Finally earned it!!!
Should've done that a lot earlier, but all the effort was worth it.
I'm officially OSCP Certified now! Honestly, it was one hell of a ride that I can’t forget.
Thanks
@offsectraining
https://t.co/dDbCqru237
Did you know you can perform SQL injection tests on mobile applications using Ghauri or SQLmap? 🥳🥳🥰🥰 I managed to test potentially critical endpoints by combining both applications.
This way, you won't have to connect to the Android application via proxy or deal with SSL Pinning issues; you can directly subject the application to SQL injection tests.
I'll be sharing a great article and my tools about this soon, so stay tuned! 🌹🥳🥳
#bugbountytip #bugbountytips #infosec #recon #Android
@PTCLOfficial
I live outside Pakistan but kept my PTCL internet active at home. My 15 Mbps package was downgraded to 6 Mbps without consent.
Thread below.
PTCL’s own website lists:
10 Mbps = Rs 2,999 (incl. tax)
PTCL can change packages instantly without consent but refuses to fix them unless I visit an office or call from Pakistan. No international helpline, repeated price hikes, zero transparency.
@PTCLofficial@PTAofficialpk
I kept paying Rs 2,720 for 6 Mbps.
Later, PTCL upgraded me to 8 Mbps via a single accidental WhatsApp click with no confirmation.
August bill (8 Mbps): Rs 3,180
December 2025 bill (8 Mbps): Rs 3,620
Thanks to everyone who joined my DEFCON33 talk!🎉
For those of you who missed it and are interested in seeing how we can extract cleartext credentials and bypass MFA directly from the official Microsoft login page, I just uploaded the recording to YouTube:
https://t.co/MoPQiKgesd
Active Directory computers should be reviewed about once a year. Old operating systems can hold back security progress like keeping SMBv1 and NTLMv1 active. Inactive computers should be discovered and disabled when no longer in use (and eventually removed).
The OperatingSystem & PasswordLastSet attributes are self-explanatory, though we can use the LastLogonDate which represents the last reboot of the computer. The computer password should change every ~30 days by default. We can correlate the PasswordLastSet & LastLogonDate attribute values to determine if a computer is active or not. A blank LastLogonDate value means the computer object is just that and not associated with an actual system.
PowerShell code:
get-adcomputer -filter * -Prop * | sort OperatingSystem | select name,OperatingSystem,LastLogonDate,PasswordLastSet
#ActiveDirectorySecurityTip
جموں کشمیر کے انقلابی شاعر احمد فرہاد کے کیس نے مسلہ جموں کشمیر کو ایک نئی ڈائمینشن دے دی۔جج صاحب کو کہنا چایے تھا کہ یہ چیف سیکریٹری ،لینٹ افسران وہاں سے فورا واپس بلاؤ پاکستان کی فرنچائز سیاسی پارٹیوں پر جموں کشمیر میں با بندی لگاو، افواج واپس بلاو۔
#Free_Jammu_Kashmir
The government of Pakistan told Islamabad High Court that "Azad Kashmir" is a "foreign territory."
Hamid Mir: Azad Kashmir PM said I did not call the Rangers, then who sent the Rangers to Azad Kashmir.?
#ReleaseAhmadFarhad
پوری دنیا یہ مناظر دیکھ رہی ہے کہ پاکستانی فوج نے اپنے زیرانتظام کشمیر میں شہریوں کو شہید کردیا ہے اور یہ وہی کشمیر ہے جس کے وسائل پر پاکستانی فوج 74 سال سے قابض ہے اور انکے نام پر الگ سے اپنی پاکستانی عوام کو جذباتی بلیک میل کرکے ہر سال کھربوں روپے کھاتی ہے
#RightSMovementAJK
پنجاب ایک لینڈ لاک وسائل سے خالی زمین ہے جس کی معیشت کا زیادہ حصہ زراعت اور انڈسٹری پر قائم ہے۔
زراعت کےلئے پانی اور انڈسٹری کےلئے بجلی و گیس پختونخوا،کشمیر اور بلوچستان سے لوٹ کر مہیا کئے جاتے ہیں اگر باقی صوبوں کی لوٹ مار بند کر دیا تو یونیورسٹی چھوڑ گھر بھی آباد نہیں رکھ سکوگے
It was so hard for me to record this i've mustered up the courage to actually speak up about it after an year. Never in my life thought i would be begging for justice for my own brother like this. Life is truly unfair.
#arrestSyedBaqir#JusticeforSulaimanBabar
@faizanaskss Those are the same people who, upon going to Saudi Arabia, see the Arabic word "الْحَمَّام" written outside a toilet believe it's a Quranic verse, and start kissing it.