Twitter | Search | |
p3n73st3r
256
Tweets
581
Following
291
Followers
Tweets
p3n73st3r retweeted
pyn3rd Jun 22
-2019-2729 Weblogic RCE, it’s the bypass of CVE-2019-2725.But the PoC only works in JDK1.6. BTW maybe it’s the last time to disclose PoC, because it’s illegal in my country from now on.
Reply Retweet Like
p3n73st3r retweeted
Frans Jun 10
BurpJSLinkfinder - My passive scanner to detect links in JS files.
Reply Retweet Like
p3n73st3r retweeted
wezmaster May 29
Complete Course: Zero to Hero Network Pentesting
Reply Retweet Like
p3n73st3r retweeted
Jarmo Puttonen May 24
Wrote a blog post about how to host private Burp collaborator instance. It also has some scripts to make it a bit easier and faster.
Reply Retweet Like
p3n73st3r retweeted
Orange Tsai  🍊 May 10
"There is no pre-auth RCE in Jenkins since May 2017, but this is the one!" Relase a more reliable and elegant exploit - "awesome-jenkins-rce-2019" from my talk. Thanks and join this party!
Reply Retweet Like
p3n73st3r retweeted
SEP May 4
XSS In Ascii Enconding ¼script¾alert(¢XSS¢)¼/script¾ This Payload is more useful for waf evasion than server side filter evasion.
Reply Retweet Like
p3n73st3r retweeted
FireBounty & BugBountyTips Apr 25
Uncovering CVE-2019-0232: A Remote Code Execution Vulnerability in Apache Tomcat - by
Reply Retweet Like
p3n73st3r Apr 25
Replying to @AliRazzaq_
bc 😂 election lade ga kea 😘 keep on :)
Reply Retweet Like
p3n73st3r retweeted
James Kettle Apr 24
I'm thrilled to announce I'll be presenting 'HTTP Desync Attacks: Smashing into the Cell Next Door' at ! Check out the abstract here:
Reply Retweet Like
p3n73st3r Apr 23
Replying to @zseano @payloadartist
😂 he was 0x0123 So Called PornHub Hacker, he already alerted scammer in Dark Web 😂 he is scamming through changing names all the time on Twitter
Reply Retweet Like
p3n73st3r Apr 23
Replying to @KnotDNS
thnx for mentioning here But did not receive any mail response either from or Your Side but appreciation is enough :) ;) really thanks
Reply Retweet Like
p3n73st3r retweeted
김진욱 Apr 22
[PoC] WordPress Contact Form Builder 1.0.67 Plugin - CSRF / Local File Inclusion Exploit [PoC] Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size DoS
Reply Retweet Like
p3n73st3r retweeted
Ptrace Security GmbH Apr 20
Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
Reply Retweet Like
p3n73st3r Apr 19
Reply Retweet Like
p3n73st3r retweeted
James Kettle Apr 18
The team at are developing automatic detection of image processing memory disclosure, for 's Upload Scanner extension! Looks awesome.
Reply Retweet Like
p3n73st3r Apr 17
Replying to @nemessisc
can't even press the "Like" coz a like on such news can multiply your flue 😂 Get Well Soon 😍
Reply Retweet Like
p3n73st3r Apr 15
Replying to @KHIZER_JAVED47 @phwd
true manasab is just a fake valued person just doing for money nothing else neither even heard he is specifically better in a particular field of pentesting, just a show off guy 😂
Reply Retweet Like
p3n73st3r Apr 13
Replying to @armaancrockroax
try to recheck "dvwa". you will find some and report them through github 😂
Reply Retweet Like
p3n73st3r retweeted
pyn3rd Apr 11
-2019-0232 Apache Tomcat Remote Code Execution on Windows
Reply Retweet Like
p3n73st3r Apr 11
Replying to @Alyssa_Herrera_
yeah m waiting 😍
Reply Retweet Like