Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @sandh0t
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @sandh0t
-
Prikvačeni tweet
I'm proud to share my first write-up, hope you enjoy it Think Outside the Scope: Advanced CORS Exploitation Techniqueshttps://link.medium.com/UTKkk4wvGW
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
This month I learnt how to analyse the JavaScript of a React Native application while bounty hunting. I wanted to share what I found out with everyone else.https://blog.assetnote.io/bug-bounty/2020/02/01/expanding-attack-surface-react-native/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
Ever had
@Burp_Suite chewing up memory and CPU usage? A possible reason could be the DOM XSS scanner! This is how you can disable it! Go to Dashboard > Live audit from Proxy > Settings > Scan Config > Edit > Issues Reported > Disable JavaScript Analysis Sweet and simple!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
Quick and dirty way to find parameters vulnerable to LFI & Path Traversal & SSRF & Open Redirect: Burp Search > Regex \?.*=(\/\/?\w+|\w+\/|\w+(%3A|:)(\/|%2F)|%2F|[\.\w]+\.\w{2,4}[^\w]) Suggestions are welcome.pic.twitter.com/E0nEDFeUaM
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
How I find Blind XSS Vulnerability in http://redacted.com by newp_thhttps://link.medium.com/EPOh33Vs01
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Top 8 Burp Suite Extensions That I Use to Hack Web Siteshttps://trustfoundry.net/the-top-8-burp-suite-extensions-that-i-use-to-hack-web-sites/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Yay, I was awarded a $7,200 bounty on
@Hacker0x01! https://hackerone.com/sandh0t#TogetherWeHitHarderHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
My dream come true
Finding an #XSS on#Google main domain#BugBounty @GoogleVRPApic.twitter.com/Xw7RjYe9dT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Chaining Cache Poisoning To Stored XSS by
@nahoragghttps://link.medium.com/C1whJcuQGYHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
I used this trick with
@bbuerhaus not too long ago where we saw a reference to a Jira subdomain in the data we collected from a certificate. We were able to see the Jira instance and exploit an SSRF to get access to the company's internal network.pic.twitter.com/CgIyK12ENC
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
sandh0t proslijedio/la je Tweet
New blog post: Analysis of an Atlassian Crowd RCE - CVE-2019-11580https://www.corben.io/atlassian-crowd-rce/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Slurp - Amazon AWS S3 Bucket Enumeratorhttps://www.darknet.org.uk/2019/07/slurp-amazon-aws-s3-bucket-enumerator/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Successfully passed the
#OSCE exam, Thanks@offsectraining for this awesome experience#offsec. Next step is#OSWEpic.twitter.com/MaAZz2xfH8
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
Cool way to pull down tools on an internal engagement when you lack wget, curl, etc on a Linux system using Bash net redirections. Pretty slick.
#infosec https://www.anmolsarma.in/post/bash-net-redirections/ …pic.twitter.com/vWQR3NGI4Z
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
cat urls.txt | while read url; do gobuster -u https://"$url" -q -e -k -w content_discovery_all.txt; done > sub_url.txt; cat sub_url.txt| cut -d ' ' -f 1 > /opt/parameth/params.txt;cd /opt/parameth;cat params.txt | while read url; do python http://parameth.py -u "$url"; donepic.twitter.com/PIb0gdEk9S
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
Introducing Shodan Monitor: a new website to help you setup network alerts and keep track of what's connected to the Internet - and it's available at no additional cost to members: https://monitor.shodan.io pic.twitter.com/0XvU60Akh1
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
RCE on Steam Client via buffer overflow in Server Info by
@0xACB and vinnievan. Full report here: https://hackerone.com/reports/470520 ($18,000 bounty)pic.twitter.com/b0Zpbw6yfLHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#rescope awesome tool! Just copy a bug bounty program's scope from their page, paste it to a .txt file, and convert it to Burp scope using one command.https://github.com/root4loot/rescope …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
sandh0t proslijedio/la je Tweet
Turns out the first bug bounty payment was made in 1836, when a sewerman discovered a hidden entrance to the Bank of England - “For his honesty, the Bank rewarded him with a gift of £800”https://www.bankofengland.co.uk/knowledgebank/how-much-gold-is-kept-in-the-bank-of-england?utm_source=twitter&utm_medium=social&utm_campaign=knowledgebank&utm_content=gold …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.