spidersec

HTTP Request Smuggling in one Screenshot. 🙂

If you’re around for Black Hat Asia Singapore ( April 1-4 ), let’s catch up!

⚙️ A lesser known tool, Osmedeus is the closest to Nuclei, that comes with an amazing web UI. You can use custom YAML workflows and vulnerability signatures just like Nuclei. 🔗 github.com/j3ssie/Osmedeus #bugbounty #bugbountytips #infosec #cybersecurity #Pentesting

Nice one!

github.com/jmdx/TLS-poiso… This is fucking bananas and I can't believe I missed it.

hashcat -w 4

Exploiting Redis Through SSRF Attack infosecwriteups.com/exploiting-red…

@payloadartist Its always about skills.

In the industry: Certifications are usually overrated. Skills are hugely underrated. What do you prioritise when hiring hackers to secure your product? #infosec #cybersecurity #infosecjobs #bugbounty

Just created a working POC for CVE-2021-40444 with folks @EG_CERT

Our Pre-Auth RCE exploit for Atlassian Confluence (CVE-2021–26084) was leaked after reporting it to @VMware. They have refused to admit the leak and ignored our emails. tradahacking.vn/atlassian-conf…

@Helpmelearnhack @Devil79830787 North bro.

@Devil79830787 @SpiderSec The picture looks like he is.

Hard work, new car 🙂🧘

@ADITYASHENDE17 Thanks man

@SpiderSec Congratulations bhai

@satish28888 @satish28888 I personally use these nuclei templets and tools for my day-to-day work, they give good results. github.com/xm1k3/cent gist.github.com/ihebski/c166a9… gist.githubusercontent.com/0x240x23elu/1c… github.com/SigmaHQ/sigma/… github.com/ARPSyndicate/k… github.com/six2dez/reconf…

I am trying out Nuclei for some testing . Eventually would love to integrate it to my every day work. Does anyone have any references for templates for web applications testing. @SpiderSec

Yet another Account Takeover technique. Seperator: email=victim@mail.com,hacker@mail.com email=victim@mail.com%20hacker@mail.com email=victim@mail.com|hacker@mail.com Array: {"email":["victim@mail.com","hacker@mail.com"]} Follow for more #infosec updates and #bugbountytips

@DenFox93 No, 200 is the server response status

@SpiderSec i need to add also "-> 200" to the headers?

Rate Limiting Bypass : (429 Too many Requests) Append the headers to a request where the server is responding with 429 Client-Ip: IP -> 200 X-Client-Ip: IP -> 200 X-Forwarded-For: IP -> 200 X-Forwarded-For: 127.0.0.1, IP -> 200 IP = Random IP Address that you want to spoof 🙂

@hummus_ful Yes you are correct, its not a valid test case for layer 4

@SpiderSec I guess that's true for only application layer (L7) rate limits, not network (L4) layer, or am I missing something

If ip based rate Limiting is implemented, you can block a legitimate user from accessing the website Client-Ip: Victim-Ip-Address -> 500 request -> Blocked

This is mostly effective on : "Ip Based Rate Limiting"

@0x01titsec Thanks mate.