Xentropy

@SamuelAnttila

I write infosec articles & tools. Pentester and security researcher . Antivirus escape artist & Top 10 @ HackTheBox. He/Him.

Disjointed Kingdom of Brexitia
netsec.expert
Vrijeme pridruživanja: travanj 2010.
13 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @SamuelAnttila

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @SamuelAnttila

  1. Prikvačeni tweet
    6. sij

    Protip: Use ffuf/wfuzz to look for public S3 buckets rather than s3recon or bucket finder. I went from 5-10 tests per second to almost 300. Just check for status code 200.

    18 proslijeđenih tweetova 58 korisnika označava da im se sviđa
    Poništi
  2. prije 23 sata

    Interesting Facebook company open redirect: <put anything here>?href=<any url> e.g. Already reported but they showed no interest in it, so full disclosure it is.

    3 proslijeđena tweeta 12 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    2. sij

    lsassy 1.0.0 is finally out ! 🔸 Remotely dump **with built-in Windows tools only**, procdump is no longer necessary 🔸 Remotely parse lsass dumps to extract credentials 🔸 Link to to detect compromised users with path to Domain Admin

    12 replies 450 proslijeđenih tweetova 954 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    29. sij

    ffuf 1.0 released! phew, this is a big one. Feature highlights in this thread Huge thanks for all the contributors, and special thanks to for pulling off a feature bounty and for fulfilling it in a record time (and contributing said bounty to charity).

    11 replies 95 proslijeđenih tweetova 304 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. 1. velj

    I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :)

    5 replies 355 proslijeđenih tweetova 781 korisnik označava da mu se sviđa
    Poništi
  6. proslijedio/la je Tweet
    1. velj

    Attention CTF players (and organizers, CTFd v2.0.0 - v2.2.2 has a serious vulnerability (CVE-2020-7245) in which an attacker could perform account takeover using a leading-trailing on the Registration form. It has been fixed in v2.2.3. Make sure to update!

    81 proslijeđeni tweet 173 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. 1. velj

    Just got my sweet t-shirt and love it. Happy to support such an awesome event when all the money goes to charity. :D

    2 korisnika označavaju da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    31. sij

    Expectation going into InfoSec: Tetris. What InfoSec actually is: IT Jenga.

    5 replies 21 proslijeđeni tweet 142 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. 30. sij

    Sometimes I can't believe I actually get paid to hack stuff. Best job ever, wtf.

    3 korisnika označavaju da im se sviđa
    Poništi
  10. 30. sij

    Love that Twitter trains you to be succinct. Used to word-vomit, now I'm comfortable with only a few words. :D

    1 reply
    Poništi
  11. proslijedio/la je Tweet
    29. sij

    Capture NTLM Hashes using PDF (Bad-Pdf)

    1 reply 110 proslijeđenih tweetova 319 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    28. sij

    From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

    162 proslijeđena tweeta 327 korisnika označava da im se sviđa
    Poništi
  13. 29. sij

    Love that is moving to a default non-root user. Security model makes a lot more sense now.

    Poništi
  14. 29. sij

    More uncommon 0-click XSS vectors: <details open ontoggle="alert()"> (chrome & opera) <video onwaiting=alert() autoplay><source src=x></video> (firefox) <style> x{}</style><a style="animation-name:x" onanimationend=alert()>

    4 proslijeđena tweeta 12 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    27. sij

    Fuses and circuit breakers, do you actually know what they do and how they work? It seems that lots of people think a 15A breaker will trip with more than 15A, and it's totally wrong.

    20 replies 48 proslijeđenih tweetova 214 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. 27. sij

    sqlmap can fail! Know how to fingerprint manually with db-unique functions: MySQL - database() MsSQL - db_name() SQLite - sqlite_version() PostgreSQL - current_database() The functions don't exist in other solutions, so if they work you know which one it is!

    9 proslijeđenih tweetova 22 korisnika označavaju da im se sviđa
    Poništi
  17. 27. sij

    Tonic is a vegetable, right?

    Poništi
  18. proslijedio/la je Tweet
    13. svi 2019.

    AD Security Event IDs: Lockouts: 4740 User Logon: 4624 Group Changes: 4728, 4729, 4732, 4733, 4756, 4757, 4761, 4762 Group Creation/Del: 4727, 4730, 4731, 4734, 4759, 4760, 4754, 4758 GP Change: 5136, 5137, 5141 Log Clear: 1102, 104

    8 replies 235 proslijeđenih tweetova 702 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    25. sij

    Built up a little C2 + agent using Discord to communicate between the two. Really happy with this, turns out Discord is useful for something 🖖

    6 replies 81 proslijeđeni tweet 181 korisnik označava da mu se sviđa
    Poništi
  20. proslijedio/la je Tweet
    26. sij

    Looks like there's been a at SuperCasino and other affiliate sites too

    24 proslijeđena tweeta 33 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@SamuelAnttila još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·