Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @incredincomp
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @incredincomp
-
Prikvačeni tweet
I owe a lot to the people here who have had patience with me, who have reached out helping hands or advice, or any of the people I could confidently shake hands with at cons now and not literally implode. Y’all rock and Im excited for another year. Thank you!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IncredInComp proslijedio/la je Tweet
RETWEET THIS TONIGHT TO HELP
#MAKESPACEFORWOMEN
For every RT, Olay is donating $1, up to $500K, to help @GirlsWhoCode. Because when we#MakeSpaceForWomen
, we make space for everyonepic.twitter.com/fNLFgrLGo6
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IncredInComp proslijedio/la je Tweet
When testing for SSRF using a black list, take internal IP addresses and when encoding them, dont encode entire IP. Encode 1 octet of the IP address, or 2 or 3. For Instance: AWS Metadata - 0251.254.169.254 (this got the $160,000 payout in Oct 2018)
#bugbountytip#bugbountyPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I’m going to get a retail job at the local Target and then socially engineer my way onto their red team. Give me 2 years, I’ll brb
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IncredInComp proslijedio/la je Tweet
When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.
#bugbountytip#bugbountytip#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If you search vmire{dot}news on twitter, a bunch of tweets come up from seemingly fake accounts that all link to various user profiles on the site. Most referencing Ukraine at some point... something’s phisy here
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I’m kind of sad, the phishing site I found the other day got pulled, the whole domain even. Can’t hit on USAA-log{dot}com or even base of vmire{dot}news. I wonder if they noticed my curls in the logs and figured they’d been made. No one listens to me anyway guys, keep it going
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
vmire{dot}news IP: 178.33.32.212 OH SH*T they are Russian. Well this just got a whole lot more interesting to me. Russian news site serving phising sites to USAA users. QUOTE ME
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I'm going to write a post about me hunting this down this weekend. Talk a bit about recon and how to not get caught up in something silly while researching potential threats. I am not done looking, and I hope I have more information by Monday too. This seems like a fair targethttps://twitter.com/incredincomp/status/1223348470062305281 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
vmire{dot}news is out of germany? behind cloudflare though but serving a wordpress titled /usaa? suspect... I am not going there from my IP or PC rn, so Ill check it later when I get my OPSEC in order. basically turn my hotspot and laptop onpic.twitter.com/t2fAIsyTNd
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
I am starting to love my
@digitalocean droplet like it's my real computer. It is seriously the cutest little thing, and SO AWESOMELY WELL DONE OF A PLATFORM I CANT EVEN CONTAIN MY EMOTIONS AND I AM SORRY I AM YELLING NOW AND I LOST MY PUNCTUATION KNOW HOWHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mentor got a text from someone pretending to be
@USAA today. They don’t have an account with them, but they are a fed employee. Keep an eye out folks#Phishingpic.twitter.com/upPGiee7JX
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IncredInComp proslijedio/la je Tweet
So I just found out about the Application for a Pardon I can send to
@realDonaldTrump .. I am going to try and request a pardon to have all of my rights restored from my previous hacking convictions. I am going to need character witnesses for this process... 1/xPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I’m part of a discord for infosec high schoolers participating in ctf’s. Recently, the kids figured out they can change their names to whatever they want, so now they’ve all started impersonating the one admin. They just @ each other at his name all day and it’s hilarious to me
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IncredInComp proslijedio/la je Tweet
Windows Red Team Cheat Sheet 1. Recon 2. Elevation of Privileges 3. Lateral Movement 4. Golden and Silver Tickets 5. AD Attacks 6. Bypass-Evasion Techniques 7. Miscellaneous 8. Post exploitation - information gathering 9. Summary of tools https://morph3sec.com/2019/07/16/Windows-Red-Team-Cheat-Sheet/ …pic.twitter.com/oDXKA2bN4b
Ovo je potencijalno osjetljiv multimedijski sadržaj. Saznajte više
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I had to ask the guy if there was an asterisk after the "unlimited". Tech deals over the phone is hard work
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IncredInComp proslijedio/la je Tweet
What if the Windows Desktop was a platformer? First test
#screenshotsaturdaypic.twitter.com/F6uCh3SvmvPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Using LazyRecon on a private program for the first time since my PR... domain exclusion working like a champ. I copied all the out of scope off
@Hacker0x01, threw it in a NotePad++, comma separated them, pasted them into my droplet, fired away. Lets goooohttps://github.com/nahamsec/lazyrecon …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If not saving: ESC + :q! If saving: ESC + :wq
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IncredInComp proslijedio/la je Tweet
Thoughts: - try specifying the port to see if 80 still responds to SSL traffic - see if you can find validation issues, e.g. https://x<new line>http://localhost - leverage a redirect to downgrade - try redirecting to file://, |ls, or gopher:// - inject headers for cache poisoning
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
SecurityNoOne Educator Nerd)