Similar User
@Graphistry
@atillasade
@gbergel
@offethhacker
@Ministraitor
@ntlmrelay
@MiguelSantareno
![Maurice Daly [MVP] photo](https://pbs.twimg.com/profile_images/1182232265255981056/RrKR33Pc_x96.jpg)
@modaly_it
@vadidekivolkan
@iCyberFighter
@kayhankayihan
@yestinj
@IISResetMe
@FSDominguez
Grow your best employees or lose them, a 🧵 (1/10)
VMware fixed CVE-2021-21975 and CVE-2021-21983, which when chained together lead to an unauth RCE in vRealize Operations. The vulnerabilities were found by our researcher Egor Dimitrenko. Advisory: vmware.com/security/advis…
Interesting thread on DPRK actors socially engineering security folks, worth a read if you’re in the industry:
Normally my approach would be to list the objects in an OU, parse offline for SPN attrib to avoid SPN ldap filter, validate the accounts for honey by checking stuff like last logon, pwdlastset etc, cherry pick the privileged ones of interest then roast 1 w/ aes every 6h
There seems to be quite some questions and confusion about the impact of exploiting Zerologon (CVE-2020-1472) on the environment. So here's a thread 👇
Since there are already public POCs out there now, here is mine: github.com/dirkjanm/CVE-2… Requires latest impacket version from GitHub!
How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM (slides inside) blog.orange.tw/2020/09/how-i-… #HITCON
Did you ever want to build your own Invoke-Mimikatz not flagged by AMSI? Just published part II of "Bypass AMSI by manual modification" 🤘🥳 s3cur3th1ssh1t.github.io/Bypass-AMSI-by…
AWAE content developer @dejandayoff discovered and reported an authentication bypass vulnerability in Wekan. Check out the walkthrough: offs.ec/2R8ockW
We have an announcement about our Cracking the Perimeter course. CTP will be retired this year, with the last date for purchase being October 15, 2020. Please read our update for info about what's happening and why: offs.ec/2FmmD01
if you are starting with XXE/SSRF bugs, take a look at this awesome write up -> honoki.net/2018/12/12/fro… by the great @honoki 🙌💥🙏👏🧙♂️#bugbounty #infosec
Soon after this tweet, the CEO of Zoom @ericsyuan reached out and offered me an internship. Excited to announce that I'll be joining Zoom's security team for the summer.
I reverse engineered Zoom to figure out why it was considering UNC paths a URL in the first place. Zoom uses Microsoft's RichEdit interface to process chat messages. Although Zoom allows only http: and https:, Microsoft hardcoded a check for UNC paths.
Posted Same Same But Different: Discovering SQL Injections Incrementally with Isomorphic SQL Statements. My approach to discovering SQL Injections in an age of ORMs :) write.as/spaceraccoon/s…
A deep dive into disable_functions bypasses and PHP exploitation blackarrow.net/disable-functi…
“Hiç bir zaman çok hızlı büyümek istemedik. Felsefemiz mevcut müşterilerimizi memnun etmek. Her zaman mevcut müşterilerimizden gelen istekleri önceliklendiriyoruz ve biliyoruz ki mevcut müşterilerimizi memnun etmediğimiz sürece yenilerini kazanmak sürdürülebilir değil”
Facebook OAuth Vulnerability. $55,000 Bounty Awarded by Facebook. Writeup: amolbaikar.com/facebook-oauth… #Facebook #Security #BugBounty
Another interesting "from #xss to #rce" writeup s0md3v.github.io/xss-to-rce/ #pentesting
What are some endpoints that make you excited when it pops up while performing a directory brute force? Here are some of mine: /api/proxy /swagger-ui /demo /metrics
United States Trends
- 1. Browns 98,4 B posts
- 2. Lakers 50,9 B posts
- 3. Jameis 49,6 B posts
- 4. Franz 17 B posts
- 5. Bron 15,1 B posts
- 6. #ThePinkPrintAnniversary 22,5 B posts
- 7. Tomlin 20,5 B posts
- 8. Reaves 7.320 posts
- 9. Pickens 16,2 B posts
- 10. Pam Bondi 242 B posts
- 11. Anthony Davis 3.721 posts
- 12. #TNFonPrime 5.914 posts
- 13. #PinkprintNIKA 9.925 posts
- 14. #PITvsCLE 11,7 B posts
- 15. Chris Brown 18,2 B posts
- 16. Russ 37,2 B posts
- 17. Arctic Tundra 14,3 B posts
- 18. #LakeShow 5.185 posts
- 19. Fields 52 B posts
- 20. Myles Garrett 9.728 posts
Who to follow
-
Graphistry
@Graphistry -
Atilla Sade
@atillasade -
☠ Ragnar ☠
@gbergel -
Ethical Hacker
@offethhacker -
Cooper
@Ministraitor -
Ring3API 🇺🇦
@ntlmrelay -
Miguel Santareno
@MiguelSantareno -
![Maurice Daly [MVP] photo](https://pbs.twimg.com/profile_images/1182232265255981056/RrKR33Pc.jpg)
Maurice Daly [MVP]
@modaly_it -
Volkan Özçelik 🦌
@vadidekivolkan -
Limor Kessem, CISM, CCISO
@iCyberFighter -
Kayhan Kayıhan
@kayhankayihan -
Yestin
@yestinj -
Mathias R. Jessen
@IISResetMe -
Francisco Dominguez
@FSDominguez
Something went wrong.
Something went wrong.