Olivia
Online
Martin
@MalwareYeti
Ireland
Joined June 2021
779 Following
69 Followers
151 Posts
my bad bro?
@KooKiz Thats not how it works- you just do a countdown untill its dropped as a zero day- suddenly they can reproduce it.
Someone from XBOW claimed that they found 23 nginx configs from GitHub vulnerable to nginx-rift.
It turns out 22 out of the 23 were actually PoCs of nginx-rift itself. Not sure about the remaining one. Good call from @julianor.
Here are the 4K nginx configs that we downloaded from GitHub: https://t.co/Ba27Ob6Ttz
We also did a brief analysis of nginx-poolslip, and couldn't find any vulnerable configs either. There were some close calls though.
We'll download and analyze more configs, and share our results later.
Hopefully from now on, whenever someone publishes a new nginx exploit, they also publish whether it can actually be exploited against configs found in the wild on GitHub.
Absence of evidence is not evidence of absence, but it still gives useful data points about how practical these exploits really are. Of course, people should patch anyway.
Who to follow
︎
@0xocdsec
︎
🏴☠️ 🇪🇺 💚 🇺🇦 | computers & features | 💚 🏴☠️ party | 603,628 km² https://t.co/F5dgX7AEoL
0x4b
@tx__qi
Dah besar. tapi masih belajar
Shiroe
@TheRealShiroe
ex Sr Consultant Ovt4 / ex SOC Analyst trying to expand my knowledge on Forensics, Malware Analysis and Detection Engineering. #GCIH
No. This is 20 pages of AI slop from a guy that discovered file locks and has no idea what an EDR does. Stop making stupid people famous
Firefox is finally going to solve browser security all while having 2% of browser market share.
And to make sure you know it's important, they also published a CVE for this: https://t.co/i5MofhJooN A "vulnerability" that exists only when you provide dhash_entries=1 on the kernel commandline, resulting in a crash of the kernel at boot.
thank you claude
"we had a good thing, you stupid son of a bitch! we had Lows. we had Mediums. we had renderer RCE bonuses, and it all ran like clockwork! you could have shut your mouth, let your fuzzers run, and made as much money as you ever needed! it was perfect! but no, you just HAD to go and flood the team with your AI-hallucinated slop reports"
It's not. Nobody look at this.
@gadievron CISOs are going to read ‘181 working Firefox exploits’ and think remote access. But those were generated with sandboxing and other protections off not how anyone runs Firefox. More vulnerabilities ≠ more real world exploit chains. That distinction matters
@HackingLZ @mrd0x Damn I just woke up, I found out attacks are living of the land using legitimate windows binaries
@RoundtableSpace Red Teamer here, I can 100% confirm that when I hack I use nmap, I like to run apt update and apt upgrade, and call web vulnerabilities a Red Team, this will replace all the Yellow Team, Orange Team, Black Team, PlayStation Team, Xbox Team in CyberSecurity
Which of course you don't have.
What devilish hacking is required to get past this?
Press the "back" key a few times. Should take you back to your dashboard. Instead you get to *the* *other* *company's* *dashboard*.
I finally let Claude do my pentest this week. Full 5-day engagement, zero human input. Here's what the client got: 😏
https://t.co/1PPuxhs4V9
#bugbounty #pentesting #AI #cybersecurity #infosec #claudeai
Open Twitter hoping to see some new blog about some new technique or something when I just end up finding yet another red team agent that runs Hydra
It really annoys me that ClickFix has a name but especially when it's described as sophisticated or interesting. Oh wow you tricked someone into executing cmd /c, WE GOT AN APT OVER HERE!
@_RastaMouse Need a lab that's just 500 SMB shares, the flag is 8 folders deep, and if you try to automate it your credit card gets charged
$312,500 worth of stored/reflected XSS vulnerabilities in Meta’s Conversions API Gateway allowed Javascript code to run on any Facebook domain and millions of third-party websites. The flaw enabled zero-click Facebook account takeover and more:
https://t.co/7gWpR4LQ8x
Last Seen Users on Sotwe
Sienna
Seen from Turkey
oğuz ( PASİFİM 27 )
Seen from Turkey
🫦
The Best Porn World
Seen from Turkey
Ritika Verma 
Seen from India
ROLEX
Seen from Turkey
LilPuddingBowls🍨 ❤️🫧😇😍✨🤩
Seen from United States
bea ★卌
Seen from United Kingdom
Amatör Video Evreni
Seen from Turkey
Free Turkish Amateur Video's
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers