Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
Blokirali ste korisnika/cu @what000if
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @what000if
-
what000if proslijedio/la je Tweet
SQL Injection Payload List by
#ismailtasdelen https://link.medium.com/lxgpVQNUK3 Password Cracking Is Easy: Here’s How to Do It by@KennyMuLi in@TDataScience https://towardsdatascience.com/password-cracking-is-easy-heres-how-to-do-it-875806a1e42a … API Security Testing(Part 1) by Saumya Prakash Ranahttps://link.medium.com/tFlFCFfVK3Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.
#bugbountytip#bugbountytip#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Airbnb
#bugbounty https://link.medium.com/eC4n4GTUN3 https://xpoc.pro/oauth-authentication-bypass-on-airbnb-acquisition-using-weird-1-char-open-redirect … https://www.arneswinnen.net/2017/06/authentication-bypass-on-airbnb-via-oauth-tokens-theft … https://buer.haus/2017/03/31/airbnb-web-to-app-phone-notification-idor-to-view-everyones-airbnb-messages/ … https://buer.haus/2017/03/13/airbnb-ruby-on-rails-string-interpolation-led-to-remote-code-execution/ … https://buer.haus/2017/03/09/airbnb-chaining-third-party-open-redirect-into-server-side-request-forgery-ssrf-via-liveperson-chat … https://buer.haus/2017/03/08/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-vulnerabilities …#bugbountytipsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
WooT! There is always a way. New
#bugbounty#pentest short write up! Chain the bugs till you get what you want.#bugbountytip#bugbountytips#hacking Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:)
pic.twitter.com/nlAv4pMPhx
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
#CVE-2020-7799 FusionAuth RCE via Apache Freemarker Templatepic.twitter.com/QGc3cuCiZ7Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
I added a script to generate the PDF & archive for my
#OSCP Exam Report Template in Markdown, as I saw a lot of people where creating their own scripts.https://github.com/noraj/OSCP-Exam-Report-Template-Markdown …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
»_ everything is not as it seems.
«input»;
p=-alert(1)}//\
$result* var n = {a: "-alert(1)}//\", b: "-alert(1)}//\"}; «input»; p=\&q=-alert(1)//$result* var n = {a: "\", b: "-alert(1)}//"};#BugBounty#BugBountyTip#WAF#infosecHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
I published another blog today. This is a story about an interesting SQL Injection I found. “A Not-So-Blind RCE with SQL Injection” by Prashant Kumarhttps://link.medium.com/sC7JJUxgG3
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Steps 0) Login in with Twitter 1) Host Header Injection [to a.cxx] 2) Generate OAuth Token's Link 3) Send link to Victim, after victim authorize 4) Verifier send to a.cxx 5) Reuse use token Account Takeover by
@ngalongc#bugbountytips#bugbountytiphttps://hackerone.com/reports/317476Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
@ngalongc,@EdOverflow, and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover. https://blog.reconless.com/samesite-by-default/ …pic.twitter.com/5R23YmpksT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
SNMP Config File Injection to Shell
#infosec#pentest#redteamhttps://digi.ninja/blog/snmp_to_shell.php …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Wow! "Resources for Beginner Bug Bounty Hunters" has over 1000 stars on GitHub now and we just pushed a new update! Check it out:https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
I've been beta testing this update for a while, it's a good one :)https://twitter.com/Burp_Suite/status/1223285422337462278 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Some
#bugbounty hunters made over €50.000 in bug bounties with this simple trick.
Thanks for the #BugBountyTip,@rez0__!pic.twitter.com/z9sPFJTNqV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Linux Reverse Engineering CTFs for Beginnershttps://medium.com/bugbountywriteup/linux-reverse-engineering-ctfs-for-beginners-4cf03ff2cfb4?source=rss----7b722bfd1b8d---4 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Password reset flaw https://link.medium.com/OVvYaKLng3 https://link.medium.com/HZpTPtR2F3 https://link.medium.com/bpYhuYR2F3 https://link.medium.com/5PnwoRS2F3 https://link.medium.com/A67jqlT2F3 https://thezerohack.com/hack-instagram-again … https://ninadmathpati.com/how-i-was-able-to-earn-1000-with-just-10-minutes-of-bug-bounty … https://link.medium.com/MgdJoyY2F3 https://link.medium.com/iRVWjs02F3 https://link.medium.com/roeUih12F3
#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Directory Listings --> JS files --> Hidden Endpoints --> Endpoints contains hidden parameters --> Playing with, got Server Errors --> Found Apache Solr version 6.0.0 --> Found Vulnerable --> Public POC --> Got RCE :)
#bugbountyHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Learn how an authenticated RCE vulnerability in
#WordPress < 5.2.4 allows attackers to bypass hardening mechanisms. Read more -> http://bit.ly/3aspShs#vulnerability#php#cmspic.twitter.com/UmbAHzH9MB
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
I once got 90% of a critical vulnerability in Mozilla Persona's password reset. 8 years later, it still hurts that I didn't complete it. Has anyone ever successfully exploited SMTP injection via the Reply-To+Eicar technique or similar non-CC methods?https://bugzilla.mozilla.org/show_bug.cgi?id=741814 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
what000if proslijedio/la je Tweet
Hacker tip: when you’re looking for IDORs in a model that references another model, try storing IDs that don’t exists yet. I’ve seen a number of times now that, because the model can’t be found, the system will save the ID. (1/2)
#TogetherWeHitHarderPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.