Twitter | Pretraživanje | |
Juliano Rizzo
Security, Cryptography, Cryptocurrency,
12.290
Tweetovi
1.440
Pratim
8.329
Osobe koje vas prate
Tweetovi
Juliano Rizzo proslijedio/la je tweet
dawgyg 4. velj
When testing for SSRF using a black list, take internal IP addresses and when encoding them, dont encode entire IP. Encode 1 octet of the IP address, or 2 or 3. For Instance: AWS Metadata - 0251.254.169.254 (this got the $160,000 payout in Oct 2018)
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 7 h
Odgovor korisniku/ci @HacKanCuBa @kiwonka i 2 ostali
yes I remember that, :-/ while users trust they check what they include from Chrome
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 7 h
Odgovor korisniku/ci @mr_ligi @econoar
yes, but the touchpad...
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 8 h
Odgovor korisniku/ci @kiwonka @dakami @halvarflake
lol :) I mean why people need to use Chrome if you have Chromium. I use Chrome when ..I don't remember exactly probably some extension?
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 8 h
The web we deserve 👇, this weather app gives you the info and leaves you alone.
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo proslijedio/la je tweet
let me know how i can be helpful 12 h
After being on VC Twitter for a while, you are able to categorize most tweets into a set of categories. Looking at the last 24 hours of my feed, here’s a thread of the types of tweets I saw.
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 9 h
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 11 h
Odgovor korisniku/ci @nervoir
fulfill it for free?
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 16 h
Odgovor korisniku/ci @saleemrash1d
I don't know, and I'm not sure if huge amounts of money are sent to addresses resolved from names.
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 16 h
CVE-2020-5232 means you could "mine" a ENS name instead of buying it from the owner. A bit costly. What is the price of the most expensive ENS name?
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 16 h
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 18 h
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 19 h
Top 5 Favorite Bugs Reported to DropBox Bug Bounty 👍
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 19 h
People cannot change their chat apps without first changing their way of thinking. All the info collected about you will be used against you, at least against your pocket. It's easy to get rid of things when there is an obvious reason for doing so.
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 19 h
Odgovor korisniku/ci @dakami @halvarflake
Why not Chromium ?
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 4. velj
Odgovor korisniku/ci @KellicTiger @HacKanCuBa @Dinosn
if you use TV..you want to be owned
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 4. velj
Odgovor korisniku/ci @smpalladino @PaulRBerg
We need ctrl-z because programmers are lame so ..no
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 3. velj
Odgovor korisniku/ci @albinowax @Burp_Suite
I never save passwords and that was my main motivation to report: that page says "save this password in your PM" what? PM I don't use that 💩if you send a link with a token to login instead of generating a password for users it will be more secure and practical for ppl like me
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 3. velj
Odgovor korisniku/ci @albinowax @Burp_Suite
XSS=third party script :) my question was: third party called "crazy egg"can get a my plaintext password ? a nonce is used to bypass/whitelist a CSP rule if you have the rule is because you care. But that 3rd party in the password retrieval page looks like a mistake to me
Reply Retweet Označi sa "sviđa mi se"
Juliano Rizzo 3. velj
Odgovor korisniku/ci @albinowax @Burp_Suite
Why rogue third party is less than Medium? if you have the script-src CSP directive is because you don't want third party scripts.
Reply Retweet Označi sa "sviđa mi se"