You might like
💛❤️💚💙 > This is oil chart and grey bar background is recessions > Notice how after every Oil spike theres a recession that follows.. > we’re about to get flogged .. jobs will be lost unfortunately
In honor of current macro economic conditions I feel it would be criminal not to rewatch The Big Short🍿📽️
I was expecting that people would eventually start to switch from burp to something else since 2020. And here we are.
I think that I'm becoming a @zaproxy main now. Burp feels like it's over-engineered itself (for me, personal opinion) especially in spidering and scanning. Obviously, there are some extensions that I'll have to still use but other than those, I just like Zap better these days.
I hope that even my worst critics remain on Twitter, because that is what free speech means
I set myself the challenge of auto executing JavaScript without a click with the animate tag. You can now do this on Firefox and Chrome using the use element. portswigger.net/web-security/c…
I have been able to capture #Flubots deployment code⚠️ 🔍This code is used on websites when a victim attempts to download the malicious APK Here is what I found ⤵️ 1/n
CVE-2021–35587 Oracle Access Manager Pre-Auth RCE Analysis. testbnull.medium.com/oracle-access-…
I hate `shutdown` when we had the long-time command `halt`
I hate `systemctl poweroff` when we had the long-time command `shutdown` otherwise. It seemed like they changed the nomenclature intentionally just to be different.
Take a deep dive into JSON Web Token implementation security with @intrigus_ and learn how they found a whole bunch of CVE with their latest bounty award winning ($4,500USD) #CodeQL query. This query is now included in the standard query set as well! github.co/3fPhQDw
Just discovered a weird but 100% working #WAF #Bypass - When RFI/LFI are blocked Don’t works. path=../../../etc/passwd file=config.xml Works. path=%00../../../etc/passwd file=%00config.xml This works successfully. Quite a new direction for WAF bypassing. #bugbounty #Infosec
CVE-2021-3002 Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter. cve.mitre.org/cgi-bin/cvenam…
As Microsoft have no intensions of ever paying me for all my submitted vulnerabilities I am forced to do this. Countdown starts today- then I will post them all public. Ms is just trying to get time to patch them then never pay me. I have for over 100.000$ in submissions. 14
Today is the day where @vodafoneNL will shut down their 3G network in favour of 2G and 4G. It's the first provider to do this in the Netherlands, so i'm interested to see the effect of it.
Thanks Safari :D XSS via hash is back!!
The legendary Masato Kinugawa almost solved an impossible lab but it requires X-XSS-Protection to be switched off and using Safari. Interestingly Safari doesn't URL encode the hash!
A hacker-to-hacker interview discussing logical flaws, bug bounties in different markets and where automation fits in. blog.detectify.com/2019/05/03/mee…
blog.detectify.com
Meet the Hacker: Inti De Ceukelaire - Blog Detectify
Inti de Ceukelaire discusses his start to bug bounties, his strength in logical flaws and the future of bug bounty.
United States Trends
- 1. Cynthia 68K posts
- 2. #WorldKindnessDay 9,908 posts
- 3. Good Thursday 32.5K posts
- 4. GRABFOOD LOVES LINGORM 668K posts
- 5. Larry Brooks 1,233 posts
- 6. RIP Brooksie N/A
- 7. $MYNZ N/A
- 8. Taylor Fritz N/A
- 9. Rejoice in the Lord 2,596 posts
- 10. #thursdayvibes 2,958 posts
- 11. #thursdaymotivation 2,141 posts
- 12. Happy Friday Eve N/A
- 13. #SwiftDay N/A
- 14. Michael Burry 9,119 posts
- 15. RIP Larry 1,191 posts
- 16. #ThursdayThoughts 1,722 posts
- 17. MEDICA 15.5K posts
- 18. THEATRE EFW2025 X CL 386K posts
- 19. Bonhoeffer N/A
- 20. Mollie 2,275 posts
Something went wrong.
Something went wrong.