你可能會喜歡
By the grace of Allah Almighty i Got #OSEP certified Thank you @offsectraining for providing such an Intense Training. Learnt alot and will definitely recommend this Certification
🛡️ 𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐄𝐧𝐠𝐢𝐧𝐞𝐞𝐫'𝐬 𝐆𝐮𝐢𝐝𝐞 𝐭𝐨 𝐌𝐂𝐏 If you need to learn how to test & secure MCPs in your org in a hurry... Get up to speed in 10min + a free MCP security cheatsheet of exactly what to look for.
𝗖𝗶𝗽𝗵𝗲𝘆 🕵🏽♂️ ⚡ Descifra automáticamente cifrados sin conocer la clave o el algoritmo, decodifica codificaciones y rompe hashes. Ideal para #CTFs ⚡ 🔗 github.com/bee-san/Ciphey
Stop using basic XSS payloads. @RenwaX23 compiled the nastiest collection of parentheses-free XSS eval.apply${[alert\\x2823\\x29]} `Reflect.apply.call`${alert}${undefined}${}`[11] `throw onerror=eval,SyntaxError`alert\\x2823\\x29 Check it out: github.com/RenwaX23/XSS-P…
Automates SQL injection testing using SQLMap with AI-powered decision making.⚙️ - github.com/0xSojalSec/sql… #infosec #cybersec #bugbountytips
HexStrike AI: The World's Most Advanced AI-Powered Penetration Testing Framework with Autonomous Agents, Intelligent Decision Engine, and 150+ Security Tools. GitHub: github.com/0x4m4/hexstrik…
scan4all: Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty GitHub: github.com/GhostTroops/sc…
GitHub - pr0v3rbs/CVE-2025-32463_chwoot: sudo Local Privilege Escalation CVE-2025-32463 - github.com/pr0v3rbs/CVE-2…
Here are the slides from my @TumpiConIT talk: Teaching LLMs how to XSS - An introduction to fine-tuning and reinforcement learning (using your own GPU) docs.google.com/presentation/d…
You keep asking about realistic usage of Burp Suite, and I like it. Let's dig through old, but still relevant, blog posts... ⤵️
Congrats! PoC usually: 1️⃣ Find target email, create email with punycode version 2️⃣ Reset password with unicoded version 3️⃣ Find reset password link in attacker's creates email adress
Account takeover due to unicode normalization issue. - Victim account: [email protected] - Attacker account: ynoⓞ[email protected] Due to no validation send to the email and some unicode issues , this leads to account takeover. Thanks @HusseiN98D for the idea. #bugbountytips
If you never used the Piper extension, I recommend to watch the 4-minute demo I gave last year during my talk at @NorthSec_io 🛠️ youtube.com/watch?v=N7BN--…
youtube.com
YouTube
NSEC2023 - Burp Suite Pro tips and tricks, the sequel
Basically allows you to execute **any** tool/command on **any** part of an HTTP request/réponse. It can pipe tools together as well as automatically execute pipelines. You can even launch GUI tools such as meld for easy diffing @Agarri_FR mentioned it a while ago and it's awesome
AdaptixC2 v0.5 is out github.com/Adaptix-Framew… * Windows "gopher" agent * Fast socks5 tunnels via "gopher" agent * Remote Terminal * Client side tunnels More details in the changelog: adaptix-framework.gitbook.io/adaptix-framew…
Just released WPProbe v0.6.0! It now includes a bruteforce mode and a hybrid scan (REST endpoints + bruteforce). Check it out: github.com/Chocapikk/wppr… (Thanks @ibrahimsql for the PR)
Built a Burp Suite extension to run SQLmap directly from the GUI. No more saving HTTP requests + jumping to terminal. Just: – Mark param with * – Right-click → Send to SQLmap – Pick options → Run Linux-only for now. Windows support coming soon. Full write-up:…
IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX - @wiz_io wiz.io/blog/ingress-n…
GoExec 是用于在 Windows 设备上实现远程执行方法的新尝试。GoExec 实现了许多尚未广泛应用的执行方法,并整体上提供了显著的操作安全性(OPSEC)改进。 github.com/FalconOpsLLC/g…
collect emails, usernames from commit history of repos of an org from GitHub for more personalized targeting of employees ghintel.secrets.ninja
Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Recon cyberw1ng.medium.com/part-2-advance… #bugbounty #bugbountytips #bugbountytip
United States 趨勢
- 1. #UFC321 16.5K posts
- 2. #OctHealingStreamsDay2 N/A
- 3. Maksum N/A
- 4. Good Saturday 30.9K posts
- 5. Mizuki 16.1K posts
- 6. Raposo N/A
- 7. #Caturday 4,087 posts
- 8. Sunderland 36.5K posts
- 9. #SaturdayVibes 4,630 posts
- 10. #CollegeGameDay N/A
- 11. Garnacho 23.7K posts
- 12. Amorim 23.6K posts
- 13. Armorion Smith N/A
- 14. Joao Pedro 8,102 posts
- 15. Kenny Chesney N/A
- 16. Prime Rib N/A
- 17. Patrick Star 11.1K posts
- 18. Your Pete 3,364 posts
- 19. TAEHYUNG GOES TO HOLLYWOOD 68.5K posts
- 20. Neto 15.9K posts
你可能會喜歡
-
Gotcha1G
@Gotcha1G -
Abdelrhman Allam 🇵🇸
@sl4x0 -
mhmd berro (badcracker)
@badcrack3r -
Roberto Nunes
@0x_Akoko -
Ali Mansour
@mrxhunter1337 -
Hossam A. Mesbah 🇵🇸
@m359ah -
Karim Habeeb
@NoRed0x -
Hazem
@H4cktus -
Chevy Phillip
@chevyphillip -
bsysop
@bsysop -
Gavin K
@atomiczsec -
Medusa
@medusa_0xf -
Rohan
@_Base_64 -
Leonidas D. Ace (Md Rafi Ahamed) 🇧🇩
@L3onid1s -
Pramod Yadav
@cyberindia3
Something went wrong.
Something went wrong.