Sahil Sharma
@sigwotts
CYBER SECURITY ENTHUSIAST | CNSP | OWASP Chapter Lead | CTF PLAYER #thm #htb | TOP 1% in THM | BUG HUNTER | WEB DEVELOPER | #cyber_security #pentesting #ctf
🎁Monthly Giveaway🎁 Hack The Box 6-month VIP+ - Follow, Like, and Retweet to join! - Winners will be picked randomly on 5 June. #hackthebox #giveaway #projectsekaictf
🚨 𝗘𝘅𝗰𝗶𝘁𝗶𝗻𝗴 𝗡𝗲𝘄𝘀! 🚨 We are thrilled to announce the launch of 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗲𝗱 𝗔𝗰𝘁𝗶𝘃𝗲 𝗗𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗲𝗫𝗽𝗲𝗿𝘁 (𝗖-𝗔𝗗𝗣𝗲𝗻𝗫) exam, the 𝗺𝗼𝘀𝘁 𝗮𝗱𝘃𝗮𝗻𝗰𝗲𝗱 𝗔𝗗 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗲𝘅𝗮𝗺 yet! 🎉 𝘞𝘢𝘯𝘵 𝘵𝘰 𝘸𝘪𝘯…
🎁Monthly Giveaway🎁 Hack The Box 1-year VIP+ & 3-month Prolab - Follow, Like, and Retweet to join! - Winners will be picked randomly on 11 Feb. #hackthebox #giveaway #projectsekaictf
Payloads for LFR/LFD ⚔️ file:/etc/passwd%3F/ file:/etc%252Fpasswd/ file:/etc%252Fpasswd%3F/ file:///etc/%3F/../passwd file:${br}/et${u}c%252Fpas${te}swd%3F/ file:$(br)/et$(u)c%252Fpas$(te)swd%3F/ #infosec #cybersec #bugbountytips
If you like bounties, I highly recommend this presentation from @tincho_508 on novel web cache deception techniques. It comes with @WebSecAcademy labs too! youtube.com/watch?v=70yyOM…
youtube.com
YouTube
DEF CON 32 - Gotta Cache ‘em all bending the rules of web cache...
Malware Analysis series 📌👾 Part 1 : 🔗cocomelonc.github.io/tutorial/2021/… Part 2 : 🔗cocomelonc.github.io/tutorial/2021/… Part 3 : 🔗cocomelonc.github.io/tutorial/2022/… Part 4 : 🔗cocomelonc.github.io/tutorial/2022/… Part 6 : 🔗cocomelonc.github.io/malware/2022/1… Part 7 : 🔗cocomelonc.github.io/malware/2023/0… Part 8 : 🔗cocomelonc.github.io/malware/2023/0……
After going through 200+ IDOR reports, and spending some time hunting for them in Real Targets across multiple functionalities, here are some of the attack methodologies I build for myself, which I feel can be useful to others too. Follow this thread to know more.
A thread for applying off-campus🧵 Companies throughout the year hires 3rd year for 2month intern and 4th year for 6month intern and FTE roles.Most these internships are great for exposure how real industry works and also gives a chance of getting Pre-Placement Offers (1/13)
I successfully got the SentineOne Incident Responder badge from @SentinelOne. credly.com/badges/bdf4dea… via @credly
Tip:- Add to your wordlist: auth/jwt/register auth-demo/register/classic auth-demo/register/modern My First P1🥳 #bugbountytips #bugbountytip #bugbounty #hackerone #bugcrowd #h1
Introducing BLACKBIRD Burpsuite Integration Extension blog.blackbirdsec.eu/introducing-bl…
Cobalt Strike 4.9 Download: ponies.cloud/c2/CobaltStrik… Password: 20231004_2218 Full Black client: ponies.cloud/c2/CobaltStrik… Password: 20231005_2033
WAF Bypass while performing SQLI Attacks Credits:@infoscresearchr #bugbountytips #bugbounty
Top Secret Detection Tools Powerful tools designed to detect secret leaks • github.com/trufflesecurit… • github.com/newrelic/rusty… • github.com/Yelp/detect-se… • github.com/gitleaks/gitle… • github.com/awslabs/git-se… • github.com/tillson/git-ho… • github.com/secretlint/sec… #cybersecurity
Airstrike - a Stage0 C2 that is highly customizable and can be used to create a template for your own C2 or to use it as a base for your own C2 agents github.com/smokeme/airstr…
Lol, blocking the loading of EDR drivers with WDAC actually works.
