Pyhscript

@Pyhscript_nsm

Republic of Croatia

Joined November 2016

119 Following

38 Followers

51 Posts

Pyhscript_nsm retweeted

Bounty Security @BountySecurity

over 3 years ago

🎉New Website published🎉 🎁To celebrate the launch of the new website, we are giving away three annual Burp Bounty Pro licenses! 👉To participate you have to retweet and like. The winners will be announced on September 30. 👉https://t.co/DXxo2SKrY7

BountySecurity's tweet photo. 🎉New Website published🎉

🎁To celebrate the launch of the new website, we are giving away three annual Burp Bounty Pro licenses!

👉To participate you have to retweet and like. The winners will be announced on September 30.

👉https://t.co/DXxo2SKrY7 https://t.co/JcZYxsvcmD

77

990

760

35

0

Pyhscript @Pyhscript_nsm

almost 4 years ago

@maldr0id even if his claim was true it'd be irrelevant. he claims it's impossible that that domain was used for infection cause it was registered after whatsapp patched vuln in voip stack. But citizenlab says that domain was used for sms infection (one-click)

2

3

0

0

0

Pyhscript @Pyhscript_nsm

almost 4 years ago

@InsiderPhD @ctrl_Felix @LiveOverflow Not only that. But he goes on to say MVT is unreliable because people can send domain IOC to themselves and it will show as infected. I mean...yes?

0

0

0

0

0

Pyhscript @Pyhscript_nsm

almost 4 years ago

@VessOnSecurity @wdormann @GossiTheDog I reported it to copy shop, but sadly they didn't care

0

0

0

0

0

Who to follow

I'm on the internet because I'm an internet thug. hacking:guns:social_disobedience

@LuisEduardoDev

making life easier

Steve. If that really is your name.

Every once in a while I think about how many progress bars I've watched over the years.

Pyhscript @Pyhscript_nsm

almost 4 years ago

@VessOnSecurity @wdormann @GossiTheDog I got my USB drive infected with it few days ago from the copy shop. It moved all my files to folder "USB drive" and then made shortcut that looked like it's going to USB drive (with that network share icon). Ofc in reality it executed malicious command

1

1

0

0

0

Pyhscript @Pyhscript_nsm

almost 4 years ago

@messithelastdon @ptracesecurity @Securityblog No. It's if you find XSS vuln in web app. It's just another potential impact of XSS. Useful if for instance you find reflected xss on error page functionality and app uses HTTPOnly cookies + csrf tokens (and you can't exfil token other way).

0

1

0

0

0

Pyhscript @Pyhscript_nsm

about 4 years ago

@vxunderground or birthday paradox, in one password reset token scenario. basically whenever client rolls some weird custom login/register/reset scheme

0

0

0

0

0

Pyhscript @Pyhscript_nsm

about 4 years ago

@vxunderground Basic probability came in handy few times during web app pentests, mostly to determine whether some sort of bruteforce is viable (e.g OTP that changes every 60 seconds)

1

0

0

0

0

Pyhscript @Pyhscript_nsm

about 4 years ago

@ahmad_hayawi @Jaagaabaan Layer 1 DOS attack to be specific

0

0

0

0

0

Pyhscript @Pyhscript_nsm

over 5 years ago

@rstein357 @shakesomuch @temblor @ch_gruetze Well that's bit worrying given that march ones were 5.5 and 5.0 and damaged a lot of old buildings in Zagreb. Is it possible to have breakdown of probabilities by fault ? And what would be probability of another 5.5? Sorry for a lot of questions

1

0

0

0

0

Pyhscript @Pyhscript_nsm

over 5 years ago

@temblor 2/2 "another large, damaging shock nearer to Zagreb by a factor of three, but the probability is still low, at about a 1% chance over the next year. " Unless if you don't consider 5 magnitude earthquake damaging

1

1

0

0

0

Pyhscript @Pyhscript_nsm

over 5 years ago

@temblor "we find that the chance of another shock of magnitude-5.0 or greater over the next year is about 15%" is this probability exclusively for Petrinja fault? Otherwise it seems in contradiction with (1/2)

0

0

0

0

0

Pyhscript @Pyhscript_nsm

about 6 years ago

@intigriti Fun challenge, learned new technique :)

Pyhscript_nsm's tweet photo. @intigriti Fun challenge, learned new technique :) https://t.co/gzOhUbiYTe

0

1

0

0

0

Pyhscript @Pyhscript_nsm

over 8 years ago

@shadghost @xxByte @RedFlareSEC nice catch! just nitpicking here, since space is trimmed one could use 127.0.0.1|{echo,foo} to avoid it

0

0

0

0

0

Pyhscript @Pyhscript_nsm

over 8 years ago

@brcrwilliams @troyhunt @Cloudflare there is video about it by @tomscott https://t.co/Xs06U6BSUX

0

0

0

0

0

Pyhscript_nsm retweeted

Eat Sleep Pwn Repeat @EatSleepPwnRpt

over 8 years ago

#34c3ctf is over! Flag submission is closed - Good game everyone! Top 3 #34c3ctf: 1. @pastenctf 2. Tea Deliverers 3. @DragonSectorCTF Top 3 #junior34c3ctf: 1. Rudolfos Toddlers 2. @hackthissite 3. Made In MIM

EatSleepPwnRpt's tweet photo. #34c3ctf is over! Flag submission is closed - Good game everyone!

Top 3 #34c3ctf:
1. @pastenctf
2. Tea Deliverers
3. @DragonSectorCTF

Top 3 #junior34c3ctf:
1. Rudolfos Toddlers
2. @hackthissite
3. Made In MIM https://t.co/xNBXSFpDhm

3

49

14

1

0

Pyhscript @Pyhscript_nsm

over 8 years ago

@EatSleepPwnRpt This is great news! I remember one ctf (SHA ctf I believe) that also had junior version, they made it so one could solve all junior challenges and it'd count as one "senior" challenge. Do you plan the same thing?

0

2

0

0

0

Pyhscript_nsm retweeted

Eat Sleep Pwn Repeat @EatSleepPwnRpt

over 8 years ago

We want to proudly announce that this year's C3 CTF will have a less hardcore "Junior version" for beginners, people with little time to spare during the C3, and people who want to get into new challenge categories. https://t.co/DY5uflFIbT Tell your friends at C3!

3

156

101

0

0

Pyhscript @Pyhscript_nsm

over 8 years ago

@Rick_BarK @troyhunt real vigilantes wear balaclava

0

0

0

0

0

Last Seen Users on Sotwe

Trends for you

Most Popular Users