#websec 搜尋結果
Discovered a very interesting path based SQLi yesterday. Injected: /‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/ → No delay /page/‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/test.test triggered delay. Same payload, different results. Here's why👇 1/4 #BugBounty #SQLi #WebSec
Venha se aventurar em mais uma edição do CTF da websecbrasil!!! @YuriRDev Discord.gg/websec #CyberSecurity #cibersegurança #websec #dev #ctf #capturetheflag
Just weeks away from #BSidesVI2025! We’re hyped to welcome back WebSec as our Platinum Sponsor! Meet their team at the booth, learn about their cutting-edge security audits, and see why they’re a global leader in cybersecurity. Don’t miss out! #WebSec #BSidesVI #Cybersecurity
Turn a file write vulnerability in a Node.js application into remote code execution sonarsource.com/blog/why-code-… Credits Stefan Schiller #infosec #websec
Always fun to get a DDoS attack on a Friday afternoon. 😑 Kudos to @kinsta and their APM + IP tools. It was relatively easy to track down and mitigate the attack. #websec
#SSRF Payloads for LFR/LFD file:/etc/passwd%3F/ file:/etc%252Fpasswd/ file:/etc%252Fpasswd%3F/ file:///etc/%3F/../passwd file:${br}/et${u}c%252Fpas${te}swd%3F/ file:$(br)/et$(u)c%252Fpas$(te)swd%3F/ SSRF POLYGLOT file:///etc/passwd?/../passwd #WebSec rodoassis.medium.com/on-ssrf-server…
Logical Bugs are often invisible to scanners They live in the assumptions devs make Want to find them? Think like the app shouldn’t work Here are 6 strategies to uncover logic bugs (with examples): #bugbounty #websec #cybersecurity
Good times and consecutive bounties achieved with @intigriti define professionalism #bugbountytip #CyberSec #websec
We are thrilled to announce that @_websec is once again joining forces with BSides Vancouver Island as a Silver Tier Sponsor! 🎉 A huge thank you to Websec for their continued support and for fostering a space where professionals can connect, learn, and grow. #Websec #BSidesVI
Last night I had the pleasure of speaking at the first-ever #owasp Victoria meetup! This is me, with chapter leaders Christophe David and Roberto Salago!! @wehackpurple and #WebSec proudly sponsored. @OWASPVictoria @LightOS
Outdated knowledge is the biggest vulnerability. 🔒 To truly secure the digital world, you need more than the basics. Our Web Security Course equips you with the latest tools to safeguard apps and websites. Upgrade your expertise. The future of security starts here #websec
Catch our next session with @_smile_hacker_ on "Request Smuggling and Its Exploitation"! Dive into how this web vulnerability works and how to defend against it. RSVP: null.community/events/1025-ah… #CyberSecurity #WebSec @null0x00 #nullahm
We Social Engineer the crews… who think they can’t lose, Who put their faith in Zero Trust But they forget We got tools. #BugBounty #cybersecurity #websec #owasp #bruteforce greyhatdev.com/brute-forcing-…
Wow, @Cloudflare blocked a record-breaking 71 million RPS DDoS attack over the weekend (largest to date and 35% higher than previous record). 🛡️ That's a lot of requests. 😮 bit.ly/3lClrKT #websec #Cloudflare
If you're not analyzing the response headers, you're missing half the story. HTTP talks. Learn to listen. #WebSec #Pentesting #syria #CyberSecurity
Day 12 of 100 Diving into authentication bypass today. It’s a bit confusing right now, but I know I’ll figure it out. Just part of the journey! #CyberSecurity #websec @ireteeh @Acss_futa @thariskyjohn
🔍 Browser dev tools: Inspector tab exposes hidden HTML elements—find vuln inputs! #WebSec #Hacking101
