Dave Vieira-Kurz @secalert - Twitter Profile

Pinned Tweet

about 7 years ago

In my web security training I often get asked for multi context payloads. This is the one I've created and learned to love in the past 10 years. Try yourself with @owasp_juiceshop by @bkimminich #bugbounty #hacking #juiceshop #owasp #hackerone #Security #WordPress #number23

secalert's tweet photo. In my web security training I often get asked for multi context payloads. This is the one I've created and learned to love in the past 10 years. Try yourself with @owasp_juiceshop by @bkimminich #bugbounty #hacking #juiceshop #owasp #hackerone #Security #WordPress #number23 https://t.co/SSxmSl9qi9

6

239

90

52

0

Dave Vieira-Kurz @secalert

7 months ago

@intigriti My first critical zero-days, publicly disclosed responsibly, date back to 2006: an RFI in a leading payment/billing firm and an RCE in the top domain & server management portal of the time.

0

2

0

546

Dave Vieira-Kurz @secalert

about 3 years ago

How often do you use ChatGPT and alike weekly? #ChatGPT #OpenAI

1

0

2K

Dave Vieira-Kurz @secalert

over 3 years ago

@MameHaze exactly :)

0

1

0

48

Who to follow

Nicolas Grégoire

@Agarri_FR

Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks

Soroush Dalili

@irsdl

Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐

Th3g3nt3lman

@Th3G3nt3lman

Risin' up out of the flames like a phoenix, Strainin' to carry the weight of my brain like a genius..

secalert retweeted

LiveOverflow 🔴

@LiveOverflow

over 3 years ago

During a recent code review I noticed something in the VSCode Language Server JSONRPC implementation that made my brain tingle. Why not investigate this on stream? Maybe we find nothing, maybe we find something useful. https://t.co/X3ezcY4Uq3

LiveOverflow's tweet photo. During a recent code review I noticed something in the VSCode Language Server JSONRPC implementation that made my brain tingle.
Why not investigate this on stream? Maybe we find nothing, maybe we find something useful.

https://t.co/X3ezcY4Uq3 https://t.co/zgo71RjBIZ

3

80

10

8

16K

secalert retweeted

Johnny Fishcake @johnnyspandex

over 3 years ago

DroppedConnection - a fake VPN server that captures credentials and executes code via the Cisco AnyConnect client. https://t.co/X8IlRj8BIt

7

436

178

101

46K

Dave Vieira-Kurz @secalert

over 3 years ago

@harshbothra_ 2007

0

1

0

457

Dave Vieira-Kurz @secalert

over 3 years ago

@CristiVlad25 %27%20or%202005%21%3D2006%2B--%2B

0

2

0

1

1K

Dave Vieira-Kurz @secalert

over 3 years ago

@coder_rc Well put :D

0

215

Dave Vieira-Kurz @secalert

over 3 years ago

@hakluke take pictures of dangerous wild animals with 90mm. and only 10 ft away.

1

2

0

356

Dave Vieira-Kurz @secalert

over 3 years ago

@Agarri_FR Yeah. Imagine one types in the URI, has a typo and identifies "you have an error in your syntax" error-based sql injection :D

0

1

0

269

Dave Vieira-Kurz @secalert

over 3 years ago

@alosdev I am proud of @alosdev to be part of those awesome individuals.

0

127

Dave Vieira-Kurz @secalert

over 3 years ago

@akamai_research 1. Trust your instincts 2. Keep focused 3. Be patient 4. Read a lot 5. Don't wait for the next rainy weekend, start now!

0

1

0

315

Dave Vieira-Kurz @secalert

over 3 years ago

@taviso Wait a second. Let me start numega SoftICE on my Windows 98 machine. 😂

0

8

0

1K

Dave Vieira-Kurz @secalert

over 3 years ago

@hexpwn NSA is listening 📶

1

0

216

Dave Vieira-Kurz @secalert

over 3 years ago

@HackenProof RCE using multibyte character to bypass their protection.

0

4

0

363

secalert retweeted

Ollie Whitehouse @ollieatnowhere

over 3 years ago

A prototype @Burp_Suite extension for Enterprise/Pro using the new Montoya API. Leverages the Google Safe Browsing API to check that any URLs in the enumerated site map aren't known to be malicious. Help detect those watering holes! Code 👇 https://t.co/TO02ZJ1uAL [1/2]

ollieatnowhere's tweet photo. A prototype @Burp_Suite extension for Enterprise/Pro using the new Montoya API. Leverages the Google Safe Browsing API to check that any URLs in the enumerated site map aren't known to be malicious.

Help detect those watering holes!

Code 👇
https://t.co/TO02ZJ1uAL

[1/2] https://t.co/Z0dvOzi01B

3

40

14

17

10K

Dave Vieira-Kurz @secalert

over 3 years ago

@novasecio my brain and instincts

2

3

0

458

Dave Vieira-Kurz @secalert

over 3 years ago

@kyREcon So many wonderful memories with my beloved combo in the early 2000s: W32Dasm (+Bratpatch), numega SoftICE, hiew, PEiD, LordPE. #reverseengineering #warez #reversing

1

4

0

365

Dave Vieira-Kurz @secalert

over 3 years ago

@SEKTOR7net de_dust2 5v5

0

1

0

163

secalert retweeted

Tim Blazytko

@mr_phrazer

over 3 years ago

New blog post and updated #binaryninja plugin: "Statistical Analysis to Detect Uncommon Code" We use statistics to identify obfuscation in an #Anticheat, a mobile DRM, a #Windows kernel module & malware. Link: https://t.co/AxDgMwgxmT Code: https://t.co/wWPTnvSflh

mr_phrazer's tweet photo. New blog post and updated #binaryninja plugin: "Statistical Analysis to Detect Uncommon Code" We use statistics to identify obfuscation in an #Anticheat, a mobile DRM, a #Windows kernel module & malware.

Link: https://t.co/AxDgMwgxmT

Code: https://t.co/wWPTnvSflh https://t.co/WBR8dOdleO

2

258

93

70

33K

Dave Vieira-Kurz

@secalert

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users