Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @shafigullin
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @shafigullin
-
Prikvačeni tweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Roman Shafigullin proslijedio/la je Tweet
@ngalongc,@EdOverflow, and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover. https://blog.reconless.com/samesite-by-default/ …pic.twitter.com/5R23YmpksT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
SVG animate XSS vector by
@garethheyeshttps://portswigger.net/research/svg-animate-xss-vector …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Microsoft's open-sourced Playwright, a new Node library for automating Chromium, Firefox, and WebKit browsers. Essentially, it's the next generation of Puppeteer, built by the same people. This project looks super promising, I'd love to see it succeed!https://github.com/microsoft/playwright …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Cross-Site Websocket Hijacking bug in Facebook that leads to account takeover https://ysamm.com/?p=363
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Interesting proposal for Unicode: QID Emoji Tag Sequences define what characters mean via Wikidata QID numbers. https://www.unicode.org/review/pri408/pri408-tr51-QID.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Regular expressions in JavaScript: The rules for /g and /y are surprisingly complicated. I discovered several gotchas while researching my latest blog post. Summary of my findings: https://2ality.com/2020/01/regexp-lastindex.html#summary%3A-.global-(%2Fg)-and-.sticky-(%2Fy) …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
I never thought of adding the X-HTTP-Method-Override: PUT header to achieve RCE. I'm surprised this isn't built into burp's scanner. https://www.sec-down.com/wordpress/?p=809 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
My "simple" XSS challenge is over! Once again congratz to
@shafigullin@SecurityMB@BenHayak@element14_23 and@insertScript for solving it! But also to everyone else that tried their best. Have you found all 11 vulnerabilities?
https://medium.com/@terjanq/clobbering-the-clobbered-vol-2-fb199ad7ec41 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.https://leucosite.com/Edge-Chromium-EoP-RCE/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Feature watch: ECMAScript 2020 https://2ality.com/2019/12/ecmascript-2020.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
New writeup, one of my favorite bugs
-
Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty
https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/ …
Featuring...
@d0nutptr@0xacb@Regala_@JLLiS@Yassineaboukir@plmaltaispic.twitter.com/RomLgdCcSC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Using joypad.js for a better gaming experience on the web:https://arunmichaeldsouza.com/blog/using-joypad.js-for-a-better-gaming-experience-on-the-web …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Hi, If you want to know how SSRF Vulnerability was exist in Vimeo, you should read: https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437 … Reported through
@Hacker0x01 ;)Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Come and work with us!!https://twitter.com/albinowax/status/1205176205164589058 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Bootstrap XSS Collectionhttps://gist.github.com/BlackFan/e968b5209637952cca1580dc8ffdfde6 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Ever wondered how to break on Array.prototype.sort, but only if every element in the array is a hiragana character?pic.twitter.com/kTcVQe7GAy
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
XSS is cool and all, but this is next level. You should all watch this to face the bugs that will plague us for the next few years at least.https://twitter.com/shhnjk/status/1196879724695285760 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
We just released the challenges of this year's
#GoogleCTF finals together with a short write up of the intended solutions: https://github.com/google/google-ctf/blob/master/2019/finals/solutions.pdf … If anything is not clear, feel free to DM me and I can share more details about the challenges.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Want to challenge your vulnerability hunting skills? Try our latest Capture The Flag and discover XSS-unsafe jQuery plugins:https://securitylab.github.com/ctf/jquery
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Roman Shafigullin proslijedio/la je Tweet
Here’s probably my favorite XSS of this year :) This is why we love legacy browser features like DOM Clobbering ;)https://twitter.com/securitum_com/status/1196340839418650625 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
/ "The world of Site Isolation and compromised renderer"
Slide: