Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @sushiwushi2
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @sushiwushi2
-
Prikvačeni tweet
CSP bypass for googleapis[.]com/customsearch/
#bugbountytipspic.twitter.com/dOi3IWfxxg
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
WooT! There is always a way. New
#bugbounty#pentest short write up! Chain the bugs till you get what you want.#bugbountytip#bugbountytips#hacking Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:)
pic.twitter.com/nlAv4pMPhx
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Fun fact: That job screening company that scans Twitter accounts for bad words has developers that commit plaintext passwords on GitHub. ... Maybe they're scanning the wrong website.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
@ngalongc,@EdOverflow, and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover. https://blog.reconless.com/samesite-by-default/ …pic.twitter.com/5R23YmpksT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
ffuf 1.0 released! phew, this is a big one. Feature highlights in this thread Huge thanks for all the contributors, and special thanks to
@codingo_ for pulling off a feature bounty and@Ice3man543 for fulfilling it in a record time (and contributing said bounty to charity).Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Tried to save an ID once, that didn't exist, with value 99999999999. MYSQL could only store highest integer value of 2147483647. It inserted the new model with the highest possible primary key. Locked table for further insertions. Brought down whole backend for new registrations.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Hacker tip: when you’re looking for IDORs in a model that references another model, try storing IDs that don’t exists yet. I’ve seen a number of times now that, because the model can’t be found, the system will save the ID. (1/2)
#TogetherWeHitHarderPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Unrestricted file upload https://link.medium.com/sILCWr8xB3 https://link.medium.com/V8SdaJ8xB3 https://noobe.io/articles/2019-09/exploiting-cookie-based-xss-by-finding-rce … https://link.medium.com/6qTQZwayB3 https://anotherhackerblog.com/exploiting-file-uploads-pt-2 … https://link.medium.com/1wFiIWayB3 https://link.medium.com/5rv5CbbyB3 https://mustafakemalcan.com/asus-rce-vulnerability-on-rma-asus-europe-eu … https://link.medium.com/jFGhtvbyB3 https://link.medium.com/fRfag0byB3
#bougbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Quick question: Is it "for fucks sake" or "for fuck sake" ? It's for a work email so has to sound professional.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Always threw me for ages before I realised that '[' is just a program (technically usually a built-in, but whatever) that requires its last argument to be ']'
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Not really to scare off, but I once had a SQLi attempt automatically redirect to a cybersecurity engineer job offer at that company. Pretty clever!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
What is the best way to scare off black hat hackers?

pic.twitter.com/xTL5fI3NBv
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Time for a new
#bugbounty tip! When I sign up to a website/newsletter/reset password, I look at the website which hosts the logo/image in the email I receive. This led me multiple time to insecure AWS S3 buckets and scope expansion.#bugbountytip#bugbountytips#infosec#hackingHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
CVE-2020-0674: Microsoft Internet Explorer 0day - Scripting Engine Memory Corruption Vulnerability being exploited in the wildhttps://www.reddit.com/r/netsec/comments/equ1s6/cve20200674_microsoft_internet_explorer_0day/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Popped calc in Chrome. This isn’t a 0day. I added a relative (oob) rw bug and an info leak to the latest version. I also disabled the sandbox to demonstrate arbitrary code execution. It’s a good playground for developing exploitation techniques.
@infosectcbrpic.twitter.com/YZ351QVEdUHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
Exploiting SQL Injection in Android's Download Provider (CVE-2019-2198) Blind SQL injection in Android's Download Provider will retrieve user cookies of downloaded file website (e.g. Gmail). Patched in November's 2019 Android Security Bulletin. PoC + info:https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiWhere/ …pic.twitter.com/9GOTrPA858
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
To generate traffic, embed "CVE-2020-0601", "Exploit" and/or "PoC" keywords anywhere. Thank you
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
ZAP 2.9.0 is now available from https://www.zaproxy.org/download/ For full details see the release notes: https://www.zaproxy.org/docs/desktop/releases/2.9.0/ … Thank you to everyone who has contributed to this release.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je Tweet
@Hacker0x01 blocked me, because program member close my report as Low severity (Oauth token leak) and i say that this program member is liar... I ask@Hacker0x01 to look again for this report, but no respone was given. But for "liars" thay react very fast. Ok, no problem.pic.twitter.com/jTDWV7BDTQ
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
iamsushi proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
iamsushi proslijedio/la je Tweet
#APT#Darkhotel#0day#WizardOpium Chrome RCE to windows Privilege Escalation First Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/ … Then Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium(Windows 7) https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/ …pic.twitter.com/VUwL14hPNf
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.