You don’t need physical access, local admin can turn off EDR easily, just make a WDAC policy to block the drivers/user land binaries.
🌟𝗕𝗲𝗰𝗼𝗺𝗲 𝗮 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗲𝗱 𝗖𝗹𝗼𝘂𝗱 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗲𝗫𝗽𝗲𝗿𝘁-𝗔𝗪𝗦! *** 𝘓𝘪𝘬𝘦, 𝘢𝘯𝘥 𝘙𝘦𝘴𝘩𝘢𝘳𝘦. 1 𝘓𝘶𝘤𝘬𝘺 𝘸𝘪𝘯𝘯𝘦𝘳 𝘸𝘪𝘭𝘭 𝘨𝘦𝘵 𝘍𝘙𝘌𝘌 𝘊𝘊𝘗𝘦𝘯𝘟 𝘦𝘹𝘢𝘮 *** Take your skills to the next level with The SecOps Group's…
Blue Team Roadmap🔵🎯 ├── Foundations │ ├── Basic Networking │ │ ├── TCP/IP │ │ ├── DNS │ │ ├── DHCP │ │ ├── Subnetting │ │ └── Network Topologies │ ├── Operating Systems │ │ ├── Windows │ │ │ ├──…
𝗙𝗿𝗲𝗲 𝗡𝗲𝘁𝘄𝗼𝗿𝗸𝗶𝗻𝗴 𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴:🛜 1. Basic Routers and Switches Configuration lnkd.in/dZfhM3yT 2. Packet Flow lnkd.in/dSPFdGYz 3. Real Devices Configuration lnkd.in/dfVxg7bT 4. EIGRP A-to-Z lnkd.in/dNM2p2rj 5. VPN…
** 𝗟𝗶𝗸𝗲, 𝗖𝗼𝗺𝗺𝗲𝗻𝘁, 𝗥𝗲𝗽𝗼𝘀𝘁, 𝗮𝗻𝗱 𝟯 𝗹𝘂𝗰𝗸𝘆 𝘄𝗶𝗻𝗻𝗲𝗿𝘀 𝘄𝗶𝗹𝗹 𝗴𝗲𝘁 𝗮 𝟭𝟬𝟬% 𝗱𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗼𝗻 𝗼𝘂𝗿 𝗖𝗡𝗣𝗲𝗻 𝗲𝘅𝗮𝗺!** 🧍♂️Bob recently pwned a box on the internet (password spraying) and now wants to pwn a web app running on port 8080 on the…
United States الاتجاهات
- 1. Good Friday 53.5K posts
- 2. #FanCashDropPromotion N/A
- 3. LINGORM DIOR AT MACAU 457K posts
- 4. #FridayVibes 4,045 posts
- 5. #TheWorldWithVenezuela 3,074 posts
- 6. #ElMundoConVenezuela 3,089 posts
- 7. RED Friday 2,808 posts
- 8. Happy Friyay 1,095 posts
- 9. #FridayFeeling 2,172 posts
- 10. Josh Allen 45.3K posts
- 11. Haier EST SUPHA 146K posts
- 12. Ja Rule N/A
- 13. Dubai Air Show 41.2K posts
- 14. Sedition 346K posts
- 15. Parisian 1,939 posts
- 16. Niger 64.4K posts
- 17. Commander in Chief 89.4K posts
- 18. Patriot Act 3,215 posts
- 19. Traitor 126K posts
- 20. irobot N/A
Something went wrong.
Something went wrong.