Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @albinowax
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @albinowax
-
Prikvačeni tweet
My past and present research is archived at https://skeletonscribe.net/
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I've been beta testing this update for a while, it's a good one :)https://twitter.com/Burp_Suite/status/1223285422337462278 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
@ngalongc,@EdOverflow, and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover. https://blog.reconless.com/samesite-by-default/ …pic.twitter.com/5R23YmpksT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
SVG animate XSS vector by
@garethheyeshttps://portswigger.net/research/svg-animate-xss-vector …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
Many thanks for all your votes! The community has spoken, and selected 15 nominees for the Top 10 Web Hacking Techniques of 2019. We've just launched the final stage, in which the panel -
@irsdl,@filedescriptor,@Agarri_FR and@albinowax - will confer and select the final top 10Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
We've added 11 new XSS labs, with learning materials. There is new content on CSP, dangling markup injection, and escaping the AngularJS sandbox.https://portswigger.net/web-security/cross-site-scripting …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
Did you know that the address '<a@b.com>c@d.com' when given to SES will send an email to a@b.com? this could lead to interesting exploit scenarios with some email parsing libraries/code https://nathandavison.com/blog/exploiting-email-address-parsing-with-aws-ses …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
10 Triaged Crit/P1, 1 Triaged High, 2 Triaged Medium. All of them HTTP Desync bugs in the span of 2 months (The crits being session cookie/token stealing). This bug class is real and needs more attention...
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
HTTP Request Smuggler now supports overriding the request method!
@eur0pa_ spotted that using an alternative method like DELETE can sometimes let you exploit otherwise-secure targets. (If you accidentally delete someone's homepage, that's on your head!)https://github.com/PortSwigger/http-request-smuggler …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
This weekend is your last chance to vote for the Top 10 (new) Web Hacking Techniques of 2019! Voting closes Monday.https://portswigger.net/polls/top-10-web-hacking-techniques-2019 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I once got 90% of a critical vulnerability in Mozilla Persona's password reset. 8 years later, it still hurts that I didn't complete it. Has anyone ever successfully exploited SMTP injection via the Reply-To+Eicar technique or similar non-CC methods?https://bugzilla.mozilla.org/show_bug.cgi?id=741814 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
Ok let's close the script. That can't possibly work right? <script> x = '<!--<script>' </script>/-alert(1) </script>
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
One of these entries introduces a fantastic technique that was widely overlooked when first released. Unfortunately I can't name it without biasing results ;)https://portswigger.net/polls/top-10-web-hacking-techniques-2019 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I was hoping the list of nominations would be shorter this year, as I've pre-filtered weak entries and grouped similar topics. Unfortunately you guys just shared too much great research...
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
We need your help to select the top 10 web hacking techniques of 2019! Cast your vote here:https://portswigger.net/polls/top-10-web-hacking-techniques-2019 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
Just posted Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2. Using a payload containing three different programming languages :)https://spaceraccoon.dev/remote-code-execution-in-three-acts-chaining-exposed-actuators-and-h2-database …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This weekend is your last chance to nominate research for the top 10 new web hacking techniques of 2019. Voting begins on Monday!https://portswigger.net/research/top-10-web-hacking-techniques-of-2019-nominations-open …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It was still good fun of course - just be aware that when I play the 'I made $$$ with my new technique' game to promote my latest research, it's not the full picture.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
In 2017 I won a CTF, leading to an invite to my first HackerOne live hacking event. I flew to New York, landed in a money-fevered environment, deployed the secret tool I'd spent months developing, and made $100. Sometimes you get money, sometimes you get learning opportunities.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
James Kettle proslijedio/la je Tweet
For the sake of exercising, I looked up some web challenges in a
#tetctf and noticed a cool SQLi one "Secure System". I discovered some cool stuff that you will not find it in tutorials so check it out!
https://medium.com/@terjanq/blind-sql-injection-without-an-in-1e14ba1d4952 …
#ctf#bugbountytips#sqlPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.