#websec search results
URL Normalization ✅ on PortSwigger. Learned how encoding, redirects & path tricks can bypass checks. Always canonicalize. #bugbounty #websec @anand114bug @rikki59845 @CyberMindSpace
Discovered a very interesting path based SQLi yesterday. Injected: /‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/ → No delay /page/‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/test.test triggered delay. Same payload, different results. Here's why👇 1/4 #BugBounty #SQLi #WebSec
Web Check - All-in-one website OSINT tool for analysing any website Uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. web-check.as93.net #cybersecurity #infosec #OSINT
Ché pasate por una birra bien fría a #LABARRADELAEKO, antes de que se acaben! 🍻 #EKO2025 #Websec #HappyHacking
Turn a file write vulnerability in a Node.js application into remote code execution sonarsource.com/blog/why-code-… Credits Stefan Schiller #infosec #websec
Just weeks away from #BSidesVI2025! We’re hyped to welcome back WebSec as our Platinum Sponsor! Meet their team at the booth, learn about their cutting-edge security audits, and see why they’re a global leader in cybersecurity. Don’t miss out! #WebSec #BSidesVI #Cybersecurity
YOU ARE TAKING A HUGE RISK IF YOU HAVE NOT SECURED YOUR CRYPTOS WITH [ W... youtube.com/shorts/0py6Rly… via @YouTube
youtube.com
YouTube
YOU ARE TAKING A HUGE RISK IF YOU HAVE NOT SECURED YOUR CRYPTOS WITH...
I stumbled on this XSS automation by @NullSecurityX and I almost shed a tear man cos what is all that manual testing of XSS that I have been doing. waybackurls ".com" | grep '=' | urldedupe -qs | qsreplace "</script><script>confirm(1)</script>" | airixss -payload "confirm(1)"
Uncle @theXSSrat on top. This will help many hackers to grow and learn about the cybersecurity. #BugBounty #websec #Pentesting #xssrat #xss
The field of Cybersecurity is growing - and no wonder with the ever-present threat of attacks these days. So if you want to show potential employers you know your stuff, there are some certifications you should consider. Here, Manish shares his top cert picks and why they're…
We Social Engineer the crews… who think they can’t lose, Who put their faith in Zero Trust But they forget We got tools. #BugBounty #cybersecurity #websec #owasp #bruteforce greyhatdev.com/brute-forcing-…
¡Descubre 5 webs secretas que te hacen la vida más fácil! Desde diseñar sin límites, calcular lo que quieras, automatizar Excel, ganar dinero por opinar, hasta borrar marcas de agua con IA.
Odyssey to showcase enterprise-grade Web3 deployment at Web Summit 2025. #Odyssey #Web3Enterprise #CrossBorderWeb3 #WebSummit2025
GOOD MORNING Most projects see account abstraction as “make wallets easier.” @wardenprotocol is aiming much higher. The wallet becomes a cross-chain financial control layer: rules, permissions, limits, execution flow — all managed from one place. → From multi-chain chaos to…
Good times and consecutive bounties achieved with @intigriti define professionalism #bugbountytip #CyberSec #websec
We’ve had the privilege to work with some of the most incredible teams building the future of Web3 as one of the OG security auditing firms. Today we offer end-to-end Web3 Security and have unveiled a new look to highlight our expanded services. I want to take this...
URL Normalization ✅ on PortSwigger. Learned how encoding, redirects & path tricks can bypass checks. Always canonicalize. #bugbounty #websec @anand114bug @rikki59845 @CyberMindSpace
Ep 1 of my PortSwigger sprint: Found a quick win with classic SQLi! Bypassed a product filter to retrieve hidden data. Lesson: Never concatenate user input directly into SQL queries! #WebSec #SQLinjection #AppSec
Outdated WordPress plugins = open house for hackers 🏚️🔓 Mass attacks auto-scan and exploit old plugins for site takeovers and malware. Patch, remove unused plugins, add WAF and backups. Read: bleepingcomputer.com/news/security/… Thoughts? #WordPress #WebSec #InfoSec
Ché pasate por una birra bien fría a #LABARRADELAEKO, antes de que se acaben! 🍻 #EKO2025 #Websec #HappyHacking
Finished File Inclusion on @tryhackme — LFI/RFI + path traversal = chaos. Hell of a room. tryhackme.com/room/fileinc?u… #WebSec #bugbounty #tryhackme
Learned IDORs on @TryHackMe — changing/guessing IDs can expose accounts, files & invoices. Check encoded, hashed & unpredictable IDs; always enforce server-side auth. 🔓🧠🔎 tryhackme.com/room/idor?utm_… #InfoSec #WebSec #CyberSecurity #tryhackme
No se olviden de pasar por un trago entre pláticas 🍺🍸 #HappyHacking #EKO2025 #Websec #Pwnlab
Gobuster teach you to read a site like a human: look for patterns, guess likely paths, then verify. The tool is just the hammer, your strategy is the difference between “found” and “noticed.” #TryHackMe #WebSec #RedTeam
Learning SQL changed how I read apps, not just what they show, but why they show it. If you want to hunt real bugs, start by asking: what SQL is this app running behind the scenes? 🚀 #TryHackMe #WebSec #RedTeam
