BiLLi

@thejini3

Vrijeme pridruživanja: listopad 2019.

Tweetovi

Blokirali ste korisnika/cu @thejini3

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @thejini3

  1. proslijedio/la je Tweet
    2. velj
    Poništi
  2. proslijedio/la je Tweet
    1. velj

    I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :)

    Poništi
  3. proslijedio/la je Tweet
    2. velj

    WooT! There is always a way. New short write up! Chain the bugs till you get what you want. Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:) 🎉🎉

    Prikaži ovu nit
    Poništi
  4. Poništi
  5. proslijedio/la je Tweet
    1. velj

    Inject XSSHunter's payload in PortSwigger's hackability and send it to your target server to check for server side js execution. It will help you get screenshots in case if there is a blind SSRF :)

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    1. velj

    NEW BLOG POST ON RECON ON SHODAN PUBLISHED BY ME DO TAKE A READ AND SHARE 🙏

    Poništi
  7. proslijedio/la je Tweet
    31. sij
    Odgovor korisnicima

    project updated using your API. Everything is legit and respect your ToS now.

    Poništi
  8. Poništi
  9. proslijedio/la je Tweet
    31. sij

    So I just found out about the Application for a Pardon I can send to .. I am going to try and request a pardon to have all of my rights restored from my previous hacking convictions. I am going to need character witnesses for this process... 1/x

    Prikaži ovu nit
    Poništi
  10. Poništi
  11. proslijedio/la je Tweet
    30. sij

    PlaystoreDownloader : A command line tool to download Android applications directly from the Google Play Store : (not affiliated with Google in any way)

    Poništi
  12. proslijedio/la je Tweet
    30. sij

    I published another blog today. This is a story about an interesting SQL Injection I found. “A Not-So-Blind RCE with SQL Injection” by Prashant Kumar

    Poništi
  13. Poništi
  14. proslijedio/la je Tweet
    29. sij
    Odgovor korisnicima

    I still dont automate anything 🤷‍♂️

    Poništi
  15. proslijedio/la je Tweet
    29. sij
    Odgovor korisnicima

    No need my friend. did a great job at it already. Check out his entire playlist:

    Poništi
  16. proslijedio/la je Tweet
    29. sij

    One more: Find a subdomain such as <grafana>.corp.company.com which points to a external IP example however only accessible inside VPN and such SSRF could be leveraged in that way. You can often find such hosts over SSL. Have exploited such in pasts. Might even be a

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    28. sij

    [Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    29. sij

    SQL Injection WAF bypass techniques 1.Nullbyte: %00' UNION SELECT password FROM Users WHERE username-'tom'-- 2. SQL Comments: '/**/UN/**/ION/**/SEL/**/ECT/**/password/**/FR/OM/**/Users/**/WHE/**/RE/**/usersame/**/LIKE/**/'tom'--

    Prikaži ovu nit
    Poništi
  19. Poništi
  20. proslijedio/la je Tweet
    27. sij

    What tools do bug hunters use for finding Github (git) secrets?

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·