Joshua Ruppe
@josh_ruppe
I Test Pens @ Nordstrom, Founder of @hackers_against, Security Researcher & Speaker, Eater of Delicious Burgers, Running Man, #DC470, #DC404
You might like
some ways to bypass 403 1- using space symbols exmaple: /admin -> 403 /admin%09 -> 200 /admin%20 -> 200 2- use traversal Example: /admin -> 403 /..;/admin -> 200 you can fuzz with traversal sometimes that's end with results Example: /..;/FUZZ #bugbountytips #BugBounty
You can use ChatGPT for offensive security !!! Learn in this thread. #infosec #bugbountytips
30 cybersecurity search engines for researchers: 1. Dehashed—View leaked credentials. 2. SecurityTrails—Extensive DNS data. 3. DorkSearch—Really fast Google dorking. 4. ExploitDB—Archive of various exploits. 5. ZoomEye—Gather information about targets.
3 websites you should definitely bookmark if you're a pentester 🧵👇🏾👇🏾
Tips to find your Public IP from command line.
What's missing? KERBEROS ABUSE •ASREP Roast •ASREQ (kerbrute – enum users) •ASREQ Roast •Kerberoast •Golden Ticket •Silver Ticket •Diamond Ticket •Sapphire Ticket •Bronze Ticket •Unconstrained Delegation •Constrained Delegation 1/2
Enjoy the complimentary anxiety.
Welcome to cybersecurity. The more you learn, the less you know.
RIP to the legend. A terrible loss ;(
You are never, ever too “junior” to talk to anyone in Infosec. There’s no bar you must pass, talk you must give, code you must write before you’re qualified to nerd out with someone. Anyone. Really. Trust me, the “famous” nerds miss the heck out of you.
I feel like I remember reading about this in a 2600 magazine back in the day. Nonetheless, what a ride these two paragraphs are.
learning about the "Quadro Tracker", a bomb/drug/person-locating device a bunch of cops & school districts bought in the 90s that turned out to just be a box of dead ants
learning about the "Quadro Tracker", a bomb/drug/person-locating device a bunch of cops & school districts bought in the 90s that turned out to just be a box of dead ants
Today is the first official day of Hackers Against Hate being in operation. While there is some more work being done behind the scenes, the public facing portion has been completed. It has been a long road to get to this point, but it has been well worth it. 1/2
Oh hey, its me.
clever employers are starting to figure out the strengths of working *with* this
Need to quickly generate a reverse shell? Need it in emoji PHP? Node? Ruby? revshells.com is a pretty cool tool that was pointed out to me earlier this week. You can pre-populate source and listener IPs/Ports, the shell you want to use, etc. 👍🏼
United States Trends
- 1. #WWERaw 68.5K posts
- 2. Purdy 27.1K posts
- 3. Panthers 36.6K posts
- 4. Bryce 20.3K posts
- 5. 49ers 40K posts
- 6. Canales 13K posts
- 7. Timberwolves 3,057 posts
- 8. Gonzaga 3,697 posts
- 9. Finch 14.3K posts
- 10. #FTTB 5,596 posts
- 11. Penta 10K posts
- 12. Mac Jones 4,852 posts
- 13. Keegan Murray N/A
- 14. Niners 5,653 posts
- 15. Amen Thompson 1,766 posts
- 16. #KeepPounding 5,306 posts
- 17. Zags N/A
- 18. Malik Monk N/A
- 19. Gunther 14.7K posts
- 20. Jennings 8,872 posts
Something went wrong.
Something went wrong.