Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @sagaryadav8742
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @sagaryadav8742
-
Here comes another teaser of our guest & keynote speakers. UNITED CON on February 28 & 29, 2020 at DTU, New Delhi, India
Register your seats now.
@initinpandey#UNITEDCON2020#UNITEDCON#hackerone#bugcrowd#githubpic.twitter.com/770U7hNwcAHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Airbnb
#bugbounty https://link.medium.com/eC4n4GTUN3 https://xpoc.pro/oauth-authentication-bypass-on-airbnb-acquisition-using-weird-1-char-open-redirect … https://www.arneswinnen.net/2017/06/authentication-bypass-on-airbnb-via-oauth-tokens-theft … https://buer.haus/2017/03/31/airbnb-web-to-app-phone-notification-idor-to-view-everyones-airbnb-messages/ … https://buer.haus/2017/03/13/airbnb-ruby-on-rails-string-interpolation-led-to-remote-code-execution/ … https://buer.haus/2017/03/09/airbnb-chaining-third-party-open-redirect-into-server-side-request-forgery-ssrf-via-liveperson-chat … https://buer.haus/2017/03/08/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-vulnerabilities …#bugbountytipsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
#CVE-2020-7799 FusionAuth RCE via Apache Freemarker Templatepic.twitter.com/QGc3cuCiZ7Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Are you ready? Visit www.unitedcon(dot)in to know more
#malware#forensics#dfir#blockchain#webapp#vapt#security#cyber#hacking#devops#ctf#cybercrime#lea#workshop#career#4n6#d3pakpic.twitter.com/oPFQuvounp
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Akamai WAF Bypass, worked on a recent
#bugbounty program#xss <x onauxclick=a=alert,a(domain)>clickHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Password reset flaw https://link.medium.com/OVvYaKLng3 https://link.medium.com/HZpTPtR2F3 https://link.medium.com/bpYhuYR2F3 https://link.medium.com/5PnwoRS2F3 https://link.medium.com/A67jqlT2F3 https://thezerohack.com/hack-instagram-again … https://ninadmathpati.com/how-i-was-able-to-earn-1000-with-just-10-minutes-of-bug-bounty … https://link.medium.com/MgdJoyY2F3 https://link.medium.com/iRVWjs02F3 https://link.medium.com/roeUih12F3
#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently: dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u <target>
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!pic.twitter.com/FekupjS6qG
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
CVE-2020-2551 Weblogic RCE with iiop protocol For 12.1.3 & 12.2.1.4pic.twitter.com/0gcVdojEFp
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
How to find important information in github(with gitrob) https://ift.tt/2G1ymhJ New post by
#hahwul#BugBounty,#BugBountyTips,#gitrob,#Hacking,#information_leakageHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
#day36#bugbounty#learning WebSocket attacks
1. https://footstep.ninja/posts/idor-via-websockets/ …
2. https://labs.detectify.com/2017/02/28/hacking-slack-using-postmessage-and-websocket-reconnect-to-steal-your-precious-token/ …
3. https://www.vulnano.com/2019/03/facebook-messenger-server-random-memory.html …
4. https://hackerone.com/reports/395729
5. https://medium.com/@sharan.panegav/account-takeover-using-cross-site-websocket-hijacking-cswh-99cf9cea6c50 …
6. https://medium.com/@sharan.panegav/account-takeover-using-cross-site-websocket-hijacking-cswh-99cf9cea6c50 …
7. https://medium.com/@sharan.panegav/account-takeover-using-cross-site-websocket-hijacking-cswh-99cf9cea6c50 …
8. https://www.notsosecure.com/how-cross-site-websocket-hijacking-could-lead-to-full-session-compromise/ …
#day36 ENDS :)Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
I just released some of my PoCs! IDOR: https://youtu.be/3hJaxmiSzO4 Stored XSS: https://youtu.be/pwLG7tAGO08 Stored XSS: https://youtu.be/fnW0w2VYT2I RXSS: https://youtu.be/IC43MzAkC7E RXSS: https://youtu.be/DZxMB_KOoMk RXSS: https://youtu.be/L5isQP28o3M RXSS: https://youtu.be/CaoAh2CXyr0
#GeneralEG#BugBountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
XSS https://footstep.ninja/posts/exploiting-self-xss … https://leucosite.com/Edge-Chromium-EoP-RCE … https://jinone.github.io/bugbounty-a-dom-xss … https://link.medium.com/g3MwS6YVK2 https://payatu.com/blog/nikhil-mittal/firefox-ios-qr-code-reader-xss-(cve-2019-17003) … https://link.medium.com/zbFw7qxe92 https://evanricafort.blogspot.com/2019/12/html-injection-to-xss-bypass-in.html … https://www.hackerinside.me/2019/12/xss-like-pro.html … https://link.medium.com/u8JQ7mdoe3 https://ysamm.com/?p=343
#bugbounty,#bugbountytipsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Want Free
? Jump on the Citrix wagon!
Pick a program on https://github.com/arkadiyt/bounty-targets-data/blob/master/data/wildcards.txt …
git clone https://github.com/cisagov/check-cve-2019-19781 …
cd check-cve-2019-19781
pip3 install -r requirements.txt
cat hosts.txt | while read url ; do cve-2019-19781 $url ;done > loot.txt 2>&1 cat loot.txt | grep appearHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Introducing velocity, Speed up network connections in Python with DNS caching that applies to everything from sockets to HTTP requests. Activates globally with a single import. Github: https://github.com/s0md3v/velocity Oh and I am now on Patreon https://www.patreon.com/s0md3v pic.twitter.com/vWMWEPUXgV
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Automating BURP to find IDORs.https://medium.com/cyberverse/automating-burp-to-find-idors-2b3dbe9fa0b8 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Update CVE-2019-19781 You can exploit the vulnerability without the file http://newbm.pl and only use the file http://rmbm.pl ! You can inject your payload inside the name of the XML file and fire the command execution !

#shitrix#citrixpic.twitter.com/g2P1GAJo1R
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
Information Disclosure at PayPal and Xoom (PayPal Acquisition) via Simple Google Dork - 1,000 USDhttps://medium.com/bugbountywriteup/information-disclosure-at-paypal-and-xoom-paypal-acquisition-via-simple-google-dork-1-000-usd-b726fe628a05 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
There is now a public, on Github, working exploit for Citrix vulnerability CVE-2019-19781. This is going to get very messy.https://twitter.com/GossiTheDog/status/1214892555306971138 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sagar yadav proslijedio/la je Tweet
So my guest blog post for
@detectify about my recon techniques is finally out. Check it out here-https://blog.detectify.com/2020/01/07/guest-blog-streaak-my-recon-techniques-from-2019/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.