Matt Szymanski
@rvrshell
Strategist, Builder and Breaker, System and Process Creator, Analyzer, Optimizer, Thief, AppSec, OffSec, Speaker @ Derbycon 9, Texas Cyber Summit, Bugcrowd LE
Vous pourriez aimer
1) What a busy summer! We're excited to announce the experimental release of our DNS over HTTPS (DoH) resolver for @ensdomains! DNS is a widely supported protocol which enables us to provide ENS resolution for all kinds of different platforms and clients.
Abortion is now illegal in Missouri. No exceptions for rape or incest. Right before I was elected, I met a pregnant 11 year old who has been raped by her uncle. What about HER rights?
This is wild: Juniper had a back door in its gear—placed at the request of the NSA—compromised by a hostile foreign government. NSA informed @RonWyden they wrote a "lessons learned" report after the episode, but now says it cannot locate that document. reuters.com/article/us-usa…
NTLMRawUnHide - A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Format feedproxy.google.com/~r/PentestTool…
Check and verify for possible vulnerabilities on ASP .NET applications using a grey-box approach. Source Code Review & Dynamic Analysis voidsec.com/net-grey-box-a…
Many companies send data via POST data (json), I found a lot bugs like Request Arbitrary Path (IDORs), LFI, CRLF,… Example:
Server Side Request Forgery (SSRF) Tips Resources Tools Writeups Cheatsheets Payloads github.com/JakobTheDev/bu… gowsundar.gitbook.io/book-of-bugbou… github.com/csmali/WebVuln… blog.safebuff.com github.com/NeuronAddict/p… github.com/swisskyrepo/Pa… github.com/cujanovic/SSRF… github.com/giteshnxtlvl/Y…
Got a pre-release for the new NVIDIA 3090. Anyone know what kind of power supply I'll need?
To get the #defconsafemode party started, we’re releasing some content early. On the #defcon media server, we’ve got all of the main stage talks, soundtrack, demo labs, art , CTF, music - take what you like. Completists out there, we see you. There’s a v. thicc torrent as well.
Sporting this shirt today bc apparently this is the theme of the day at work
We don't know who needs to hear this right now, but #defconsafemode is free to attend. You don't have to register. It starts in one week. You should join us. defcon.org
if a bruteforce knocks your production webserver offline that's a conversation to have with your infrastructure team not me
I saw this on LinkedIn, and gave the rare literal laugh out loud.
ParamSpider : Parameter miner for humans Got a nice SSRF last week using this : - paramspider found a url with parameter ?file_url= - The parameter was deprecated long back from the production - luckily the parameter was vulnerable to SSRF Github : github.com/devanshbatham/…
Did you know that Scheduled Tasks stored credentials in the SYSTEM Credential Store? Did you also knew that even when you delete a Scheduled Task they remain there? ;)
#RIP #SXSW In happier news, Return of the Ohm is OUT NOW wherever you get your music (Bandcamp, Spotify, Amazon, Apple Music, iTunes, Google Play). Enjoy! distrokid.com/hyperfollow/oh… mcohmi.bandcamp.com/album/return-o… amazon.com/Return-Ohm-Exp…
mcohmi.bandcamp.com
Return of the Ohm, by Ohm-I
Companies looking for remote freelancers: Reply to this thread with a job link or a job spec and contact details Remote freelancers: 👀 Can't have people going without work can we? #coronavirus
United States Tendances
- 1. Giannis 58.7K posts
- 2. Spotify 1.59M posts
- 3. Tosin 64.4K posts
- 4. Leeds 98.9K posts
- 5. Bucks 37.4K posts
- 6. Milwaukee 17.2K posts
- 7. Mark Andrews 2,105 posts
- 8. Maresca 49.2K posts
- 9. Danny Phantom 6,837 posts
- 10. #WhyIChime 2,027 posts
- 11. Poison Ivy 1,926 posts
- 12. Steve Cropper N/A
- 13. Isaiah Likely N/A
- 14. Knicks 25.7K posts
- 15. Purple 52.6K posts
- 16. Wirtz 36.3K posts
- 17. Phantasm 1,369 posts
- 18. Sunderland 46.6K posts
- 19. Delap 17.6K posts
- 20. Jack Smith 40.3K posts
Vous pourriez aimer
-
Sreeram KL
@kl_sree -
Joel Margolis (teknogeek)
@0xteknogeek -
Hx01
@Hxzeroone -
Jasmin Landry
@JR0ch17 -
j3ssie (Ai Ho)
@j3ssiejjj -
Sajeeb Lohani (prodigysml / sml555)
@sml555_ -
Jeff Foley
@jeff_foley -
Masonhck357
@Masonhck3571 -
pwnmachine 👾
@princechaddha -
Random Robbie
@Random_Robbie -
pwnagotchi
@pwnagotchi -
Imran Parray
@imranparray101 -
John
@JohnH4X00R -
X-C3LL
@TheXC3LL -
Monnappa K A
@monnappa22
Something went wrong.
Something went wrong.