Ha_Ha_Sher @Ha_Ha_Sher - Twitter Profile

over 2 years ago

Here are 17 platforms where you can begin learning cybersecurity: 1. HackXpert - Free labs and training. 2. TryHackMe -Hands-on exercises and labs. 3. CyberSecLabs - High quality training labs. 4. Cybrary - Videos, labs, and practice exams. 5. LetsDefend - Blue team training platform. 6. Root Me - Over 400 cybersecurity challenges. 7. RangeForce - Interactive and hands-on platform. 8. Certified Secure - Loads of different challenges. 9. Vuln Machines - Real world scenarios to practice. 10. Try2Hack - Play a game based on the real attacks. 11. TCM Security Entry level courses for cybersecurity. 12. EchoCTF - Train your offensive and defensive skills. 13. Hack The Box - Online cybersecurity training platform. 14. Vuln Hub - Material for practical hands-on experience. 15. OverTheWire -Learn security concepts through challenges. 16. PentesterL.ab - Learn web-application penetration testing. 17. PortSwigger Web Security Academy - Extensive learning material. #Infosec #Learning #Hacking #CyberSecurity

7

1K

358

2K

172K

Ha_Ha_Sher @Ha_Ha_Sher

almost 3 years ago

@IndiaPostOffice Sir, I am also attaching a screenshot of status as of 2 July 2023 11:53PM screenshot for reference.

2

0

23

Ha_Ha_Sher @Ha_Ha_Sher

almost 3 years ago

@IndiaPostOffice Dear sir, I had post EN932073352IN but it's status showing that consignment not found, I am attaching screenshots also, please look into matter.

Ha_Ha_Sher's tweet photo. @IndiaPostOffice Dear sir, I had post EN932073352IN but it's status showing that consignment not found, I am attaching screenshots also, please look into matter. https://t.co/piJHoM99OC

1

0

31

Ha_Ha_Sher @Ha_Ha_Sher

almost 3 years ago

@IndiaPostOffice Referring trailing tweet, issue not resolved and niether received consignment, Please look into matter

1

0

6

Who to follow

TuAg🏀

@TuAg_T

🇨🇳CyberSecurity🖥️ CTFer💻

mr7s3d0

@AlaxBob

Ha_Ha_Sher retweeted

Kuldeep Pandya @kuldeepdotexe

almost 3 years ago

I found a really interesting rXSS on a @SynackRedTeam target last night. The injection point was like this: <button onclick="document.location='$USER_INPUTsomeother_randomtext'"> More details in thread 👇 #infosec #hacking #hunting #XSS

kuldeepdotexe's tweet photo. I found a really interesting rXSS on a @SynackRedTeam target last night.

The injection point was like this:

<button onclick="document.location='$USER_INPUTsomeother_randomtext'">

More details in thread 👇

#infosec #hacking #hunting #XSS https://t.co/TZ4N8IM0Ye

8

186

28

73

23K

Ha_Ha_Sher @Ha_Ha_Sher

almost 3 years ago

we are having our aktu https://t.co/O1EChISAWP. Exams in this extreme hot weather we are not getting electricity for study, we are getting electricity one or two hour which gets interrupted every half hour please look at the matter. Add- Bhauti Pratapur @DMKanpurDehat @UPPCLLKO

0

1

0

51

Ha_Ha_Sher @Ha_Ha_Sher

about 3 years ago

@IndiaPostOffice Is it mandatory @IndiaPostOffice that I will have to visit the Post Office to collect my Post or Courier. I received the courier yesterday when I visited the Post Office. he had neither informed me on phone call or by other means and saying that we don't have people to deliver

1

0

27

Ha_Ha_Sher retweeted

Luke Stephens (hakluke)

