yappare

@yappare

Skiddies. I retweet and like others tweet for own read.

Vrijeme pridruživanja: studeni 2010.

Tweetovi

Blokirali ste korisnika/cu @yappare

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @yappare

  1. Prikvačeni tweet
    16. stu 2018.

    *browsing the internet and found a random website with /xx.php?id=1* my brain: don’t do it don’t do it don’t do it don’t do it don’t do it don’t do it don’t do it don’t do it don’t do it don’t do it don’t do it don’t do it me: put a single quote (')

    Poništi
  2. proslijedio/la je Tweet
    prije 7 sati

    Today I presented a rough idea of a (brand-new?) data exfiltration technique with regular expression injection and timing attack at OWASP Night (Japan). Enjoy!

    Poništi
  3. proslijedio/la je Tweet
    3. velj

    TeamViewer stored user passwords encrypted, not hashed, and the key is now public

    Poništi
  4. proslijedio/la je Tweet
    1. velj

    RE just retired from . As the creator of the box, I tried to bring phishing/macro obfuscation concepts to the initial access. The intended privescs were the WinRar ACE file exploit, and XXE in Ghidra. I'll show two unintended privescs too.

    Poništi
  5. proslijedio/la je Tweet
    27. sij

    I had to get a background check for my job, and it turns out the report is a 300+ page pdf of every single tweet I’ve ever liked with the work “fuck” in it. Enjoy your dystopian bs! *waves*

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    1. velj

    The team is working through submissions for the first round of 2020 hiring for junior and senior roles. Be quick to get in there if you’re new to the industry or just looking for a change from the norm.

    Poništi
  7. proslijedio/la je Tweet
    31. sij

    Want to see how the red team weaponizes threat intel for R&D and TTP development? Check out some research I did with and . Also includes some new executables that can be used for DLL abuse.

    Poništi
  8. proslijedio/la je Tweet
    30. sij

    Ever wanted to take a peek at the mimikatz sekurlsa::msv internals? New blog post is all about it plus, it also showcases PyKDumper, a tool that dumps LSASS credentials through WinDBG/PyKD.

    Poništi
  9. proslijedio/la je Tweet
    31. sij
    Poništi
  10. proslijedio/la je Tweet
    31. sij

    , , and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover.

    Poništi
  11. proslijedio/la je Tweet
    31. sij

    BREAKING: Singapore to ban people who visited China recently from entering the country

    Poništi
  12. proslijedio/la je Tweet
    31. sij

    📝It’s about time to start unveiling writeups about tasks from the qualifying stage. The first one is dedicated to the “In the Shadows” task, and we are happy to share it with you right now:

    Poništi
  13. proslijedio/la je Tweet
    27. sij

    As a part of my internship last year, I got a chance to perform Memory forensics on the Cridex Banking Trojan Sample. The tool of choice was obviously You can find the report in the link below. Let me know what you think 🙂

    Poništi
  14. proslijedio/la je Tweet
    30. sij

    Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!

    Poništi
  15. proslijedio/la je Tweet
    30. sij
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    28. sij

    [Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    27. sij

    If there is no rate limit on PIN functionality of Android APK ,but the app is protected by every mechanism, then try to brute Force using adb . for i in {0000..9999}; do adb shell input text ; done #600$

    Poništi
  18. proslijedio/la je Tweet
    28. sij

    I wrote a guide to securing applications and passing the security review for the blog:

    Poništi
  19. proslijedio/la je Tweet
    28. sij

    This is a summary for what i discussed with in our latest stream about my recon process, that will be easier for you as you might mess some when you watch the video later on. Thanks Ben, what you do for community is dope

    Poništi
  20. proslijedio/la je Tweet
    28. sij

    I always had a hard time finding writeups beacuse they were all over the place in different blog posts, so I made this. If you know of something that is not in there, you are more than welcome to contribute! 🎉

    Poništi
  21. proslijedio/la je Tweet
    28. sij

    So glad to finally be able to release Collaborator++! It adds the ability to view interactions from all contexts, manually poll for interactions on old contexts, and secure your private servers with a pre-shared key!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·