Understanding JWT Authentication Bypass via Unverified Signature 🧵 1/ 🚨 Ever heard of JWTs? JSON Web Tokens are great for auth, but if servers don't verify signatures, attackers can tamper with them! Let's break down a vuln from @PortSwigger's lab. #WebSec #JWT
Payment iframes aren't foolproof. Stealth overlays can skim cards. Read More: thehackernews.com/2025/09/iframe… #iframe #websec #payments #infosec
#Day7 Web PenTest Learning: Going into the #Owasp10 (2021): What are the Owasp top 10 Web App Security Risks : 1. Broken Access Control 2. Cryptographic Failures 3. Injection @its_hakai_ #WebSec #Cybersecurity
#Day6 Web PenTest Learning (Out of usual scene): What am I tackling: EDR (Endpoint Detection and Response): What is EDR and what are its features Why an EDR is needed even if there is an Antivirus How does an EDR work--> Agents, Console, Detection #SOC #Cybersecurity @its_hakai_
Just weeks away from #BSidesVI2025! We’re hyped to welcome back WebSec as our Platinum Sponsor! Meet their team at the booth, learn about their cutting-edge security audits, and see why they’re a global leader in cybersecurity. Don’t miss out! #WebSec #BSidesVI #Cybersecurity
Isha Training Solutions presents “Security Testing Masterclass”– Live Training Free Demo On: 22nd Sep @ 8 PM(IST) 22nd Sep@ 10:30 AM(EST) You can register by joining the below Link docs.google.com/forms/d/e/1FAI… call/WhatsApp: 9133190573 #SecurityTesting #ApplicationSecurity #WebSec
Fortinet IT security solutions face imminent attacks due to circulating exploit code for FortiSIEM and FortiWeb vulnerabilities. Traditional #WAFs can be bypassed, but WEBOUNCER by Kralos.eu offers unbypassable defense! #unhackable #websec heise.de/en/news/Patch-…
Domain Check Bypass :) If an app “validates” your URL by just checking if it starts with trusted.com That check can be bypassed in some cases with other URL schemes like javascript://, resulting in Stored XSS #AppSec #BugBounty #WebSec
The CleverReach® WP plugin for WordPress is vulnerable to time-based SQL Injection via the ‘title’ parameter nvd.nist.gov/vuln/detail/CV… #PenTesting #webSec #CyberSecurity
Fuzzing websites with FFUF is my cardio, so why do they keep saying ‘touch grass’? 😤 #CyberSec #WebSec #PenTesting
🔒 Si tu sitio web carga bonito pero no está protegido, no es diseño… es una trampa. La seguridad web no es un parche. Es parte del core. #Ciberseguridad #WebSec #DevSecOps #HablemosDeSeguridad
🔒 Tired of SSL certs expiring silently and breaking things? I’m building sslguardian.io — a simple, modern way to monitor and track certs across stacks. Would love your thoughts (or a vote!) on HN 👉 news.ycombinator.com/item?id=446848… #devops #websec #startups
Found file upload accepting only jpg/png/bmp. Bypassed it using magic bytes to upload PHP. But CloudFront renames it to .png on upload. Can't trigger RCE. Anyone seen a similar case or have a bypass idea? the server is next.js (15.0.1) #bugbountytips #infosec #websec #bugbounty
If you're not analyzing the response headers, you're missing half the story. HTTP talks. Learn to listen. #WebSec #Pentesting #syria #CyberSecurity
🚨 Critical Next.js vuln (CVE-2025-29927) Impacts v15.x — lets attackers bypass route protection by abusing x-middleware-subrequest. Even if you use middleware for auth, it can be silently skipped. Your protected routes aren't safe. 🧵 Full details 👇 #Nextjs #CVE #WebSec
Many confuse the dark web with the deep web—they're not the same. The deep web includes private but legal content (like emails, banking). The dark web is a small part of it, accessed via Tor, and often misused. Read: geeksforgeeks.org/computer-netwo… #CyberSecurity #WebSec #InfoSec
