Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @alexnovgorodov
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @alexnovgorodov
-
Prikvačeni tweet
Our team product PT Application Inspector is in Magic Quadrant 2018! https://www.ptsecurity.com/ww-en/premium/gartner-ast-2018 …
#Gartner#appsec#applicationinspector#aipic.twitter.com/3SdGCH8e0w
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.
#bugbountytip#bugbountytip#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
Parameter tampering https://blog.securitybreached.org/2020/01/26/improper-input-validation-add-custom-text-and-urls-in-sms-send-by-snapchat-bug-bounty-poc … https://b3nac.com/posts/2019-09-02-Spear-Texting-Via-Parameter-Injection.html … https://link.medium.com/rkcIUvhuD3 https://link.medium.com/8tXuo2juD3 https://link.medium.com/a6yLwgkuD3 https://blog.avatao.com/How-I-could-steal-your-photos-from-Google … https://link.medium.com/eyxLrykuD3 https://link.medium.com/cgg3NLkuD3 https://link.medium.com/MZP6o1kuD3 https://link.medium.com/ztkAjeluD3
#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Escalating reflected XSS with HTTP Smuggling https://hazana.xyz/posts/escalating-reflected-xss-with-http-smuggling/ …
#httpsmuggling#xssHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641 https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html …
#ios#mobile#iphoneHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Abusing Insecure WCF Endpoints for Fun and Profit https://vimeo.com/335945551
#wcf#aspnetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
How spending our Saturday hacking earned us 20k http://incidentsecurity.com/how-spending-our-saturday-hacking-earned-us-20k/ …
#BugBountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
Authentication bypass https://link.medium.com/6POLXbk7j3 https://link.medium.com/fjRpVHTkg3 https://link.medium.com/FBilq4m7j3 https://link.medium.com/5Etuo0n7j3 https://link.medium.com/Zq5cjGn7j3 https://xpoc.pro/oauth-authentication-bypass-on-airbnb-acquisition-using-weird-1-char-open-redirect … https://link.medium.com/TC85brt7j3 https://www.randorisec.fr/client-side-validation … https://link.medium.com/IYzPwWK7j3 https://link.medium.com/SZDewmL7j3
#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Alex Novgorodov proslijedio/la je Tweet
If you're interested in Samsung's TrustZone, the talk I gave at
#BHUSA2019 is online. It presents the work we did with@NeatMonster_ and@patateQbool at@quarkslab. We are at#36c3 if you want to come say hi. :)https://youtu.be/uXH5LJGRwXIHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
Xposed Framework Plugins For Android Pentesting, by
@enciphers_ https://enciphers.com/xposed-framework-plugins-for-android-pentesting/ …#MobileSecurity#Security#AndroidSecurity#bugbountypic.twitter.com/Ke5p1EIMJW
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
Facebook Page Admins Disclosure by
@CircleNinja nice find!https://medium.com/bug-bounty-hunting/facebook-bug-bounty-story-x000-for-an-information-disclosure-bug-f0c0d19d7815 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
New writeup, one of my favorite bugs
-
Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty
https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/ …
Featuring...
@d0nutptr@0xacb@Regala_@JLLiS@Yassineaboukir@plmaltaispic.twitter.com/RomLgdCcSC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
Now live!
The new Apple Security Bounty! Https://developer.apple.com/security-bounty/ …
The new Apple Platform Security guide, featuring Mac for the first time!
https://support.apple.com/guide/security/welcome/web …
(PDF version: https://manuals.info.apple.com/MANUALS/1000/MA1902/en_US/apple-platform-security-guide.pdf …)
My Black Hat 2019 talk: https://www.youtube.com/watch?v=3byNNUReyvE&t=52 …
Happy holidays!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
SSRF in Google Cloud Platform StackDriver https://ngailong.wordpress.com/2019/12/19/google-vrp-ssrf-in-google-cloud-platform-stackdriver/ …
#google#ssrf#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
Interesting issue where the password reset flow can allow account take-over if you register an account with a similar email domain with a unicode case collision. More interesting, it impacts Django. https://eng.getwisdom.io/hacking-github-with-unicode-dotless-i/ … https://www.djangoproject.com/weblog/2019/dec/18/security-releases/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
The CVE-2019-18935 is a severe insecure deserialization vulnerability affecting
#Telerik UI. Understand its impact + learn to safely patch your software in this post from@noperator: https://hubs.ly/H0mf7L-0 (With thanks to@mwulftange +@bao7uo)pic.twitter.com/qHc5XoKywA
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
Finally got the approval, Here are multiple Linode's access token stealing/account takeover bugs, I like the second one. Retweet if you like it.
#bugbountyhttps://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
My PhD thesis "Software-based Side-Channel Attacks and Defenses in Restricted Environments" is finally available online: https://misc0110.net/web/files/phd_thesis.pdf … I really enjoyed my last 3 years working on it, also due to my great colleagues, especially
@lavados,@mlqxyz, and@BloodyTangerinepic.twitter.com/po1M8T85Zy
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alex Novgorodov proslijedio/la je Tweet
6k hackerone disclosed reports at one place. http://sec.eddyproject.com/6000-hackerone-disclosed-reports/ …
#hacking#pentesting#bugbounty#recon#pentest#infosec#cybersecurity#itsecurity#websecurity#appsec#hacker#security#Hackers#Android#Androidhacking#bugbountytips#bugbountytip#hackerone#bugcrowdHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
SSRF in Vimeo file upload function https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437 …
#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.