Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @samwcyo
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @samwcyo
-
Sam Curry (zlz) proslijedio/la je Tweet
Today’s Chrome release not only makes SameSite cookies default but also kills mutation XSS found by
@SecurityMB and fixes another issue (worth $10k) about which more details will be released in a few months. Stay tuned!https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html?m=1 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
Hey bug hunters! Want a look at some of the top vulnerabilities ever found on
@Dropbox ? They just released the last blog post I wrote before leaving. Enjoy!#bugbountytipshttps://blogs.dropbox.com/tech/2020/02/dropbox-bug-bounty-program-has-paid-out-over-1000000/ …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :) https://netsec.expert/2020/02/01/xss-in-2020.html …
#bugbountytipspic.twitter.com/Mdygq1PI9Z
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
This month I learnt how to analyse the JavaScript of a React Native application while bounty hunting. I wanted to share what I found out with everyone else.https://blog.assetnote.io/bug-bounty/2020/02/01/expanding-attack-surface-react-native/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Is it still good advice to tell people who are breaking into security to maintain a blog? In what cases is this bad advice?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
@ngalongc,@EdOverflow, and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover. https://blog.reconless.com/samesite-by-default/ …pic.twitter.com/5R23YmpksT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
What if... what if I don't want to automate my bug hunting? What if I enjoy the process? How can I get by with all these tools being suggested to me...
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
SVG animate XSS vector by
@garethheyeshttps://portswigger.net/research/svg-animate-xss-vector …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Sam Curry (zlz) proslijedio/la je Tweet
Twitter disclosed a bug submitted by zlz: https://hackerone.com/reports/712979 - Bounty: $560
#hackerone#bugbountypic.twitter.com/Nf9qXKbftC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
Introduction to Triaging Fuzzer-Generated Crashes by Josiah Piercehttps://trustfoundry.net/introduction-to-triaging-fuzzer-generated-crashes/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
When GET /dev/viewtablestest.php has a load time of 30 seconds and errors out with a max memory allocation messagepic.twitter.com/nYELZBBxbZ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
The web framework Django used to use this flawed CSRF defence, which once exposed http://addons.mozilla.org to attack. Check out this lab on our Web Security Academy to learn how:https://portswigger.net/web-security/csrf/lab-token-duplicated-in-cookie …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
How many days a year do you think you spend more than 3 hours on a computer/laptop (doesn’t include cell phone)?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
Voting is now open for the top 10 new web hacking techniques of 2019:https://portswigger.net/polls/top-10-web-hacking-techniques-2019 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
New blog post about my favorite challenges from this year's
@KringleCon#holidayhack https://zonksec.com/blog/sans-holiday-hack-challenge-2019-objectives-8-9/ …. I had fun playing! (skip the read if you are coming to@DEFCON402 tonight, as this is my topic)Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I have seen a few posts about gaining access to application portals via a user agent with the string “admin” (or similar) but never understood how those bugs got there in the first place? In what context were developers sending crafted user agents to access things?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
This one is one of my favorite bugs I've ever found, because
@daeken and I were running around NYC for@Hacker0x01's#h1212 until we go finally got a working POC. We also presented this at@defcon 27 and will be a part of my@AppSecCali deck! Enjoy! https://youtu.be/t5fB6OZsR6c pic.twitter.com/tkRQnvExiL
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It gives me a weird feeling seeing a burp request go though and calculator popping...
https://twitter.com/chybeta/status/1212730812325449728 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sam Curry (zlz) proslijedio/la je Tweet
To start the new year I'm releasing another write-up where I explain the process of detecting and exploiting a chained HTTP request smuggling vulnerability which led me to an account takeover.https://hipotermia.pw/bb/http-desync-account-takeover …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.