내가 좋아할 만한 콘텐츠
HTTP/2: The Sequel is Always Worse by @albinowax portswigger.net/research/http2
I earned $1800 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd API takeover (customer data exposed). Several small bugs resulted in one big final payment :)
I earned $600 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd Administrator privileges to their API :)
I earned $450 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd IDOR exposed customer data. Changed the HTTP method from PUT to GET, shortened down the URL, and finally changed the user ID :)
I earned $300 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd IDOR in a private program ;) Got another $150 for no rate limiting as well 🥳
Shoutout to @evildaemond, Ulas, and Viper at @Bugcrowd. Triaging at the speed of light 💯
Just bought myself a couple of new IoT cameras. Not sure if I should laugh or cry :)
BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech unit42.paloaltonetworks.com/bendybear-shel…
Accessed the computer system of a facility that treats water for about 15,000 people and sought to add a dangerous level of additive to the water supply reuters.com/article/us-usa…
9 exploits published today with my name on them. Super happy about that, but also worrying that some WP plugin developers really don’t care about security. They ignored my requests until I contacted the WP plugin security team directly.
[webapps] WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion dlvr.it/RsFRB4
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) blog.qualys.com/vulnerabilitie… via @qualys
New campaign targeting security researchers @google blog.google/threat-analysi…
Don't forget to add "Password2021" to your wordlists.
I have report from Microsoft about SolarWinds hack, including IoCs. Excerpts in this thread: "Microsoft security researchers recently discovered a sophisticated attack where an adversary inserted malicious code into a supply chain development process.... 1/
Stumbled across this awesome tool yesterday. Perfect for OSINT, bug bounty hunting, and so on. Search across a half million git repos 💯 grep.app
"Sent torsdag kveld fikk VG inn en rekke tips fra lesere som hadde blitt logget inn på andres profiler når de forsøkte å logge seg inn via ID-porten, en felles innloggingsløsning til offentlige tjenester." direkte.vg.no/nyhetsdognet/n…
United States 트렌드
- 1. Bears 90.1K posts
- 2. #Worlds2025 20K posts
- 3. Happy Birthday Charlie 12.1K posts
- 4. Jake Moody 14K posts
- 5. Snell 25K posts
- 6. Bills 144K posts
- 7. Falcons 52K posts
- 8. Josh Allen 27.1K posts
- 9. Caleb 49.7K posts
- 10. Joji 32.3K posts
- 11. Jayden 23.1K posts
- 12. Swift 290K posts
- 13. #BearDown 2,410 posts
- 14. Ben Johnson 4,480 posts
- 15. #Dodgers 15.5K posts
- 16. Treinen 4,735 posts
- 17. Troy Aikman 6,689 posts
- 18. Turang 4,407 posts
- 19. Roki 6,136 posts
- 20. Bijan 33.5K posts
내가 좋아할 만한 콘텐츠
-
Soumyani1
@reveng007 -
Sm4rty.xyz 𝕏
@Sm4rty_ -
error4o4
@error404sec -
SecHawk
@sec_hawk -
Abhishek Karle
@AbhishekKarle3 -
Fatin Sirat
@fatinsourav1 -
T0t0r0
@T0t0r04 -
Tanmay
@blackk_hawkkk -
SplinterSec
@splint3rsec -
AbdeRaouf 🇵🇸
@abderaoufzx -
Ashiqur Emon
@Ashiqur_Emon78 -
Steffen
@devourer_stf -
0xPratyaksh
@mr_fr3qu3n533 -
pedro bart
@pedrobart01 -
🍀 Fritz Meyer 🐜🎗️🐜🏴💀
@Boomer_1960
Something went wrong.
Something went wrong.