@ cheers !!

@bhaskarkapu

perfectly vertical !!

Vrijeme pridruživanja: ožujak 2014.

Tweetovi

Blokirali ste korisnika/cu @bhaskarkapu

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bhaskarkapu

  1. Prikvačeni tweet
    18. svi 2015.

    you have blocked an account because of 1 spam email, but do you care about your user's privacy ?

    Poništi
  2. proslijedio/la je Tweet
    prije 22 sata
    Poništi
  3. proslijedio/la je Tweet
    4. velj

    When testing for SSRF using a black list, take internal IP addresses and when encoding them, dont encode entire IP. Encode 1 octet of the IP address, or 2 or 3. For Instance: AWS Metadata - 0251.254.169.254 (this got the $160,000 payout in Oct 2018)

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    1. velj

    Some essential process execution/cmd lines to monitor for initial access/persist. powershell cmd rundll32 control wscript javaw csc regsvr32 reg certutil bitsadmin schtasks wmic eqnedt32 msiexec cmstp mshta hh curl installutil regsvcs/regasm at msbuild sc cscript msxsl runonce

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    4. velj

    Yo , 2002 called, they would like their integer overflow back...

    Poništi
  6. proslijedio/la je Tweet
    3. velj

    Hey bug hunters! Want a look at some of the top vulnerabilities ever found on ? They just released the last blog post I wrote before leaving. Enjoy!

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    3. velj

    TeamViewer stored user passwords encrypted, not hashed, and the key is now public

    Poništi
  8. proslijedio/la je Tweet
    3. velj

    The DNS service is essential for browsing the 🌐 What about the vulnerabilities of this service? 🎯 I made an that presents an attack called DNS Poisoning. Follow for more about

    Poništi
  9. proslijedio/la je Tweet
    prije 22 sata
    Poništi
  10. proslijedio/la je Tweet

    During his research into web-cache poisoning, stumbled upon a new route-poisoning trick for systems built on Zend and Symfony frameworks. Try it for yourself:

    Poništi
  11. proslijedio/la je Tweet
    3. velj

    When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.

    Poništi
  12. proslijedio/la je Tweet
    prije 22 sata

    XSS filter bypass leveraging </p> tag stripping, by <</p>iframe src=javascript:alert()//

    Poništi
  13. proslijedio/la je Tweet
    1. stu 2019.

    XSS filter bypass using stripped </div> tags to obfuscate. Multiple P2 Stored XSS on a private bug bounty program. XSS Payload: <</div>script</div>>alert()<</div>/script</div>>

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    3. velj

    Creating payloads without "'`()[]\%; by ... that's useful...

    Poništi
  15. proslijedio/la je Tweet
    25. sij
    Odgovor korisniku/ci

    I know that you know a lot more than I do but you should read this blog:

    Poništi
  16. proslijedio/la je Tweet
    1. velj

    I just got a fancy idea to create strings in without using dangerous characters 😃 Inspired by challenge from .

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    28. sij

    RiskSense working on AI to predict if vulnerabilities will turn into ransomware

    Poništi
  18. proslijedio/la je Tweet
    28. sij

    So I created this Burp Teams it allows you to share repeater/intruder/comparer tabs. It uses nodejs for the server with . But I then found out someone already did this so it won’t be on the BApp store. On the plus side I learnt lots.

    Poništi
  19. proslijedio/la je Tweet
    28. sij

    + Added new UTF-7 encode cc - Removed logo from message editor + Added Hackvertor to responses

    Poništi
  20. proslijedio/la je Tweet
    21. sij

    [EN] You have a list of credentials. You want to check which of them belong to the administrators and which are the accounts of ordinary users. Use Burp Intruder + Macro + Grep Extract

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·