Chirag Rai
@crai_in
Cyber Security and stuff||Pentester by profession||IamNull on Bugcrowd and HackerOne
You might like
Bypassing Firefox's HTML Sanitizer API by @garethheyes portswigger.net/research/bypas…
Hola Hola 👋👋, Here is new Monday Flyer, and it talks about Compromises that can happen in CI/CD pipelines. Download : securityzines.com/flyers/cicd.ht… Proudly brought to you by @GitGuardian 😍❣️♥️❤️💗 #infosec #appsec #cybersecurity #bugbountytips #security
Team Pangu's demonstration of iOS 15 remote web-based jailbreak on iPhone 13 Pro. #iOS15 #jailbreak
OWASP Top 10 (2021): 1. Insufficient security funding 2. Using “god” as password 3. Too busy tweeting 4. <redacted> 5. Mispronouncing “gif” 6. 1264 tickets in Jira backlog 7. Too many meetings 8. Hiring w/ whiteboard coding exercises 9. Helicopters 10. Workday deleting goals
Steps to Reproduce Dependency Confusion 🔥 Detailed dhiyaneshgeek.github.io/web/security/2… @pdnuclei #bugbountytip #bugbountywriteup #bugbounty
My blog on CSRF attacks: CSRF Today: Techniques, Mitigations and Bypasses: medium.com/@chiragrai3666… Special thanks to @sec_r0 for his CSRF zine.
Nice finding by @0xInfection: <scrpt>confrm()</scrpt> will by pass WAF and execute on web apps running PHP pspell_suggest().
I have created a Mind map for #CloudPentest Focused on #AWS, #GCP & #Azure I will keep updating the repo as I keep learning🤓 GitHub: github.com/TROUBLE-1/Clou…
I completed the Web Security Academy lab: Stealing OAuth access tokens via an open redirect @WebSecAcademy portswigger.net/web-security/o… I definitely recommend their labs to everyone. Keep up the good work @PortSwigger @WebSecAcademy @PortSwiggerRes
Check out my basic reference checklist for iOS Pentesting / Bug Bounty Methodology... 🤓🤓🤓 mm.tt/1713501700?t=R… @india_shield @softwaroid #bugbountytips #infosec #iOSsecurity
🎁 Merry X(SS)MAS! Hackers!🎄 Beginning today we are doing 12 swag-ful days of giveaways and challenges. Today's challenge is simple: spread the cheer of #XSSMAS with a retweet of this tweet to be one of 12 researchers to get today's exclusive swag! ☃️
Advent of Cyber is back! 🎅 Learn the basics of security by doing a beginner friendly security exercise everyday leading up to Christmas for free, starting Dec tryhackme.com/christmas We're excited to have @offsectraining sponsoring the event with PWK & Proving Ground Vouchers!
Roses are red Violets are blue If you don't want to learn stuff on your own hacking isn't for you #bugbountypoems
never let your printer know you need to print something until it's imminent, or it'll stop working. they can smell fear.
Cloudflare #WAF Bypass Just use {alert`1`} instead of alert(1). Any #XSS vector will work (except <script>). Yeah, it's just that easy.
[CORS Exploitation Resources] Presentation: youtube.com/watch?v=wgkj4Z… Paper: bedefended.com/papers/cors-se… Write-ups: hackerone.com/reports/426165 hackerone.com/reports/426147 corben.io/tricky-CORS/ medium.com/@saamux/full-a…
United States Trends
- 1. Good Saturday 29.5K posts
- 2. GAME DAY 11.8K posts
- 3. Massie 78.3K posts
- 4. #SaturdayVibes 4,330 posts
- 5. #Caturday 3,752 posts
- 6. #Varanasi 61.5K posts
- 7. #MeAndTheeSeriesEP1 848K posts
- 8. Senior Day 2,293 posts
- 9. Draymond 27.1K posts
- 10. #GlobeTrotter 423K posts
- 11. PONDPHUWIN AT MAT PREMIERE 583K posts
- 12. Marjorie 92.2K posts
- 13. Brooklynn 1,345 posts
- 14. St. Albert N/A
- 15. Willie Green 1,473 posts
- 16. Diosa 7,597 posts
- 17. Wemby 50.7K posts
- 18. For God 191K posts
- 19. America Only 34.4K posts
- 20. Bubba 68.5K posts
Something went wrong.
Something went wrong.