New Write-up on InfoSec Write-ups publication : "PII Leakage via IDOR + Weak PasswordReset = Full Account Takeover" #bugbounty#bugbountywriteup#bugbountytips https://t.co/5PUdSJ36xk
I recently published a new blog on pentesting and securing Kubernetes environments. The article provides a detailed checklist with strategies and actionable steps to improve your K8 security framework.
Read the full article here: https://t.co/0bxwcdNFhq
#Kubernetes#Pentesting
Checkout @sickuritywizard latest blog on how Java's ProcessBuilder and Runtime classes can unwittingly open the door to Command Injection Vulnerabilities.
https://t.co/NxW9BRBaod
#bugbountytips#bugbounty
The iOS Reloader is a weaponizing tool designed for jailbroken iOS devices. It facilitates the installation of a collection of essential tools on iOS devices for penetration testing purposes.
https://t.co/qXR8A3EJPG
#HR51KDB#bugbountytip#bugbountytips#ios#vapt
My colleagues @seanyeoh and @devec0 found some phenomenal vulnerabilities in Cloudflare Pages. I highly recommend you read about their adventures in pwning CI systems. There's a lot to learn from their research. https://t.co/kdV6SXm3YF
@streaak's KeyHacks is great, but most keys aren't sensitive and aren't in there so I present NotKeyHacks, the list of tokens that look sensitive but aren't. The idea is to have a place we can CTRL-F instead of wasting time searching for the right docs https://t.co/ODtOIl4SLn
Hey guys, following the last @BugBountyHunt3r event, I have the opportunity to provide an invitation to a person of my choice, if you're interested, just leave a retweet and I will randomly pick someone on Tuesday :) #BugBounty
To Find Compromised User Credentials 👨💻
1. Navigate to https://t.co/pVkZqs5lTF
2. Put the uname/email in the search box.
3. Copy the hash of the password.
4. Past in https://t.co/DQntEgoiT7 OR
https://t.co/SDAkg6b8lK
#HR51KDB#bugbountytip#infosec#databreach#bugbountytips
@JAINUNIVERSITY is asking students to pay 1500 exam fess for online exams too, it won't even cost a single penny if they have purchased the domain. We are ready to pay but I just want to request that can't they donate 50% of the exam fees to fight corona virus?@ChenrajRoychand