captain

@elisha_langat

Im an Information Security Engineer/Python/Cyber Security | white-hat hacker | Red-Team Forever

Vrijeme pridruživanja: siječanj 2015.

Tweetovi

Blokirali ste korisnika/cu @elisha_langat

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @elisha_langat

  1. proslijedio/la je Tweet
    6. velj

    <div onpointerrawupdate=alert(1) style=width:100%;height:100%;position:absolute;background-color:red>test

    Poništi
  2. proslijedio/la je Tweet
    6. velj

    Made around $42k from in one month..... Best month so far. A big thanks to for such a great program.

    Poništi
  3. proslijedio/la je Tweet
    prije 20 sati

    A WAF killer variant of the previous vector by <imsofake onpointerrawupdate=alert(1)>test

    Poništi
  4. proslijedio/la je Tweet

    DOM clobbering is a little-understood technique where you can change the behavior of a page's JavaScript by injecting pure HTML. Learn about the technique and practice on our labs here:

    Poništi
  5. proslijedio/la je Tweet
    31. sij

    Steps 0) Login in with Twitter 1) Host Header Injection [to a.cxx] 2) Generate OAuth Token's Link 3) Send link to Victim, after victim authorize 4) Verifier send to a.cxx 5) Reuse use token Account Takeover by

    Poništi
  6. proslijedio/la je Tweet
    3. velj

    Alhamdulillah. Just got my first RCE in 2020 at . Tips: When you can't execute one liner reverse shell on your web shell (because some char was blocked), then try to download those shell to server and execute it via your web shell. style. ماشاءالله

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    21. sij

    time: when you see a POST request made with JSON, convert this to XML and test for XXE. You can use "Content-type converter" extension on to do achieve this! RT and Follow, book coming!

    Poništi
  8. proslijedio/la je Tweet
    2. velj

    WooT! There is always a way. New short write up! Chain the bugs till you get what you want. Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:) 🎉🎉

    Prikaži ovu nit
    Poništi
  9. Poništi
  10. proslijedio/la je Tweet
    2. velj

    SQL Injection Payload List by Password Cracking Is Easy: Here’s How to Do It by in API Security Testing(Part 1) by Saumya Prakash Rana

    Poništi
  11. proslijedio/la je Tweet
    2. velj

    His Family And Friends Have All Bet On Cameroon Throw 'To Happen First'!!

    Poništi
  12. proslijedio/la je Tweet
    2. velj

    Hacking: The Complete Beginner’s Guide To Computer Hacking: How To Hack Networks and Computer Systems, Information Gathering, Password Cracking, … Online anonymity, IP Address, Privacy)

    Poništi
  13. proslijedio/la je Tweet
    31. sij
    Poništi
  14. 1. velj

    traversed the country daring the Nyanza peace-suspenders as he tirelessly campaigned for you. Right now the force that should have been used on the Bondo man is being used against him,your own pillar. 2 years to go!!

    Poništi
  15. 1. velj
    Poništi
  16. 1. velj

    With the current incitements by the BBI group, Kenya is ready to welcome the ICC. This time round, the evidence needed is in broad daylight. Say No To

    Poništi
  17. proslijedio/la je Tweet
    31. sij

    If an application uses markdown, make sure to test it for xss. I used [Click here](javascript:alert(1)), to create a link via markdown and when the user clicks on Click here, the xss will get executed. Read this article.

    Poništi
  18. proslijedio/la je Tweet
    1. velj

    Is your dream job on this list?! Check out the 15 most popular tech 💻 jobs and for 2020 from via :

    Poništi
  19. proslijedio/la je Tweet

    Cyber attacks come in 3rd place when the World Economic Forum lists the biggest threats against humanity in the next five years. There are also reports showing large shortcomings in the society's abilities in managing and handling these threats.

    Poništi
  20. proslijedio/la je Tweet
    30. sij

    I'm not saying all certifications are bad, but security is a very broad industry, the CISSP is an inch deep, a mile wide, and now appears to be a baseline cert for every job. This means ISC2 can jack up rates whenever they want. This is the problem

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·