@hakluke

about 3 years ago

Here's a useful recon one-liner using 2 of my tools! 🤘 Enumerate subdomains with haktrails 👉 https://t.co/z8Py1qHM73 ⭐️ Convert to absolute URLs with httpx 👉 https://t.co/ulK1qn4m5N ⭐️ Discovery URL endpoints with hakrawler 👉 https://t.co/XPuPqahWYL ⭐️ #hackingtips

hakluke's tweet photo. Here's a useful recon one-liner using 2 of my tools! 🤘

Enumerate subdomains with haktrails 👉 https://t.co/z8Py1qHM73 ⭐️
Convert to absolute URLs with httpx 👉 https://t.co/ulK1qn4m5N ⭐️
Discovery URL endpoints with hakrawler 👉 https://t.co/XPuPqahWYL ⭐️

#hackingtips https://t.co/n4qJE7kIH7

11

374

116

172

37K

Ha_Ha_Sher retweeted

Anton @therceman

about 3 years ago

Bug Bounty Hint Bypassing Cloudfront XSS WAF 1) alert = window["al"+"ert"] 2) bypass () with `` 3) replace space with / 4) encode symbols: 🔹< = %3c 🔹> = %3e 🔹" = %22 🔹[ = %5b 🔹] = %5d 🔹` = %60 Not Encoded Payload: <svg/onload=window["al"+"ert"]`1337`> Cheers

4

360

105

208

30K

Ha_Ha_Sher retweeted

Luke Stephens (hakluke)

@hakluke

about 3 years ago

How to use Amass to find ASNs and CIDRs and then enumerate subdomains with them! 🔍 🧨 Find ASN and CIDRs: amass intel -org "<target>" 💥 Enumerate subdomains: amass enum -d <target> -active -cidr <cidr-block> -asn <asn> Try this to find more subdomains! 🔥 #hacking

hakluke's tweet photo. How to use Amass to find ASNs and CIDRs and then enumerate subdomains with them! 🔍

🧨 Find ASN and CIDRs: amass intel -org "<target>"

💥 Enumerate subdomains:
amass enum -d <target> -active -cidr <cidr-block> -asn <asn>

Try this to find more subdomains! 🔥 #hacking https://t.co/kksWym5eF3

12

337

101

174

38K

Ha_Ha_Sher retweeted

Klaudia Kloc

@KlaKlo_

about 3 years ago

How we, @vidocsecurity, bypass 401 and 403 - practical tips for fellow #bugbounty hunters <thread>

13

454

148

310

31K

Ha_Ha_Sher retweeted

N$🌟

@__nav1n_

about 3 years ago

This is one of the easiest RCEs I've ever found in my BB, lets hope this isn't a duplicate. Found an endpoint with `something.php?run=`, execute the encoded `%26echo%20`id`%24()%5C%20 ` in HTTP request, surprised to see when server returned ID. #BugBounty #RCE

__nav1n_'s tweet photo. This is one of the easiest RCEs I've ever found in my BB, lets hope this isn't a duplicate.

Found an endpoint with `something.php?run=`, execute the encoded `%26echo%20`id`%24()%5C%20 ` in HTTP request, surprised to see when server returned ID.

#BugBounty #RCE https://t.co/oOUAes3TdQ

26

696

160

230

52K

Ha_Ha_Sher retweeted

Rami (drunkrhin0) @drunkrhin0

about 3 years ago

Want to start bug bounties but don't know where to begin? 🕵️‍♀️�� You're in luck! I get asked this question daily So, I've put together a small list of resources to help you get started on your bug bounty adventure. 💥 A #bugbountytips thread 🧵 1/10

22

524

183

642

82K

Ha_Ha_Sher @Ha_Ha_Sher

about 3 years ago

@krishnsec 10000

0

17

Ha_Ha_Sher retweeted

/Zer0/ @_Zer0Sec_

about 3 years ago

Some recent lessons learned: If something is suspicious but SQLMap “thinks” it might/might not be vulnerable, manually confirm/deny before leaving. Payload example: ' AND extractvalue(rand(),concat(0x3a,(SELECT user()))) # #bugbountytips #BugBounty

_Zer0Sec_'s tweet photo. Some recent lessons learned:

If something is suspicious but SQLMap “thinks” it might/might not be vulnerable, manually confirm/deny before leaving.