If you want to level up for web pentesting: learn how JS moves data (events → DOM → network). That mental map turns ordinary pages into attack surfaces you can evaluate ethically, in labs, and with permission. #tryhackme #RedTeam #WebSec
Day 12 of 100 Diving into authentication bypass today. It’s a bit confusing right now, but I know I’ll figure it out. Just part of the journey! #CyberSecurity #websec @ireteeh @Acss_futa @thariskyjohn
🔍 Browser dev tools: Inspector tab exposes hidden HTML elements—find vuln inputs! #WebSec #Hacking101
Understanding JWT Authentication Bypass via Unverified Signature 🧵 1/ 🚨 Ever heard of JWTs? JSON Web Tokens are great for auth, but if servers don't verify signatures, attackers can tamper with them! Let's break down a vuln from @PortSwigger's lab. #WebSec #JWT
Payment iframes aren't foolproof. Stealth overlays can skim cards. Read More: thehackernews.com/2025/09/iframe… #iframe #websec #payments #infosec
#Day7 Web PenTest Learning: Going into the #Owasp10 (2021): What are the Owasp top 10 Web App Security Risks : 1. Broken Access Control 2. Cryptographic Failures 3. Injection @its_hakai_ #WebSec #Cybersecurity
#Day6 Web PenTest Learning (Out of usual scene): What am I tackling: EDR (Endpoint Detection and Response): What is EDR and what are its features Why an EDR is needed even if there is an Antivirus How does an EDR work--> Agents, Console, Detection #SOC #Cybersecurity @its_hakai_
Just weeks away from #BSidesVI2025! We’re hyped to welcome back WebSec as our Platinum Sponsor! Meet their team at the booth, learn about their cutting-edge security audits, and see why they’re a global leader in cybersecurity. Don’t miss out! #WebSec #BSidesVI #Cybersecurity
Isha Training Solutions presents “Security Testing Masterclass”– Live Training Free Demo On: 22nd Sep @ 8 PM(IST) 22nd Sep@ 10:30 AM(EST) You can register by joining the below Link docs.google.com/forms/d/e/1FAI… call/WhatsApp: 9133190573 #SecurityTesting #ApplicationSecurity #WebSec
Discovered a very interesting path based SQLi yesterday. Injected: /‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/ → No delay /page/‘XOR(if(now()=sysdate(),sleep(8),0))XOR’111/test.test triggered delay. Same payload, different results. Here's why👇 1/4 #BugBounty #SQLi #WebSec
Turn a file write vulnerability in a Node.js application into remote code execution sonarsource.com/blog/why-code-… Credits Stefan Schiller #infosec #websec
I am excited to share that I got the Bug Killer Badge on @hackthebox_eu for finding a bug in production. This is amazing 😻. some goals coming along fine this year. #hackthebox #bugbounty #websec #tech #infosec
Blind SQL Injection : A Practical Exploration CheatSheet #cybersec #infosec #websec #appsec #blindsql #cheatsheet #bugbounty
Good times and consecutive bounties achieved with @intigriti define professionalism #bugbountytip #CyberSec #websec
We Social Engineer the crews… who think they can’t lose, Who put their faith in Zero Trust But they forget We got tools. #BugBounty #cybersecurity #websec #owasp #bruteforce greyhatdev.com/brute-forcing-…
#OSINT #infosec #websec #infosec whoxy.com domain search engine/ Whois research whoxy.com/whois-database/ database
I nearly missed a reflected XSS in United Nations Thanks for always posting tips and guiding new comers. @ADITYASHENDE17 @theXSSrat @ofjaaah writeup here: cysek.org/post/___b6 Hope you'll find it informative #websec #bugbounty #Pentesting #bugbountytips #bugbountywriteup
I published an article on blind regular expression injection attack, which has not been considered well. Enjoy! #websec | "A Rough Idea of Blind Regular Expression Injection Attack" - diary.shift-js.info/blind-regular-…
Catch our next session with @_smile_hacker_ on "Request Smuggling and Its Exploitation"! Dive into how this web vulnerability works and how to defend against it. RSVP: null.community/events/1025-ah… #CyberSecurity #WebSec @null0x00 #nullahm
Come on @espn do you really not see the problem here. You are likely using mixed http/https on your login dialog... #infosec #websec
"GrapQL ve Güvenlik Zafiyetleri" yazısıyla Huriye Özdemir @ozdmrhh Arka Kapı Dergi 9. Sayısında! #ArkaKapı #GrapQL #websec
"Web'i devlerden geri almak!" yazısıyla Ziyahan Albeniz @ziyaxanalbeniz Arka Kapı Dergi 10. Sayısında! #ArkaKapı #Websec #CyberSecurity
Logical Bugs are often invisible to scanners They live in the assumptions devs make Want to find them? Think like the app shouldn’t work Here are 6 strategies to uncover logic bugs (with examples): #bugbounty #websec #cybersecurity
Something went wrong.
Something went wrong.
United States Trends
- 1. Sesko 43.4K posts
- 2. Ugarte 15.2K posts
- 3. Richarlison 20.4K posts
- 4. #SaturdayVibes 4,547 posts
- 5. Gameday 30.5K posts
- 6. Amorim 62.9K posts
- 7. De Ligt 24.5K posts
- 8. Good Saturday 32K posts
- 9. #Caturday 4,683 posts
- 10. Cunha 24.7K posts
- 11. Casemiro 22.7K posts
- 12. Tottenham 78.9K posts
- 13. #TOTMUN 17.2K posts
- 14. Vicario 1,938 posts
- 15. Lando 40.9K posts
- 16. Manchester United 84.1K posts
- 17. Dalot 12.4K posts
- 18. Calen Bullock N/A
- 19. #COYS 2,610 posts
- 20. Bortoleto 19.3K posts