Twitter | Search | |
{{ '127.0.0.1’}}
I am getting started with bug bounty security HOF
1,515
Tweets
227
Following
168
Followers
Tweets
{{ '127.0.0.1’}} retweeted
Ammar Amer 16h
Hackers successfully bypassed Google’s two-factor authentication (2FA) and broke into Gmail accounts:
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Ruben 13h
Looking to learn basics about web security (attack/defend) or a refresher? I highly recommend - Web Security Academy( ). Well written with hands on labs.
Reply Retweet Like
{{ '127.0.0.1’}} 3h
Congrats 👏🏻
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Patrik Hudak Aug 19
Subdomain enumeration + content discovery trick:
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
David D. Rude II 21h
Just wrote a blog post on techniques to detect VMs and Sandboxed environments from a web browser. Virtual Machine Detection In The Browser:
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Florian Hansemann 6h
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
⌖ 20h
Removing profile pictures for any Facebook user
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
John Regehr Aug 19
new blog post: Write Fuzzable Code in which I express a lack of sympathy for anti-fuzzing measures
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Sergey Kashatov 7h
I just published How I upgraded my privileges to the administrator of Odnoklassniki’s url shortener
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
B G 15h
“Jenkins RCE PoC or simple pre-auth remote code execution on the Server.” by Valeriy Shevchenko
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Ameen 15h
Easiest and luckiest bug I’ve ever found 🙂 - Login page w/o registration > Parse JS files w/ LinkFinder > Notice Jira/Confluence link > Open registration to public > Many credentials. Yay, I was awarded a $2,500 bounty on !
Reply Retweet Like
{{ '127.0.0.1’}} 24h
Replying to @Th3G3nt3lman
Hit em up, all eyez on me , California love , dear mama etc ❤️
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Ɓarwisᴉɐͷ Aug 19
So, you like to go down rabbit holes & research stuff on the Internet, huh? Can I interest you in some "Open-Source Intelligence (OSINT) Reconnaissance?" - via
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
CriticalBlue Aug 19
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Soroush Dalili Aug 16
After spending so much time, finally here it is: "𝗨𝗽𝗹𝗼𝗮𝗱𝗶𝗻𝗴 𝘄𝗲𝗯.𝗰𝗼𝗻𝗳𝗶𝗴 𝗳𝗼𝗿 𝗙𝘂𝗻 𝗮𝗻𝗱 𝗣𝗿𝗼𝗳𝗶𝘁 𝟮"
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
ay jamal1 Aug 17
To test XSS + SQLi + SSTI/CSTI with the same payload use : '"><svg/onload=prompt(5);>{{7*7}} ' ==> for Sql injection "><svg/onload=prompt(5);> ==> for XSS {{7*7}} ==> for SSTI/CSTI by me !
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Kenan Genç Aug 18
Replying to @k33r0k
<iframe/src=javascript:%2520with(document)with(body)innerHTML="<svg/onload"%2B"=prompt\x28\document.domain\x29\x3e">
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Andri Wahyudi 🕊️ ‏ Aug 18
SQL Injection Manual Tutorial For Beginners #1
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Murtada Kamil Aug 18
Reply Retweet Like
{{ '127.0.0.1’}} retweeted
Florian Hansemann Aug 18
Low Privilege Active Directory Enumeration from a non-Domain Joined Host
Reply Retweet Like