Web Security
22 Threads
Here are 50 domains of cybersecurity : 1. π Network Security 2. π± Application Security 3. βοΈ Cloud Security 4. π± Mobile Security 5. π‘οΈ Cryptography 6. πΌ Data Loss Prevention (DLP)...
I've made over 100k on SSRF vulnerabilities. They aren't always as simple as pointing it at localhost or AWS Metadata service. Here are some tricks I've picked up over the past...
Vuln: 403 & 401 Bypasses Severity: High HTTP 401 and 403 are both status codes that indicate that a client's request to a server was not successful. 401 -- client provides no cr...
β¨Bug Bounty Pro Tip: β‘Escalate everything you find! #bugbounty #Infosec #hacking β’ Donβt report SSRF, Escalate to RCE. β’ Donβt report Self-XSS, Chain it with Clickjacking. β’ Donβ...
12 #bugbountytips you NEED to know about! 𧡠A #bugbountytip is a short trick that can help you find your next bug! Here are some quick wins you can start implementing today to be...
Platforms to practice hacking :) β Tryhackme β Hackthebox β Pentester Lab β tcm-security β Vulnhub β Offensive Security β Vulnmachines β Portswigger Web Security Academy β Hacker...
Let's talk about @RevokeCash and how you can use it as a tool to stay safer while navigating through web3. I'll explain what it does and how to use it step by step so you can bette...
Chrome is the most popular web browser. Itβs not always safe to use. Here are 7 Chrome settings you need to change immediately:
Business Logic Bug Worth $600 𧩠#bugbountytips π§΅ππ»
#Secret6 8 Awesome 2FA Bypass Techniques ποΈ #bugbountytips π§΅ππ» https://t.co/fdlisRs2gA https://t.co/bxiDoWaYog
7 Methods You Can Try to bypass CSRF Protection A π§΅
Using an exploit with Google ads, scammers are able to make the real and scam URL look exactly the same. Already ~100 ETH stolen π§΅π https://t.co/eSv20uKIVK
15 Security Standards You Must Know & Follow π§΅
I recently wrote a thread on my top used Bug Bounty Tools. You can find it here : https://t.co/ep4fRZuBhh After publishing the above thread, I got lots of requests to write on m...
New NFT discord scam going around, this time using QR codes. Pretty terrible scam, but this is how it works π§΅π
Attacking JWT for Fun and Profitπ¨βπ» Doing Penetration Testing or Bug Hunting? Follow this thread and ask yourself these questions while hunting for bugs in JWT. #bugbountytips...
Bypass Rate Limits in Web Applications and API's. β What is Rate Limit Rate limiting is a process to limiting the number of request an user can make to a web server in an span o...
β οΈ Analysis of how $150,000 was stolen today & exploring how NFT multiple projects were hacked today. Retweet to spread awareness π¨
There are a lot of languages, frameworks and libraries such as java, python, javascript which easily confuses a beginner as where to start? Having a structured approach can levera...
π Here are some beginner Cybersecurity and Information Security resources that are free! 𧡠(15+ included hands-on labs, YouTubers, etc.)
Web App #Penetration Testing for Beginners: 1. Testing for browser cache weaknesses // Assessing Authentication Schemes... https://t.co/XXpafUXJze via @YouTube #bugbountytips #bu...
Burp Suite is a tool for testing the web applications security. It supports the analysis of an application's attack surface, finds the security vulnerabilities, and exploits the fi...
