pyn3rd
@pyn3rd
Security Researcher&Red Team&Cloud Security. BlackHat&HITB&CanSecWest Speaker.
You might like
I just published From XSS to RCE: Critical Vulnerability Chain in Anthropic MCP Inspector(CVE-2025–58444) medium.com/p/from-xss-to-…
🚨 New research: A cryptomining campaign is hijacking exposed PostgreSQL, hiding payloads in fake 404 pages, and abusing legit infra. Multiplatform, stealthy, and still active 👉 wiz.io/blog/soco404-m…
#Bugcrowd Team's handling of my recent report has been absurd. I reported a bug 6 days ago, but they didn’t attempt to reproduce it right away. Today, after it was already fixed, they reproduced it and claimed the bug is no longer applicable, considering it theoretical.@Bugcrowd
Old but GOld! That's a good one!
WAF bypass via junk data [this trick has been around for 13 years] exploit-db.com/exploits/18840 Do not forget: Hackerone is a scam
![h4x0r_dz's tweet image. WAF bypass via junk data [this trick has been around for 13 years]
exploit-db.com/exploits/18840
Do not forget: Hackerone is a scam](https://pbs.twimg.com/media/GwEsJs7XYAAkEFW.jpg)
We (+@sagitz_ @ronenshh @hillai) found a series of unauthenticated RCEs in core @KubernetesIO project "Ingress-NGINX". The impact? From zero permissions ➡️ to complete cluster takeover 🤯 This is the story of #IngressNightmare 🧵⬇️
It was a genuine pleasure meeting @infosec_au in Sydney and receiving your insightful advice and valuable information. Thank you! Hope to see you again soon!
Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RCE in Sonatype Nexus, Cache Poisoning in JFrog Artifactory, and more! Read it all below 🧵
I truly appreciate @albinowax's kind help in adding both my blog and slides to Web Hacking Techniques 2024.Thank you so much!
#CVE-2024-49194 Databricks JDBC Driver via JAAS, Make JDBC Attack Great Again!! I’ve included the link to my write-up below. Enjoy!! blog.pyn3rd.com/2024/12/13/Dat…
Activiti is a lightweight workflow and Business Process Management (BPM) platform that supports Expression Language expressions within its flows. In this example, I demonstrate how to exploit this feature to trigger RCE in a SpringBoot environment.
I’m developing a DNS server that responds with random IP addresses and tracks response times. It’s designed to handle a high volume of cache-miss queries for DNS caching, like Local DNS Server.
I developed an SSH client rootkit to test EDR detection. When a user logs in, it captures the root password and sends it covertly via a DNS TKEY record. With high daily DNS traffic, EDR systems are unlikely to flag this, as analyzing every query would impact performance.
Just read "Make JDBC Attacks Brilliant Again", a fantastic 3-year-old research piece that @pyn3rd recently recommended to me. It starts with JDBC attack principles and root causes, dives deep into implementation issues—including their discovery of a Weblogic RCE—unveils new…
youtube.com
YouTube
#HITB2021SIN D1T2 - Make JDBC Attacks Brilliant Again - Xu Yuanzhen &...
United States Trends
- 1. Marshawn Kneeland 42.8K posts
- 2. Nancy Pelosi 62.5K posts
- 3. Craig Stammen 1,702 posts
- 4. Gordon Findlay 1,887 posts
- 5. Ozempic 5,603 posts
- 6. Michael Jackson 67.6K posts
- 7. Pujols N/A
- 8. #ThankYouNancy 1,097 posts
- 9. Novo Nordisk 5,632 posts
- 10. GLP-1 4,467 posts
- 11. #NO1ShinesLikeHongjoong 36.9K posts
- 12. Abraham Accords 4,013 posts
- 13. #영원한_넘버원캡틴쭝_생일 36.1K posts
- 14. Kazakhstan 5,804 posts
- 15. Kyrou N/A
- 16. Preller N/A
- 17. Kinley N/A
- 18. Gremlins 3 4,794 posts
- 19. Baxcalibur 5,995 posts
- 20. Joe Dante N/A
You might like
-
Cyber Advising
@cyber_advising -
Orange Tsai 🍊
@orange_8361 -
XSS Payloads
@XssPayloads -
James Kettle
@albinowax -
pikpikcu
@pikpikcu -
su18
@K_MnO4_ -
Nuclei by ProjectDiscovery
@pdnuclei -
PT SWARM
@ptswarm -
Gareth Heyes \u2028
@garethheyes -
André Baptista
@0xacb -
浅蓝
@b1u3r -
Swissky
@pentest_swissky -
Soroush Dalili
@irsdl -
Janggggg
@testanull -
Adam Chester 🏴☠️
@_xpn_
Something went wrong.
Something went wrong.