你可能會喜歡
I earned $1800 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd API takeover (customer data exposed). Several small bugs resulted in one big final payment :)
I earned $600 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd Administrator privileges to their API :)
I earned $450 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd IDOR exposed customer data. Changed the HTTP method from PUT to GET, shortened down the URL, and finally changed the user ID :)
I earned $300 for my submission on @bugcrowd bugcrowd.com/toxicat0r #ItTakesACrowd IDOR in a private program ;) Got another $150 for no rate limiting as well 🥳
Shoutout to @evildaemond, Ulas, and Viper at @Bugcrowd. Triaging at the speed of light 💯
Just bought myself a couple of new IoT cameras. Not sure if I should laugh or cry :)
BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech unit42.paloaltonetworks.com/bendybear-shel…
Accessed the computer system of a facility that treats water for about 15,000 people and sought to add a dangerous level of additive to the water supply reuters.com/article/us-usa…
9 exploits published today with my name on them. Super happy about that, but also worrying that some WP plugin developers really don’t care about security. They ignored my requests until I contacted the WP plugin security team directly.
[webapps] WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion dlvr.it/RsFRB4
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) blog.qualys.com/vulnerabilitie… via @qualys
Don't forget to add "Password2021" to your wordlists.
I have report from Microsoft about SolarWinds hack, including IoCs. Excerpts in this thread: "Microsoft security researchers recently discovered a sophisticated attack where an adversary inserted malicious code into a supply chain development process.... 1/
Stumbled across this awesome tool yesterday. Perfect for OSINT, bug bounty hunting, and so on. Search across a half million git repos 💯 grep.app
"Sent torsdag kveld fikk VG inn en rekke tips fra lesere som hadde blitt logget inn på andres profiler når de forsøkte å logge seg inn via ID-porten, en felles innloggingsløsning til offentlige tjenester." direkte.vg.no/nyhetsdognet/n…
United States 趨勢
- 1. Good Friday 47.9K posts
- 2. #FridayVibes 4,607 posts
- 3. #FanCashDropPromotion N/A
- 4. #เพียงเธอตอนจบ 2,614 posts
- 5. LINGORM ONLY YOU FINAL EP 4,078 posts
- 6. Dorado 4,109 posts
- 7. Cuomo 105K posts
- 8. Happy Friyay N/A
- 9. Mamdani 248K posts
- 10. #FridayMotivation 3,222 posts
- 11. Justice 327K posts
- 12. Red Friday 2,316 posts
- 13. Flacco 99.3K posts
- 14. Finally Friday 2,259 posts
- 15. Tawan 36.7K posts
- 16. Shabbat Shalom 1,864 posts
- 17. Melly 3,945 posts
- 18. #FridayFeeling 2,033 posts
- 19. Pence 94.3K posts
- 20. Ayla 6,243 posts
你可能會喜歡
-
Soumyani1
@reveng007 -
Sm4rty.xyz 𝕏
@Sm4rty_ -
error4o4
@error404sec -
SecHawk
@sec_hawk -
Abhishek Karle
@AbhishekKarle3 -
Fatin Sirat
@fatinsourav1 -
T0t0r0
@T0t0r04 -
Tanmay
@blackk_hawkkk -
SplinterSec
@splint3rsec -
AbdeRaouf 🇵🇸
@abderaoufzx -
Ashiqur Emon
@Ashiqur_Emon78 -
Steffen
@devourer_stf -
0xPratyaksh
@mr_fr3qu3n533 -
Abhigyan
@MrAbhigyan -
pedro bart
@pedrobart01
Something went wrong.
Something went wrong.