发现一款 Chrome 插件,用于将网页文档以原样式保存到本地浏览器数据库,不用担心隐私泄漏,不依赖网络,支持关键词快速搜索和检索功能,节约磁盘空间同时减少浏览器内存的使用。github.com/wvit/web-docum…
New Blog! Exploiting XSS with Javascript/JPEG polyglot. #xss #infosec #javascript medium.com/@Medusa0xf/exp…
A small gift from my side to all bug bounty hunters. My 8 hour long burp suite focused course for free. share to someone who need it. #bugbountytips #bugbounty #infosec (rt & share + enjoy) udemy.com/course/bug-bou…
Talk about 2 POC of DirtyPipe(CVE-2022-0847) Original POC: dirtypipe.cm4all.com is able to overwrite arbitrary file with offset like ./exp /etc/passwd 5 ":0:0:rootx" Improved POC: haxx.in/files/dirtypip… is able to overwrite a SUID program like ./exp /usr/bin/su
Top 25 Browser Extensions for Pentesters and Bugbounty Hunters (2022) p1boom.com/2022/02/top25-… Did i miss something? #bugbounty #bugbountytips #infosec #Pentesting
Found an XSS filter that allows SVG-based tags? Try the 'use' element, you can import a SVG via a data url and execute JavaScript automatically! portswigger.net/web-security/c…
Most popular key word in #Linux with definitions that’s help u to learn more about who to use it in linux platform. #CyberSecurity #cybercrime #الامن_السيبراني
In this tweet, I will explain to you How to find Leaking AWS Keys.
#update St8out - Extra one-liner for reconnaissance gist.github.com/dwisiswant0/5f… Workflow: metabigor > findomain & amass > filter-resolved > subjack > dig > nmap > webanalyze > dirsearch > LinkFinder > cors-blimey > gowitness > Arjun > meg > gf #bugbountytips
I added a script to generate the PDF & archive for my #OSCP Exam Report Template in Markdown, as I saw a lot of people where creating their own scripts. github.com/noraj/OSCP-Exa…
If you didn't know, you can use Sn1per to retrieve a targets ASN, full subnet list and IP's via 'recon' mode. These can easily be fed into Sn1per using 'discover' mode to scan full subnets and enumerate all hosts. 😎 xerosecurity.com #bugbounty #netsec #infosec #offsec
Are you ready to takeover subdomains? ;) I have developed a tool to scan subdomain takeover vulnerabilities. Found 300+ vulnerable subdomains on Twitter,Yahoo,Pinterest,Periscope,Spotify,HarvardUni,StanfordUni,BerkeleyUni,YaleUni,PrincetonUni... Its free! hackking.net/subdomain-take…
Confirmed. Everyone is affected. Or you are not on the Internet.
I have a major #Databreach announcement tomorrow - 1.2 BILLION people exposed from a single organization. More details soon. @lilyhnewman @troyhunt @MayhemDayOne @DataViperIO
United States 趋势
- 1. Elander 1,669 posts
- 2. Tony Vitello 8,482 posts
- 3. $NOICE N/A
- 4. Danny White 1,595 posts
- 5. #Married2Med N/A
- 6. #LoveIsBlindS9 2,683 posts
- 7. San Francisco Giants 3,571 posts
- 8. SNAP 654K posts
- 9. Jay Johnson N/A
- 10. Surviving Mormonism N/A
- 11. East Wing 133K posts
- 12. Buster Posey N/A
- 13. #13YearsOfRed 1,059 posts
- 14. Brahim 4,360 posts
- 15. #SFGiants N/A
- 16. FIDE 5,444 posts
- 17. NextNRG Inc $NXXT N/A
- 18. Daniel Suarez N/A
- 19. #LaCasaDeAlofoke2 22.6K posts
- 20. Chiesa 7,375 posts
Something went wrong.
Something went wrong.