Daniel Cocking

@dcocking7

Vrijeme pridruživanja: travanj 2010.
10 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @dcocking7

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @dcocking7

  1. Prikvačeni tweet
    2. ožu 2019.

    A writeup of a an interesting bug I found a while back. Enjoy!

    6 replies 239 proslijeđenih tweetova 536 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    12. sij

    Lesser Known Web Attack Lab - train your advances web security skills 😎

    1 reply 202 proslijeđena tweeta 489 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    29. lip 2019.

    Java Serialization: A Practical Exploitation Guide

    115 proslijeđenih tweetova 343 korisnika označavaju da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    25. tra 2019.

    Only one week to my presentation at , “A Bug’s Life: Story of a Solaris 0day”. Come see me talk on how it was to be a hacker 20 years ago and watch me drop the 0day!

    26 proslijeđenih tweetova 67 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    25. tra 2019.

    With the release of my ViewState plugin for , here is my blog post on Exploiting Deserialisation in ASPNET via ViewState:

    7 replies 169 proslijeđenih tweetova 319 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    23. tra 2019.

    Here's a writeup of the $5k I received for finding overly specific location data in

    1 reply 15 proslijeđenih tweetova 36 korisnika označava da im se sviđa
    Poništi
  7. 4. ožu 2019.

    An Introduction to file format fuzzing where we find a previously unknown vulnerability in a real-world piece of software and exploit it to gain code execution. Enjoy!

    157 proslijeđenih tweetova 296 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    1. ožu 2019.

    Need privilege escalation? Have access to SMB and NFS shares? Automate looking for credentials! 1) pip3 install -r requirements.txt sudo apt-get install cifs-utils 2) git clone 3) python3 -p all -w -v -H hosts.lst -C creds.lst

    9 replies 280 proslijeđenih tweetova 655 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    14. velj 2019.

    A small write-up on how Endpoint Protection software allows programs running as administrator to read physical memory using its driver. Carbon Black has said this is not a real security issue.

    16 replies 119 proslijeđenih tweetova 241 korisnik označava da mu se sviđa
    Poništi
  10. proslijedio/la je Tweet
    2. ožu 2019.

    I don’t know how I missed this talk from but you definitely should not miss it. It’s critical that everyone understands ASVS 13.1.1 - and why parser differences are exploitable. Spoiler alert: he pops shells.

    1 reply 11 proslijeđenih tweetova 43 korisnika označavaju da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    2. ožu 2019.

    Just released Windows Exploit Suggester - Next Generation! Based on the output of Windows' systeminfo.exe utility, this tool provides you with the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. Get it at:

    226 proslijeđenih tweetova 473 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    2. ožu 2019.

    Fuzzing Adobe Reader for exploitable vulns using AFL

    120 proslijeđenih tweetova 251 korisnik označava da mu se sviđa
    Poništi
  13. proslijedio/la je Tweet
    1. ožu 2019.

    Show me your subdomains Collect subdomains by regexp in

    6 replies 24 proslijeđena tweeta 74 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    2. ožu 2019.

    Access from just retired. My favorite part was learning how to extract dpapi creds on Windows using Mimikatz, even if you didn't need to do that to solve. Here's how I did it:

    33 proslijeđena tweeta 84 korisnika označavaju da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    1. ožu 2019.

    I don'remember who share detect possible hidden ssrf | openredirect by burp suite and he write that for detecting search "=http | =https" I build regexp for burp =http(s)?:\/\/\w+(.+)?\.(w+)

    29 proslijeđenih tweetova 50 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    1. ožu 2019.

    Forgot to add some hashtags..

    Host header poisoning in IBM Websphere eCommerce (CVE-2017–1398). Inject password reset emails with malicious links.
    1 reply 6 proslijeđenih tweetova 5 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    1. ožu 2019.

    Just a reminder of what you are really buying in either bug bounty or pen test here. They boast of over 1200 programs. But only have about 1000 hackers who've cleared more than $5k in bug bounties & only about 100 who have made more than $100k (pen tester salary range) last year.

    8 replies 11 proslijeđenih tweetova 50 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    1. ožu 2019.

    EXCLUSIVE!! h1 admits that its business model sucks, blames it on pen test companies, vows to suck less. "“Most [penetration testing] companies suck,” Mickos said during a recent interview in New York City. “Our plan is to take the market share from pen test companies.”" 😂🤣🤭😹

    Nice exclusive for here -- HackerOne says its moving into the pen testing business. CEO Marten Mickos was blunt: "Other pen testing companies suck."
    Prikaži ovu nit
    13 replies 46 proslijeđenih tweetova 120 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    1. ožu 2019.

    Source didn't fit into tweet 4.1.6 is still the latest version on the OpenOffice webpage.

    1 reply 7 proslijeđenih tweetova 9 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    1. ožu 2019.

    Host header poisoning in IBM Websphere eCommerce (CVE-2017–1398). Inject password reset emails with malicious links.

    9 proslijeđenih tweetova 14 korisnika označava da im se sviđa
    Poništi

@dcocking7 još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·