This #BlackFriday, I am giving away my course "Hack like a white hat" for the first 1k students on Udemy. Available until 29th. Enroll, learn, and don't forget to leave a feedback! Enjoy: udemy.com/course/hack-li…
🕵️♂️Love a good CTF with a twist?👀Dive into this video where I leverage log poisoning, unveiling the dark secret of a notorious corporation.🕵️♀️📽️ #CTF#LogPoisoning#MustWatchyoutu.be/DwI76dOtgjk
extremely saddened by the tragic and deadly 6.9 magnitude earthquake that hit home in Morocco 🇲🇦 the death toll has already surpassed 2,000 (at time of writing) with more than 1400 injured.
my sincere condolences and prayers to all the people and families victims of this…
DevTunnels, blue are going to begin searching for DevTunnels.ms. Get ready ahead of time and use domains like:
global.rel.tunnels.api.visualstudio\.com
tunnels-prod-rel-tm.trafficmanager\.net
*.app\.github.dev
syonsecurity.com/post/devtunnel…
I always had a background voice that some hacker will deface my apps when I was a developer. It was my main motivation to learn web hacking. Today, I am sharing how it's done so you secure yours. #webdevelopment#ethicalhackingyoutu.be/FvpZkEHpF8g
We would like to express our condolences to Blue Teamers.
Microsoft has announced Microsoft Excel will now support Python.
More information: techcommunity.microsoft.com/t5/microsoft-3…
I invest days prepping #redteam pretexts and scenarios, only to find that the customer's email policy blocks new domains🤦♂️
@Flangvik@domchell what's your strategy for maintaining a good domain reputation to use for upcoming engagements? Or just switch to social media?
I think I just found a Cloudflare #XSS bypass, and customer trusted the WAF. The app was using jquery, so I leveraged it to get and run my own script. And the WAF saw nothing.
#Pentesting guys out there, I have a GET param that gets injected into a HTTP call. I have path traversal and can only control the path of the backend API, not the hostname. I have direct access to the API, so fuzzing the API is irrelevant.
Any exploitation ideas? RT for reach
52K Followers 616 FollowingGrzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
352 Followers 4K Following🌐 I made this account to warn others and share my experience with a potential Trojan that auto-downloaded from the TikTok Seller website. 🆘
187K Followers 6K FollowingThe leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
325K Followers 119 FollowingEmpowering the world to fight cyber threats with indispensable cybersecurity skills and resources. Build the path to a secure future with OffSec.
324K Followers 3K FollowingThe only official HackerOne Twitter account.
A global leader in offensive security solutions. #HackForGood #togetherwehitharder
431 Followers 1K FollowingGeneralist, autodidact with interests in mathematics, programming, psychology, and neuroscience. Works with @davidbombal. Opinions are my own!
239K Followers 1K FollowingWriting about the art & science of storytelling: https://t.co/4xsgDRORMk | My debut fantasy novel comes out this fall: https://t.co/D844mnkAYx
89K Followers 910 FollowingProgrammer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
1K Followers 121 FollowingPenetration Tester, Researcher | Opinions are my own and not the views of my employer | Yes I’m still alive, just taking a break
10K Followers 778 FollowingFullstack dev & Hacker, training ethical hackers how to hack & web devs to secure their apps! CTO @hackinghub_io and Director @bsidesexeter
3K Followers 0 FollowingSecuring the mobile world 🌐
We know how to protect your Android & iOS apps with our robust vulnerability-scanning solutions
#MobileAppSecurity #Cybersecurity