Brex Norman

@brex_n

OSCP | OSWP | OSCE | OSWE

Vrijeme pridruživanja: prosinac 2019.

Tweetovi

Blokirali ste korisnika/cu @brex_n

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @brex_n

  1. proslijedio/la je Tweet
    28. sij
    Poništi
  2. proslijedio/la je Tweet
    1. sij
    Poništi
  3. proslijedio/la je Tweet
    20. sij
    Poništi
  4. proslijedio/la je Tweet
    30. lis 2019.

    Don't use Automated exploit tools regarding CVE-2019-11510 - Pre-auth Arbitrary File Reading. Again I try to manually exploited successfully Data breach staff username and password via Pulse Secure Access.

    Poništi
  5. proslijedio/la je Tweet
    1. velj
    Poništi
  6. proslijedio/la je Tweet
    5. velj

    Analyzing WhatsApp Calls with Wireshark, radare2 and Frida

    Poništi
  7. proslijedio/la je Tweet
    27. sij

    If there is no rate limit on PIN functionality of Android APK ,but the app is protected by every mechanism, then try to brute Force using adb . for i in {0000..9999}; do adb shell input text ; done #600$

    Poništi
  8. proslijedio/la je Tweet
    29. sij
    Poništi
  9. proslijedio/la je Tweet
    1. velj

    Findomain 0.1.3 is out! Now you can use it as a subdomain resolver, just put subdomains in a file and lets Findomain resolve it! Demo: Also an update checker have been added!

    Poništi
  10. proslijedio/la je Tweet
    26. stu 2019.

    If you see a "kafka_cluser_id" in the json http body, check /connectors and then /connectors/{name} for juicy stuff (it usually runs on port 8083)

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    21. pro 2019.

    I just published BUG BOUNTY CHECK LIST BY C1 Article includes a lot of what we usually need

    Poništi
  12. proslijedio/la je Tweet
    31. sij
    Poništi
  13. proslijedio/la je Tweet
    25. sij

    You can use google dorks write Try to add "dashboard" site:.com xyz/admin/dashboard.php It's can by pass adminpanel if there is no protection and enjoy hacking😉

    Poništi
  14. proslijedio/la je Tweet
    28. sij
    Poništi
  15. proslijedio/la je Tweet
    27. sij

    There are some endpoints show JSON, but forget to set the header to “Content-type: application/json” and leave it as “Content-type: text/html” , and they show special chars , easy XSS ;)

    Poništi
  16. proslijedio/la je Tweet
    31. sij

    Just released a quick tool, wordlistgen, I put together for taking a list of URLs/paths from stdin and parsing components (subdomains, paths, query strings & values) to easily/quickly make contextual content discovery wordlists for

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    27. sij

    detected 430 new websites hosting | new today: 1053 |

    Poništi
  18. proslijedio/la je Tweet
    26. sij

    Data extraction bug in Facebook. Sorry, no write-up for this one for the current time!

    Poništi
  19. proslijedio/la je Tweet
    18. sij

    Hakrawler - Simple, Fast Web Crawler Designed For Easy, Quick Discovery Of Endpoints And Assets Within A Web Application

    Poništi
  20. proslijedio/la je Tweet
    29. lis 2019.

    I Earned Scan service Reflected XSS. XSS injected page : Check my url Scan service. Scan service - Result Page XSS worked.

    Ovo je potencijalno osjetljiv multimedijski sadržaj. Saznajte više
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·