Payload example:

' AND extractvalue(rand(),concat(0x3a,(SELECT user()))) #

#bugbountytips #BugBounty https://t.co/fhE42WKdrT

14

515

153

209

49K

Ha_Ha_Sher retweeted

Nithin 🦹‍♂️

@thebinarybot

about 3 years ago

Here's a list of bug bounty tools that @GodfatherOrwa uses and shared in @NahamSec 's live stream. 🧵👇 #bugbounty #bugbountytips

25

420

145

360

55K

Ha_Ha_Sher retweeted

Paul Couvert

@itsPaulAi

about 3 years ago

ChatGPT Plus is much more powerful than ChatGPT. But it costs $20/month and its knowledge ends in 2021. Here is a FREE alternative with no limitations (and internet access):

189

6K

1K

8K

2M

Ha_Ha_Sher retweeted

Ryan M. Montgomery

@0dayCTF

about 3 years ago

Bypass WAF / Restrictions with REcollapse - This tool assists in blackbox regex fuzzing to bypass validations and discover normalizations in web apps. - Repo: https://t.co/iHdzytjeVC - Creator: @0xacb (Also thanks to @Hacker0x01) - - #infosec #cybersecurity #CTF #bugbountytips

0dayCTF's tweet photo. Bypass WAF / Restrictions with REcollapse
-
This tool assists in blackbox regex fuzzing to bypass validations and discover normalizations in web apps.
-
Repo: https://t.co/iHdzytjeVC
-
Creator: @0xacb (Also thanks to @Hacker0x01)
-
-
#infosec #cybersecurity #CTF #bugbountytips https://t.co/SBhkFXxolz

18

471

139

194

63K

Ha_Ha_Sher retweeted

The XSS Rat - Proud XSS N00b :-)

@theXSSrat

about 3 years ago

100 tools every self respecting web app hacker should know Burp Suite OWASP ZAP Metasploit Framework sqlmap Nmap Dirbuster WPScan Arachni BeEF Hydra XSSer Sqlninja Cain and Abel Netcat THC Hydra Nikto Skipfish Vega sqlsus John the Ripper THC-SSL-DOS Sublist3r Wfuzz Shodan Fiddler sqlmapgui Wapiti Yersinia Tamper Data WebScarab Paros SQL Inject Me Acunetix Nessus Grendel-Scan Ratproxy IronWASP Websecurify Zed Attack Proxy Zenmap NoSQLMap ODAT X-Forwarded-For Spoofer WebSlayer w3af Maltego WPScan Desktop WP-Scan Vulnerability Database BruteForcer JoomScan Joomfish Scanner WP Security Audit Log JoomlaScan CMSmap Vega Vulnerability Scanner Skipfish Web Application Security Scanner Grabber DAVScan bbqsql Scrawlr Cewl Wapiti Web Application Vulnerability Scanner XssPy RIPS Zenmap WPScan Arachni OWASP ZAP Sqlmap Nessus Kali Linux Acunetix Web Vulnerability Scanner Nmap Vega Metasploit Framework Hydra Burp Suite Nikto Zed Attack Proxy Grendel-Scan Skipfish Arachni Wfuzz Dirbuster Sqlninja NoSQLMap OWASP Mantra WP-Scanner XSSer Metagoofil Brutus RainbowCrack THC-Hydra Medusa THC-SSL-DOS OpenVAS WP-Scan Vulnerability Database WPScan Desktop LFI Suite XssPy

50

1K

357

820

103K

Ha_Ha_Sher @Ha_Ha_Sher

about 3 years ago

@IRCTCofficial @RailMadad I have booked in train 18190 and train will Perumbur station at 07:58 Pm but still chart is not prepared, Kindly do needful as soon as possible

1

0

11

Ha_Ha_Sher

@Ha_Ha_Sher

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users