Twitter | Search | |
Search Refresh
Renaud Martinet 14h
Ok so now that is over, please tell me what the damn official solution is! For the record, here's the one I found:
Reply Retweet Like
🅺🅴🅽🅰🅽 🇹🇷 May 21
old but gold, for those who has interest in CSP bypass and XSS
Reply Retweet Like
Picus Security Inc. May 20
Do you know emerged payloads without parentheses, semi-colons and string literals some signature-based filters of Web Application Firewalls () and browsers? Test your security controls now with 300+ XSS payloads included in the Picus Threat Database
Reply Retweet Like
Jai Kumar Sharma 4h
Reply Retweet Like
slick May 23
My <head>mind</head> telling me no..but my <body> <svg/onload=alert(‘bump-n-grind’)>, my </body> telling me yes... I don’t see nothin wrong with a little
Reply Retweet Like
DigitalMunition May 21
Reply Retweet Like
SecuNinja May 24
any idea how to an existing js alert box? i have an alert box in which i can enter arbitrary text but not able to break out of it right now... maybe?
Reply Retweet Like
HTTP Security Guru May 24
Do you know that and CSRF can be mitigated on a web server side? does by implementing exemplary HTTP and CSP security
Reply Retweet Like
Brute Logic May 20
To my new followers! If you are interested in check my blog at
Reply Retweet Like
i like it May 23
WAF events Bypass: if ><tag onxxxx=alert(1)> is filtered, try ><tag onxxxx="'a'|alert(1)"> and your done
Reply Retweet Like
☣ KitPloit - Hacker Tools 24h
Reply Retweet Like
Teemu Vesala May 21
Do you understand the shared model of cloud services? I love it. But it needs almost blind trust to cloud service provider. And it can be destroyed easily. At easy to find , or access control by pass - good bye service.
Reply Retweet Like
fakessh May 22
discovered at not hacker just bughunter send mail to security officier
Reply Retweet Like
Xecurity May 23
Quick question for all folks; I've recently noticed people colleting bounties from programs, etc - wtf am I missing? I've submitted a ton, is there a page or program I'm missing??
Reply Retweet Like
DigiOz Multimedia May 18
flaw in Plugin lets attackers compromise WP sites
Reply Retweet Like
Privasec RED May 19
's Consultant has released the second article of his new ‘Weaponising Series’ , after a great response on ‘Weaponising bypass’. Stay tuned to Privasec Red's Twitter page for further additions to this series.
Reply Retweet Like
Daniel Abeles May 23
😱 I’m super excited that my latest project was accepted to Arsenal! 🙏🏻 If you're into managing attacks / remote browser debugging, stop by my booth at Blackhat this summer :)
Reply Retweet Like
SecuNinja May 23
Reply Retweet Like
xLateral May 23
VulnType: CSRF and Self-XSS lead to session-stored XSS! Bounty: $300 on !
Reply Retweet Like
GSPANN Technologies May 23
Reply Retweet Like