Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @nbsriharsha
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @nbsriharsha
-
Prikvačeni tweet
We have released the source of hackim 2019 ctf https://github.com/nullcon/hackim-2019 …
#hackim_2019#nullconHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
[Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Browser jit exploitation quick start:
@5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javascript_engines.html …@LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/ …@bkth_ presentation in SSTIC 2019: https://www.sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf … Also: https://doar-e.github.io/ https://phoenhex.re/ https://twitter.com/Sivenruot/status/1216293644757372928 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
CVE-2019-19781 Citrix path traversal base on vpns folder Example: GET /vpn/../vpns/services.html GET /vpn/../vpns/cfg/smb.conf patch >> HTTP/1.1 403 Forbidden no patch >> HTTP/1.1 200 OK [global] encrypt passwords = yes name resolve order = lmhosts wins host bcastpic.twitter.com/a6ehfTRIaJ
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
I've recently been fuzzing the PHP interpreter, and took a UaF bug all the way from crashing-sample to weaponized code execution. Here is the first of several blog posts I plan to write about the process. https://blog.jmpesp.org/2020/01/fuzzing-php-with-domato.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Ever wondered what makes a CTF challenge good? I've asked myself that many times. I wrote this to help me answer that question based on discussions with others in the communityhttps://bit.ly/ctf-design
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.https://leucosite.com/Edge-Chromium-EoP-RCE/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Based on community feedback,
@BApp_Store popularity, and the opinions of@PortSwiggerRes, we've compiled this list of the top 10@Burp_Suite extensions for pen testers.https://portswigger.net/testers/penetration-testing-tools …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
New writeup, one of my favorite bugs
-
Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty
https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/ …
Featuring...
@d0nutptr@0xacb@Regala_@JLLiS@Yassineaboukir@plmaltaispic.twitter.com/RomLgdCcSC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Burp Suite Secret Finder - Burp Suite Extension To Discover Apikeys/Tokens From HTTP Responsehttp://www.kitploit.com/2019/12/burp-suite-secret-finder-burp-suite.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
N B Sri Harsha proslijedio/la je Tweet
I just uploaded my latest Live Recon stream to YouTube. I'll also be doing several new pieces of video content over the next few months on my channel. This week we used Xmind, Amass Intel, SSLScarpe, ASNLookup, Httprobe, ++. Enjoy!https://www.youtube.com/watch?v=5N7k0g7arYE&feature=youtu.be&t=27 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
SSRF in AWS EC2 instances is getting harder to exploit. The new Metadata protocol now requires to issue a PUT request to get a token.https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Another write up of a bug found by
@SecurityMB in Google VRP! An XSS via Dom Clobbering in AMP4Emailhttps://research.securitum.com/xss-in-amp4email-dom-clobbering/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
I've added a community transform for this service to
@pownjs recon. I hope you don't mind. Anyway, probably a dedicated elastic search cluster will be coming soon...https://github.com/pownjs/pown-recon/blob/master/lib/transforms/bufferoverrun/index.js …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Monitorizer: The ultimate subdomain monitorization framework:- By
@BitTheByte . https://github.com/BitTheByte/Monitorizer …pic.twitter.com/NfYryIKU8f
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Another day, another script. Search endpoints on GitHub for a given (sub)domain. Like all extraction script, it's as good as the regexp configured so feel free to add your own or send them to me :x
#bugbountytools#endpoints#recon#ilovepython https://github.com/gwen001/github-search/blob/master/github-endpoints.py …pic.twitter.com/0hHOrpBuJy
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Did you know you can use the Connection header to delete other headers? Interesting research lead by
@nj_dav: https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
This is such a really interesting bug, which combined both web and binary stuff! Thanks the author neex,
@d90pwn and@ahack_ru for the bug! By the way, this seems my first time to blog a bug which is not found by me. XDhttps://blog.orange.tw/2019/10/an-analysis-and-thought-about-recently.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Using Web Cache Poisoning for persistent Denial of Service: https://cpdos.org/
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
N B Sri Harsha proslijedio/la je Tweet
Freshly patched RCE in PHP-FPM: https://bugs.php.net/bug.php?id=78599 … Exploit: https://github.com/neex/phuip-fpizdam … Many nginx+PHP configurations vulnerable, watch out!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
