Michael Blake

@Michael1026H1

H1: michael1026. Software engineer interested in software security. Oregon

Vrijeme pridruživanja: travanj 2019.

Tweetovi

Blokirali ste korisnika/cu @Michael1026H1

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Michael1026H1

  1. proslijedio/la je Tweet
    31. sij

    Burp Suite Pro / Community 2020.1 released, with major enhancements to HTTP message editor and more,

    Poništi
  2. 28. sij

    Trying to figure out at what point do I try making the move from a developer to a security focused role.

    Poništi
  3. 27. sij

    I don't know if it's impostor syndrome, but every bug I find just feels like luck. I'm just lucky I found it before someone else was able to.

    Poništi
  4. 23. sij

    My first five digit bounty. In the first month of 2020, I've made almost half of what I made in all of 2019. Thankfully, last year's work paid off.

    Poništi
  5. 16. sij

    First crit of the year, triaged and "working on a fix" in two hours. I'm a bit stoked.

    Poništi
  6. 16. sij

    Maybe CTFs just aren't my thing.

    Poništi
  7. 15. sij

    First time I ran into potential XSS where the user input is transformed into all caps. Not only that, but there's an aggressive WAF too. Got around both, but that was a learning experience.

    Poništi
  8. 10. sij

    And after all of the effort, usually it's a medium at best (except some special occasions)

    Prikaži ovu nit
    Poništi
  9. 10. sij

    I think I just came to the realization that CSRF is my least favorite bug type. Everytime you think something is vulnerable, it isn't. And even if you find something that is vulnerable, and you've built a POC around it, you're still skeptical.

    Prikaži ovu nit
    Poništi
  10. 3. sij

    I feel like a place where a lot of people new to bug bounties get caught up is all of the tools available. Just because there's a new tool available doesn't mean you need to use it. Focus on your workflow, then look for tools that can improve parts of it.

    Poništi
  11. 30. pro 2019.
    Poništi
  12. 26. pro 2019.

    My main goal when it comes to bug bounties in 2020 is to make this more than just a hobby. I'd like to earn an invite to an event. And I'd like to land a job in a security related position.

    Poništi
  13. 23. pro 2019.

    Not to brag, but... I was awarded $33 on . Can you say, dinner for one?

    Poništi
  14. 23. pro 2019.

    Since wanted to share some WAF bypasses, I figured I'd share the one I recently used for Incapsula. <iframe/onload="var b = 'document.domain)'; var a = 'JaV' + 'ascRipt:al' + 'ert(' + b; this['src']=a">

    Poništi
  15. proslijedio/la je Tweet
    20. pro 2019.

    HackerOne disclosed a bug submitted by the_arch_angel:

    Poništi
  16. 11. pro 2019.
    Poništi
  17. 10. pro 2019.

    How I feel after the last couple of months: If you have any subdomains, I will find them...

    Poništi
  18. proslijedio/la je Tweet
    9. pro 2019.

    Did you know you can use OpenSSL for recon purposes? 🔒😏 Thanks for the , !

    Poništi
  19. proslijedio/la je Tweet

    I'm a big fan of and was excited when they asked me to appear in the series finale tonight.

    Poništi
  20. 4. pro 2019.

    Here's a tip. Don't trust your ISP's DNS servers if you rely on resolving thousands of domains. Spectrum has been hijacking NXDOMAIN responses and replying with their own website, confusing all of my tools. I had to configure my router to use other DNS servers.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·