Part 2: SSH Tunnels Deep Dive - Remote Port Forwarding [with labs] In the previous part, we walked through local port forwarding and saw how an SSH tunnel can give your machine a private path into a service running on the remote side. In this part, we’ll flip the direction.…
![thatstraw's tweet image. Part 2: SSH Tunnels Deep Dive - Remote Port Forwarding [with labs]
In the previous part, we walked through local port forwarding and saw how an SSH tunnel can give your machine a private path into a service running on the remote side.
In this part, we’ll flip the direction.…](https://pbs.twimg.com/media/G7ilhNtWYAA-WN5.jpg)
spent days on a target. no bugs found. But I walked away understanding: ✔️ How do enterprise APIs communicate ✔️ How large systems structure auth & access ✔️ How real world architectures designed still no bounty. this is the learning curve. #bugbounty
Day-5 <<< Day-6 ✔️ did reading on some writeups. ✔️ checked portswigger labs. No hunting for two days. #cybersecurity #hacking #bugbounty
New breach: Russian streaming service KinoKong had over 800k records breached in March 2021. Data included email, name, username, IP address and MD5 password hash. 64% were already in @haveibeenpwned. Read more: haveibeenpwned.com/Breach/KinoKong
Read this blog. Learned valuable lessons. medium.com/@bugbounty734/…
you are a beginner, FOCUS! there is no other way. #cybersecurity #hacking #bugbounty
Day-3 <- DAY-4 ✔️ checked self hosted BBP ✔️ reading write-ups ->->-> not giving up!!! #cybersecurity #hacking #bugbounty
did a deep dive on the target's auth flow. ✔️ Tested forget password flow No major findings. It was fun, though. #cybersecurity #hacking #bugbounty
🔥 content | clear methodology on xss. #cybersecurity #hacking #bugbounty youtu.be/-sLYakVUIuk?si…
youtube.com
YouTube
Bug Bounty Hunting For Client-Side Injections Part II - Reflected &...
📆 Day-1 : 0 submission for yesterday. ✔️ will continue hunting today 🏹 ⏳️Day-2 #cybersecurity #hacking #bugbounty
back to the main program I’m hunting on....locking in for at least one month of full focus. no jumping targets. no distractions. #cybersecurity #hacking #bugbounty
back to the main program I’m hunting on....locking in for at least one month of full focus. no jumping targets. no distractions. #cybersecurity #hacking #bugbounty
A duplicate bug bounty report is for an issue already known or identified. But deciding if a finding is truly a duplicate requires nuance! Getting it wrong can unfairly impact researchers. Here are 3 core principles and common scenarios to guide your evaluation. 👇
AI introduces new risks and not all testing methods solve the same problems. Our new blog breaks down when to use AI testing, pentesting, or AI red teaming, and why the strongest programs use all three: ✔️ AI testing → Understand LLM behavior, misuse, safety ✔️ Pentesting →…
Ubuntu 26.04 LTS is coming this April. Get a preview of what’s on the way. 🦝 discourse.ubuntu.com/t/ubuntu-26-04…
Telling my kids "BC" stands for "Before ChatGPT"
United States Trends
- 1. Paramount 55.8K posts
- 2. #CHILISSKILLETQUESO N/A
- 3. Chargers 11.9K posts
- 4. Kyle 32K posts
- 5. NextNRG Inc. 2,366 posts
- 6. #NextNRG_GridSave N/A
- 7. #IDontWantToOverreactBUT 1,609 posts
- 8. Go Birds 5,045 posts
- 9. #GoldenGlobes 107K posts
- 10. #NextNRG_FoodGridRescue N/A
- 11. Warner Bros 94.2K posts
- 12. Crockett 19.8K posts
- 13. Harada 15.6K posts
- 14. Tim Banks 1,454 posts
- 15. Talarico 7,411 posts
- 16. Kroger 1,288 posts
- 17. Victory Monday 3,559 posts
- 18. Allred 2,688 posts
- 19. The ACC 51.3K posts
- 20. Tekken 35.5K posts
Something went wrong.
Something went wrong.