Maxim Tyukov
@mf0cuzaka mfocuz . Security research, Bug bounty, CTF, Programming.
Similar User
@antyurin
@evdokimovds
@hd_421
@arbitrarycode
Zabbix 7.0 has introduced a new feature that allows manual user input for scripts: lnkd.in/e5GfJmqw So now user roles may control script input. Be very careful when setting the "Input validation rule," as it is now the first place hackers will check.
3000$ bug and my second CVE in collection support.zabbix.com/browse/ZBX-245…
Just got my first CVE! Request smuggling in spring: tanzu.vmware.com/security/cve-2…
Found Netflix Registry service exposed to internet? That is how you can exploit it: “Hacking Netflix Eureka!” by Maxim link.medium.com/v0iXQwWa8jb
The new version is almost ready. In the meantime - meet the online password generator. Suitable for generation wordlist based on specific words, names, and so on with hashcat rules. Happy cracking! #passwords github.com/zzzteph/weakpa… Online generator: zzzteph.github.io/weakpass/
💥Easy RCE Ports (part 2) IBM WebSphere: 8880 Apache Hadoop: 8088 Redis: 6379 Docker: 2375 Apache Solr: 8983 Zoho Manageengine Desktop: 8383 Atlassian Crowd: 4990 Portainer: 9000 Hashicorp Consul: 8500 Apache Spark: 6066 #ptswarmTechniques
Active Directory Cheat Sheet - A cheat sheet that contains common enumeration and attack methods for Windows Active Directory github.com/Integration-IT…
I promise, I'll have the rest of the videos uploaded to YouTube soon. For now enjoy @Jhaddix's "The Bug Hunter's Methodology v4.0" from #NahamCon2020 youtu.be/p4JgIu1mceI
My friends released hacking educational portal hacktory.ai, check it out!
SMB Enumeration checklist: ➡️[DOC]:docs.google.com/spreadsheets/d… #redteam #blueteam #ThreatHunting #Windows
ParamSpider : Parameter miner for humans Got a nice SSRF last week using this : - paramspider found a url with parameter ?file_url= - The parameter was deprecated long back from the production - luckily the parameter was vulnerable to SSRF Github : github.com/devanshbatham/…
A deep dive into disable_functions bypasses and PHP exploitation (long post with internals, fuzzing & examples) blackarrow.net/disable-functi…
Whoever wrote this... I love you gitexplorer.com this will make anyone who is starting to use git (or just wants a quick answer) life that much easier!
If you are interested in hacking, you definitely want to become a patron of zzzteph for weakpass.com and Pavel Zhovner for flipperzero.one on patreon! I'm in!
Good whitepaper about windows 10 secure kernel: "Live forensics on the Windows 10 securekernel (2017)" ntnuopen.ntnu.no/ntnu-xmlui/bit…
Reversing Windows Internals (Part 1) – Digging Into Handles, Callbacks & ObjectTypes rayanfam.com/topics/reversi…
United States Trends
- 1. $EMT 4.031 posts
- 2. Spotify 2,29 Mn posts
- 3. #EarthMeta 1.627 posts
- 4. Mbappe 159 B posts
- 5. Pete 902 B posts
- 6. Arsenal 404 B posts
- 7. CEOs 27,4 B posts
- 8. Snape 2.850 posts
- 9. United Healthcare 109 B posts
- 10. Brian Thompson 149 B posts
- 11. Ancelotti 37 B posts
- 12. Citibike 10,3 B posts
- 13. Newcastle 61,6 B posts
- 14. $HAWK 4.376 posts
- 15. $TOAD 5.424 posts
- 16. Kelleher 20,8 B posts
- 17. Chipotle 8.571 posts
- 18. Valverde 25,4 B posts
- 19. Nunez 41,7 B posts
- 20. Subsonic 6.174 posts
Something went wrong.
Something went wrong.