Shikari Senpai

@ShikariSenpai

Information security guy from Yandex security team

Санкт-Петербург, Россия
Vrijeme pridruživanja: siječanj 2011.

Tweetovi

Blokirali ste korisnika/cu @ShikariSenpai

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ShikariSenpai

  1. Prikvačeni tweet
    5. tra 2018.

    How to leak NTLM hash via HTML tags (for Internet Explorer and Edge):

    Poništi
  2. proslijedio/la je Tweet
    27. stu 2018.
    , , i još njih 7
    Poništi
  3. proslijedio/la je Tweet
    19. stu 2018.

    ParamPamPam Bruteforce GET and POST parameters for pages :)

    Poništi
  4. proslijedio/la je Tweet
    18. stu 2018.
    Poništi
  5. proslijedio/la je Tweet
    9. stu 2018.
    Poništi
  6. 10. srp 2018.
    Poništi
  7. proslijedio/la je Tweet
    9. srp 2018.

    Hey guys, got a challenge for you. In this php (with CSP), I've got a few ways to steal the user's secret using an exploit (without using redirects😀). I will post the answer tomorrow.

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    19. lip 2018.
    Poništi
  9. proslijedio/la je Tweet
    13. tra 2018.
    Poništi
  10. 5. tra 2018.
    Poništi
  11. 5. tra 2018.

    Talk on Windows network authentication mechanism and Windows network pentesting. Topics: - - Authentication mechanism - Hash cracking - Hash stealing - - - For and

    Poništi
  12. proslijedio/la je Tweet
    28. ožu 2018.

    03.04 на Meetup «Your hash is mine. "Тестируем ручки" в условиях локальных сетей Windows»:

    Poništi
  13. proslijedio/la je Tweet
    14. velj 2018.

    It is done! The 𝗖𝘂𝗿𝗲𝟱𝟯 𝗖𝗵𝗶𝗻𝗲𝘀𝗲 𝗡𝗲𝘄 𝗬𝗲𝗮𝗿 𝗫𝗦𝗦 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲 will begin on Friday, 16th of February, 8:30am CET (Berlin time) Watch this space to get access to the URL where it all begins 🐶💥🐓

    Poništi
  14. proslijedio/la je Tweet
    24. sij 2018.

    CVE-2018-1000006 () that affects windows based Electron app (like Slack, Skype, Atom) looks super simple to exploit: "myapp://?--no-sandbox --gpu-launcher=cmd.exe /c start calc". Update all your electron apps now!

    Poništi
  15. proslijedio/la je Tweet
    12. sij 2018.

    Yet another gadget for java deserialization: Misusing Oracle JDBC for SSRF-attacks

    Poništi
  16. proslijedio/la je Tweet
    3. sij 2018.

    Jann Horn () from Project Zero discovered and reported an attack to read privileged memory with a side-channel:

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    6. pro 2017.

    Personal for and tools, frameworks, slides and so on. Any feedback, commits and stars are welcome!

    Poništi
  18. proslijedio/la je Tweet
    1. pro 2017.

    Data exfiltration with Metasploit. Meterpreter DNS tunnel project pre-released:

    Poništi
  19. proslijedio/la je Tweet
    28. stu 2017.

    Dear , we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it ?

    Prikaži ovu nit
    Poništi
  20. 23. stu 2017.

    And another slides about vulnerability from 😅 - Basics (for AngularJS) - Search methods - Sandbox bypass - HTML Sanitizer problem - CSP is hard Slides have many-many references to other hard talks!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·