BugBounty: Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...

BugBounty：Bug Bounty的东西，有效负载，脚本，配置文件，技巧和窍门，...

burp-shell-fwd-lfi: A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration

burp-shell-fwd-lfi：一个Burp Suite插件/扩展，在Burp中提供了一个shell。两者都对OS命令注入和LFI探索有用

burp-aem-scanner: Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for com...

burp-aem-scanner：Burp扫描仪扩展程序，用于指纹识别并主动扫描Adobe Experience Manager CMS的实例。它会检查网站上是否有...

BurpCrypto: BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

BurpCrypto：BurpCrypto是burpsuite加密插件的集合，支持AES / RSA / DES / ExecJs（在burpsuite中执行JS加密代码）。

“Web Application Hacking Introduction — Mapping the Application” by n00bie

n00bie的“ Web应用程序黑客介绍－映射应用程序”

“Hacking Your Pen Testing / Red Teaming Career: Part 1” by Lawrence Munro

劳伦斯·芒罗（Lawrence Munro）的“提高笔测试能力/红色团队职业：第1部分”

“Hacking Your Pen Testing / Red Teaming Career: Part 2” by Lawrence Munro

劳伦斯·芒罗（Lawrence Munro）的“提高笔测试能力/红色团队职业：第二部分”

“Web Application Penetration Testing Checklist” by @CutieChenny

@CutieChenny撰写的“ Web应用程序渗透测试清单”

Re @secyivfx Use google chrome it’s translating to English automatically.

Re @secyivfx使用google chrome，它会自动翻译成英文。

“A Quick Guide to Using ffuf with Burp Suite” by @santosomar

@santosomar撰写的“ Burff Suite中使用ffuf的快速指南”

“How I hacked a live website and It’s hasn't been fixed yet!” by Ujjwal Kumar

“我是如何入侵实时网站的，但尚未解决！”由Ujjwal Kumar

“Source Code Analysis and API Keys Exploitations” by Tushar Verma

Tushar Verma的“源代码分析和API密钥开发”

“Exploiting Information Disclosure” by Gupta Bless

Gupta Bless的“利用信息披露”

“Parameter Tampering on payment during buying premium membership.” by Takester

“购买高级会员时在付款时篡改参数。”由Takester

“My first bug in google and how i got CSRF token for victim account rather than bypass it ($1337)!” by Oday Alhalbe

“我在Google的第一个错误，以及我如何为受害者帐户获取CSRF令牌而不是绕开它（1337美元）！”由Oday Alhalbe

“[Bug Bounty Writeups] Exploiting Insecure XML Parsers to perform Single-Request Denial-of-Service” by Ahmed ElTijani

Ahmed ElTijani的“ [错误赏金写真]利用不安全的XML解析器执行单请求拒绝服务”

“How I Did Full Account Takeover By Clickjacking” by Green Terminals

Green Terminals撰写的“我如何通过Clickjacking进行全部帐户接管”

“How to Scan Continuously with Nuclei?” by dw1

“如何使用Nuclei连续扫描？”由dw1

“How I hacked redbus [An online bus-ticketing application]” by @rajesh_sangi12

@ rajesh_sangi12的“我如何入侵redbus [在线公共汽车票务应用程序]”

“Razer Source Code Disclosure” by @novan_rmd

@novan_rmd的“ Razer源代码披露”

classe!

类！

Re @wsl Sexy & Skilled ! Dual Threat !

Re @wsl性感和熟练！双重威胁！

Re @vulcanoWoman okok... wsl Recht haben

Re @vulcanoWoman好吧... WSL是正确的

Re @TomHall @YvonneMarti2 @wsl 🏄‍♀️ 😃 👏👏

Re @wsl Nice 👍🌺

Re @Maro_noon 僕はWSLじゃないのでなんとも言えない…ちなみにドライバー入れてnvidia-smiとかnvccは通るのか、通るけどGPUを認識しないのかとかわかると何か言...

Re @Maro_noon我不能说什么，因为我不是WSL ...顺便说一句，如果您安装了驱动程序，并且知道nvidia-smi或nvcc是否会通过，或者是否会通过，但它无法识别GPU ...

Queria: aprender a surfar Tenho: medo de mar

我想：学会冲浪：惧怕大海

Amanhã tem wsl

明天有WSL

wsl: Why did Sierra Lerback cross the board? To get the nose! Video: Camburi & Baleia LNSP

wsl：为什么Sierra Lerback跨界？要鼻子！视频：Camburi和Baleia LNSP

Re @kaya_wsl Es macht mich so wütend, WARUM GIBT ES SOLCHE DRECKSSÄCKE

回复@kaya_wsl这让我很生气，为什么有这样的鸭子

Lección: la satisfacción del logro alcanzado es la recompensa a la preparación y el duro trabajo

教训：成就感是对准备和努力的回报

Re @wsl Overdressed.

