Paresh

@Paresh_parmar1

bugbounty hunter/ gamer /

Ahmedabad
Vrijeme pridruživanja: rujan 2014.

Tweetovi

Blokirali ste korisnika/cu @Paresh_parmar1

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Paresh_parmar1

  1. Prikvačeni tweet
    23. stu 2019.

    decompile android app. and go to : Resources > resources.arsc > res > values > strings.xml search for *.firebaseio.com in xml file. ,and open browser try https://*.firebaseio.com/.json , you might find read access to database there. .

    Prikaži ovu nit
    Poništi
  2. 3. velj
    Poništi
  3. proslijedio/la je Tweet
    2. velj

    WooT! There is always a way. New short write up! Chain the bugs till you get what you want. Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:) 🎉🎉

    Prikaži ovu nit
    Poništi
  4. 28. sij

    LMAO. so legit. 😂

    Poništi
  5. proslijedio/la je Tweet
    28. sij

    1/n 's rider asked for an OTP, I was hesitant because generally they never asked for it before, I knew something was phishy, *let's check them out* immediately after sharing the OTP, my account was accessed from a different location & that clever chap gave 5 ⭐️ rating

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    27. sij

    Did you know that the address '<a@b.com>c@d.com' when given to SES will send an email to a@b.com? this could lead to interesting exploit scenarios with some email parsing libraries/code

    Poništi
  7. proslijedio/la je Tweet
    24. sij

    Cross-Site Websocket Hijacking bug in Facebook that leads to account takeover

    Poništi
  8. proslijedio/la je Tweet
    21. sij

    Opensourcing another project from team , Simple and Fast port scanner with handy features to use with another tool in your recon pipeline. Link to project:-

    Prikaži ovu nit
    Poništi
  9. 19. sij

    This shoulder move. Didn’t expect that. 😂 knocked him down in just 44 seconds.

    Poništi
  10. proslijedio/la je Tweet
    15. sij
    Poništi
  11. proslijedio/la je Tweet
    12. sij
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    13. sij

    We should learn from how to value money, how to unconditionally keep learning and keep growing !! Checkout his interview Hack-Eat-Sleep-Repeat ⭐

    Poništi
  13. proslijedio/la je Tweet
    11. sij
    Odgovor korisnicima

    If a working POC of a vulnerability comes out almost after almost 25days of the advisory and also when a mitigation is available, I don’t see anything dealing with ethics and the country here.!

    Poništi
  14. proslijedio/la je Tweet
    11. sij

    Watch BSides Ahmedabad 2019 in a glimpse 🌟 A special thanks to each and every one for making this happen 💥

    Poništi
  15. proslijedio/la je Tweet
    8. sij

    Bug Bounty hunters & Pentesters alike, they all love to run their own domain and DNS Servers to log Out of Band interactions caused by RCEs, XXE's SSRFs and blind requests. And now you can do that too! Better safe than sorry!

    Poništi
  16. proslijedio/la je Tweet
    8. sij
    Prikaži ovu nit
    Poništi
  17. 8. sij
    Poništi
  18. proslijedio/la je Tweet

    As an American I'm so sick of people waging war on my behalf. Bragging about spending 2 trillion on tanks when people can't pay for healthcare or school lunches is sick beyond belief.

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    3. sij

    To start the new year I'm releasing another write-up where I explain the process of detecting and exploiting a chained HTTP request smuggling vulnerability which led me to an account takeover.

    Poništi
  20. 3. sij
    Poništi
  21. 30. pro 2019.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·