Discovered a very interesting path based SQLi yesterday. Injected: /‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/ → No delay /page/‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/test.test triggered delay. Same payload, different results. Here's why👇 1/4 #BugBounty #SQLi #WebSec
Venha se aventurar em mais uma edição do CTF da websecbrasil!!! @YuriRDev Discord.gg/websec #CyberSecurity #cibersegurança #websec #dev #ctf #capturetheflag
Turn a file write vulnerability in a Node.js application into remote code execution sonarsource.com/blog/why-code-… Credits Stefan Schiller #infosec #websec
Catch our next session with @_smile_hacker_ on "Request Smuggling and Its Exploitation"! Dive into how this web vulnerability works and how to defend against it. RSVP: null.community/events/1025-ah… #CyberSecurity #WebSec @null0x00 #nullahm
I am excited to share that I got the Bug Killer Badge on @hackthebox_eu for finding a bug in production. This is amazing 😻. some goals coming along fine this year. #hackthebox #bugbounty #websec #tech #infosec
Blind SQL Injection : A Practical Exploration CheatSheet #cybersec #infosec #websec #appsec #blindsql #cheatsheet #bugbounty
Good times and consecutive bounties achieved with @intigriti define professionalism #bugbountytip #CyberSec #websec
I nearly missed a reflected XSS in United Nations Thanks for always posting tips and guiding new comers. @ADITYASHENDE17 @theXSSrat @ofjaaah writeup here: cysek.org/post/___b6 Hope you'll find it informative #websec #bugbounty #Pentesting #bugbountytips #bugbountywriteup
Una recopilación de retos CTF para practicar nuestras habilidades explotando la vulnerabilidad #xss Link[ r3dbird.blogspot.com/2020/01/ctf-de…] #ctf #websec #bugbountytips
![redbirdOficial's tweet image. Una recopilación de retos CTF para practicar nuestras habilidades explotando la vulnerabilidad #xss
Link[ r3dbird.blogspot.com/2020/01/ctf-de…]
#ctf #websec #bugbountytips](https://pbs.twimg.com/media/ENyfZ2jWwAM5baY.jpg)
Logical Bugs are often invisible to scanners They live in the assumptions devs make Want to find them? Think like the app shouldn’t work Here are 6 strategies to uncover logic bugs (with examples): #bugbounty #websec #cybersecurity
We are thrilled to announce that @_websec is once again joining forces with BSides Vancouver Island as a Silver Tier Sponsor! 🎉 A huge thank you to Websec for their continued support and for fostering a space where professionals can connect, learn, and grow. #Websec #BSidesVI
Always fun to get a DDoS attack on a Friday afternoon. 😑 Kudos to @kinsta and their APM + IP tools. It was relatively easy to track down and mitigate the attack. #websec
#OSINT #infosec #websec #infosec whoxy.com domain search engine/ Whois research whoxy.com/whois-database/ database
What if you could log in as anyone, make yourself an admin, and change grades? Login bypass, tweaking session, decrypting user IDs, and rewriting student grades in the DB. youtube.com/@ctf-sec Drops at 12 AM! Stay tuned. #ctfsec #websec #cybersecurity #session #sqli
Something went wrong.
Something went wrong.
United States Trends
- 1. Baker 24.5K posts
- 2. Cowboys 71.3K posts
- 3. Fred Warner 9,797 posts
- 4. Panthers 72.2K posts
- 5. Packers 25.9K posts
- 6. Zac Taylor 2,697 posts
- 7. Tez Johnson 1,567 posts
- 8. Browns 63.5K posts
- 9. #FTTB 3,745 posts
- 10. Ravens 63.7K posts
- 11. Titans 21.7K posts
- 12. Dolphins 46.1K posts
- 13. #49ers 5,792 posts
- 14. Cam Ward 2,039 posts
- 15. #KeepPounding 8,070 posts
- 16. Eberflus 9,840 posts
- 17. Penn State 63.1K posts
- 18. #Bengals 2,575 posts
- 19. #GoPackGo 3,030 posts
- 20. Colts 55.6K posts