Re @wsl着装过度。

Why did Sierra Lerback cross the board? To get the nose! Video: Camburi & Baleia LNSP

为什么Sierra Lerback跨界？要鼻子！视频：Camburi和Baleia LNSP

ICYMI: Tobin Heath and Christen Press on joining Manchester United:  Heath:  Press:

ICYMI：Tobin Heath和Christen Press加入曼联：Heath：Press：

Re @TomHall @wsl #espectacular #surfing Thanks Tom !🌊🔝

WindowsでRustの開発環境を構築する(not on WSL)/おまけのみ有料｜数寄屋

在Windows上构建Rust开发环境（不在WSL上）/仅出于奖励而付费|

Open Redirect to EVIL site through whitelisted domains. #HR51KDB #bugbountytips #infosec #bugbountytip #hack #cybersecurity

通过白名单域打开重定向到EVIL站点。 ＃HR51KDB #bugbountytips #infosec #bugbountytip #hack＃网络安全

Comprehensive Guide on Broken Authentication & Session Management Does just keeping secure and a strong password can really protect you? @owasp #Ethic...

全面的认证和会话管理指南仅仅保持安全性和强密码可以真正保护您吗？ @owasp＃道德...

extract all IP addresses from a file: grep -oP '([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\...

从文件中提取所有IP地址：grep -oP'（[01]？\ d \ d？| 2 [0-4] \ d | 25 [0-5]）\。（[[01]？\ d \ d ？| 2 [0-4] \ d | 25 [0-5]）\。（[01]？\ d \ d？| 2 [0-4] \ d | 25 [0-5]）\。（ [01]？\ d \ ...

🔴 Excited to sponsor a series of #LiveRecon sessions with @NahamSec! Tune in to watch his interview with @InsiderPhD, and don't forget to subscribe...

Re @mrpixelface Wow now that I saw it like that, it’s fricking ridiculous how a penalty was awarded! Lost for words man

Re @mrpixelface哇，现在我看到了那样，如何判处罚款真是荒唐可笑！言语失落的人

Re @tmoraitauthor I caught up with the Utd match. BHA are OK to watch, United were as you said fairly terrible. I'm not surprised that penalty was awa...

Re @tmoraitauthor我赶上了Utd比赛。 BHA可以观看，就像您说的那样，曼联非常糟糕。处罚会被唤醒，我并不感到惊讶。

Re @ManCity It was like Leicester & referee came in with mindset, get in box a little touch and penalty. I have seen many rough challenges with no pen...

回复@ManCity就像莱斯特和裁判本来就是心态，在禁区里有些动容和罚球。我已经看到了许多笔都没有的艰巨挑战...

I was about to ask what's the maximum number of penalties a team can be awarded in a single game Manchester city this wasn't our day. @ManCity @aguero...

我要问的是，这不是我们今天在曼彻斯特城的一场比赛中最多可以判罚的球队数目。 @ManCity @aguero ...

Re @coolfunnytshirt This proves that Tiwatia is a good Project Manager who can ask others to work in the team and take credit!  I'm sure Tewatia was a...

Re @coolfunnytshirt这证明Tiwatia是一位优秀的项目经理，他可以要求其他人在团队中工作并获得荣誉！我确定Tewatia是...

I can't imagine the Outrage if it was Manchester United who have been awarded 3 penalties in a single match.

如果是曼联在单场比赛中获得3个点球，我简直无法想象。

I awarded a penalty today. In my personal opinion it was never a penalty in a month of Sunday’s. Unfortunately I’ve got to follow the laws of the ga...

我今天判了点刑。我个人认为，在星期日的一个月内，这绝不是惩罚。不幸的是，我必须遵守游戏规则。

i may not be a tottenham fan but seriously i feel them. one was awarded a penalty and they were denied over the same mistake 😰makes no sense if you...

Re @SkySports It a penalty. His hand changes the direct of the ball. The hand ball rule was explained to all involved before the start of the season.i...

Re @SkySports这是一个惩罚。他的手改变了球的方向。在本赛季开始之前向所有相关人员解释了手球规则。

Re @jamespriceglos My grandfather’s dying wish was that I was to be awarded a lectureship at Oxford Uni. Looking forward to taking up my new role tea...

Re @jamespriceglos我祖父的垂死希望是我将获得牛津大学的讲课。期待接受我的新角色茶...

Re @SundayDareSD Good day Sir.... Am Henry Odumu, A Nigerian Cyclist from Bayelsa State... Recently I set a record as the 1st cyclist to ride bicycle ...

Re @SundayDareSD先生，祝大家好。...来自巴耶尔萨州的尼日利亚自行车手安·亨利·奥杜姆（Am Henry Odumu）...最近，我创下了第一个骑自行车的自行车记录...

When I was a junior student,  I observed many of my seniors (both males & females) like coming late,  Because then,  the purnishment is washing the st...

当我还是一名初中学生时，我观察到我的许多高年级学生（包括男性和女性）都迟到了。

Re @juliusvolz Ok, thought it was someone else in your family who received that for being a war vet or something. If it indeed was awarded to you ... ...

Re @juliusvolz好吧，以为是您家人中的其他人因为担任过战争兽医或其他事情而得到了。如果确实是授予您的……

Re @stokfredrik @rez0__ @fransrosen I've never thought about it like that! I've always seen it as a way to establish credibility in the bug bounty spa...

回复@stokfredrik @ rez0__ @fransrosen我从来没有那样想过！我一直认为它是在漏洞赏金温泉中树立信誉的方法...

BugBounty: Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...

BugBounty：Bug Bounty的东西，有效负载，脚本，配置文件，技巧和窍门，...

Re @stokfredrik @fransrosen One of @fransrosen talks got me interested in bug bounty. His willingness to share details freely encouraged me and I knew...

Re @stokfredrik @fransrosen @fransrosen的谈话之一使我对漏洞赏金感兴趣。他愿意自由分享细节鼓励了我，我知道...