Re @_EthicalChaos_ This tweet was not meant as a criticism toward you - it was meant to convey that this is not unheard of for EDR systems.

vulnx: vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms wordpress , joomla , drupal , prest...

Towards a Quieter Burp History:-

Hey you! Yes you! Don't fucking give up till you show to the world what you are capable of!

Assetnote Wordlists. New Update.  You can download all of the wordlists at once, using the following command:- wget -r --no-parent -R "index.html*"  T...

Re Please note: * The primary components of an EDRs operate in kernel mode * User-mode DLLs present are a result of Ps* callback routines * EDRs work ...

Unfortunately, this is not true. EDRs have been using this method for a very long time. How do we know? We have a reversed-and-working source code to ...

Introduction to Binary Exploitation - PwnShop :

The Debugging Book - Tools and Techniques for Automated Software Debugging :  How Debuggers Work :

Spying on Microcontrollers using Current Sensing and embedded TinyML models :

A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures. :  Reversing for everyone  :

Speculating The Entire X86-64 Instruction Set In Seconds With This One Weird Trick :  Exploration of x86-64 ISA using speculative execution. :

KFENCE - Detecting memory bugs in production kernels :

RT Alex Ilgayev: My latest analysis of the Windows Sandbox platform is finally out. Many thanks to @EyalItkin for the guidance.

Re @intigriti @SecureOwl

Interestingly enough, when a browser compares:  These are neither SameSite nor Same-Origin. Which I would expect? Kinda? Or does appending the dot ess...

RT Inti De Ceukelaire: How a single dot resulted in a $3,100 bug bounty from @ShopifyEng. Check out the S&T video! #h12102

Re @intigriti Update plz?

Re @intigriti

RT INTIGRITI:  Re @renniepak we filed a ticket 😇

It was fun while it lasted. #19 now. :)

Re @vict0ni @intigriti

When you're number 18 on @intigriti's  All-Time Leaderboard, but they only show up until number 17:

Re @0xw2w Thanks but I meant a spider build in Javascript so I can include it in my XSS payload.

Re @intigriti I misspelled it before it was cool.

Re @codingo_

Re I've come to the conclusion that this is a bad idea. Spidering a (badly designed) website you don't know, might trigger some state changing actions...

Re @n00py1 @beefproject Yeah I considered that but that would be a bit too "phishy" for a bug bounty context. But I also realized my idea could have s...

Re Too clearify: I meant a spider build in Javascript. So I can use in in my XSS payload.

Re @hugopicanzo Partly. I'm not specifically interested in js files. But I have something working now, thanks!

Re @pry0cc Yeah I need it to run in a victims browser. So can't rely on external tools. So the idea is that my XSS payload spiders the website the vic...

RT Jason Haddix: Be wary of anyone telling you how to hack. No two people do it alike, there are haters at every corner, and the magic is persistence.

Well you know how it goes: I've build my own! Might share some day.  All it does now is get `document.links`, check if they are Same-Origin, pull thei...

Re And then you could let your XSS Hunter host serve you a local instance of the affected website, so you could actually browse it (or at least the pa...

RT PortSwigger Research: New attacks on OAuth: SSRF by design and Session Poisoning by @artsploit

RT LiveOverflow 🔴: Hacking into Google's Network for $133,337 🏆 It was a pleasure to talk to @epereiralopez about his bug bounty research into G...

RT Ezequiel Pereira López: Congratulations to the winners! And thanks @GoogleVRP for an amazing bug bounty program! Best of luck to everyone for the ...

RT Teddy Katz: New writeup: How I was able to read anyone's GitHub Actions secrets, write to their repositories, and publish many of their packages

RT Ryan M. Montgomery: The fastest directory bruteforcer out there. I hate to say goodbye to Dirb & Gobuster, but it's time 🙏 - - #bruteforce #ctf ...

RT Orange Tsai  🍊: I know there are lots of people waiting for the recent Microsoft Exchange pre-auth RCE on our side. This is a short advisory and...

RT Grapl Inc.: Check out our first offsec blog post, "Anatomy of an Exploit: RCE via CVE-2020-1350 SIGRed" by @chompie1337 We cover in detail reverse ...

RT Laxman Muthiyah: Microsoft Account Takeover! 😊😇 Thank you very much @msftsecresponse for the bounty! 🙏🙏🙏 Write up -

RT Jake Miller: Just when you thought JSON was the one thing you could trust. My latest research on JSON interoperability vulnerabilities highlights t...

RT Ben Sadeghipour: After months of working on this, I’m excited to release my first bug bounty course on @udemy today! This is not a complete course...

RT Orange Tsai  🍊: A short post to address an exploit chain I did in last year. Both slides and YouTube video are online now - A Journey Combining ...

RT Frans Rosén: We did some fun tricks with nginx on bug bounties a while back, and made a post about out the configurations being vulnerable

RT Detectify: Detectify co-founders @fransrosen, @avlidienbrunn and @Almroot found some interesting middleware misconfigurations and potential exploit...

RT Youssef Sammouda: Enumerate internal cached URLs which lead to data exposure ($4800) Leaking Facebook user information to external websites ($2000)...

RT Youssef Sammouda: View orders and financial reports lists for any page shop ($500) URLs in img tag aren’t safely embedded. ($500) Access employees...

RT Orange Tsai  🍊: Most of my public presentation slides are on GitHub now!