that narrow timeframe, he managed to mentor me!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Firefox can minimize/stop vulnerabilities like CSRF and CORS misconfiguration. https://blog.detectify.com/2019/10/03/karim-rahal-security-features-of-firefox/ … My new article for
@detectify.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Karim Rahal proslijedio/la je Tweet
Introducing http://Varanid.io ! Varanid can monitor DNS records, SSL certificates, and any file changes, with support for beautiful email, Slack, and custom webhook notifications. Perfect for a professional and reliable monitoring setup. Sign up now to get a 35% discount.pic.twitter.com/1Rlo6uUuuP
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
We have published a writeup of latest DOMPurify bypass with mutation XSShttps://research.securitum.com/dompurify-bypass-using-mxss/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
As I promised, here's my new blog post: Attacks on Applications of K-Anonymity - For the Rest of Us! https://medium.com/@d0nut/attacks-on-applications-of-k-anonymity-for-the-rest-of-us-426d3b75145c … Special thanks to
@jackhcable@nbk_2000@hxnyk@KarimPwnz@0xacb@spaceraccoonsec and Rephlexsion from@NahamSec 's discord for reviewing the post.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
Interlace now has blockers! So if you want to multithread some tasks, but you need one to complete before doing the other one, you can do that now. Yeah It's hard to describe in a tweet just click the link and read the README.https://github.com/codingo/Interlace/blob/master/README.md#Advanced-Command-File-Usage …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
Announcing the public release of my tool secretz! Written during our research of TravisCI, secretz is a tool that minimizes the large attack surface of Travis CI. It automatically fetches repos, builds, and logs for any given organization. Check it out:https://github.com/lc/secretz
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
Hey everyone! Curious about Rust? Perhaps you find the language confusing? Wondering what "ownership" and "borrowing" is all about? Join me this Saturday at 12PDT and Let's Learn Rust!https://www.twitch.tv/events/9X6FzEgaS-CrrgHzbyrjzQ …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
I want to give another shout-out to
@streaak for his amazing work on https://github.com/streaak/keyhacks …. This is an excellent reference for anyone that wants to determine the security implications of a publicly-disclosed API key.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty) with @Regala_ https://youtu.be/3K1-a7dnA60#bugbounty#pentest#cybersecurity by the community for the community!pic.twitter.com/hJlsjOoxHs
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
WRITE-UP: "GOTCHA: Taking phishing to a whole new level" by
@securinti. Without a doubt the most creative attack scenario we've ever seen!
https://medium.com/intigriti/gotcha-taking-phishing-to-a-whole-new-level-72eda9e30bef …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
VIM tutorial: linux terminal tools for bug bounty pentest and redteams with
@tomnomnom https://youtu.be/l8iXMgk2nnY#bugbounty#hacking#recon#pentest#devlife#livingintheterminalpic.twitter.com/JMxKxpxOFr
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
When those new private invites be looking kinda fresh
@KarimPwnzpic.twitter.com/e5SGU0qvq5
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Karim Rahal proslijedio/la je Tweet
Time for a fresh
#BugBountyTip from@EdOverflow: change your username to cause namespace collisions and see what happens! Read more: http://go.intigriti.com/usernamespace-attacks …#HackWithIntigritipic.twitter.com/SKiSnkampQ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Karim Rahal proslijedio/la je Tweet
Thanks to
@karimpwnz's work, we have a list of the most common [secure] variables from 5,302,677 build logs on Travis CI. This is great for anybody doing reconnaissance on GitHub, GitLab, Bitbucket, etc. https://gist.github.com/EdOverflow/8bd2faad513626c413b8fc6e9d955669 …pic.twitter.com/GfNmA5yI9p
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
TRAVIS CI