varshitmodi

@r_hul_parmar Agreed @r_hul_parmar! Automation is not automating stuff, especially with AI need to be very cautious.

Honest question. What automation actually gave you time back? Not made you faster. Actually freed up hours you didn't fill with more work. Because I keep building these things and I'm still busy.

I finally let Claude do my pentest this week. Full 5-day engagement, zero human input. Here's what the client got: 😏 clawd.it/posts/10-repla… #bugbounty #pentesting #AI #cybersecurity #infosec #claudeai

Burp AI Agent is now public MCP-powered AI agent (and server) living inside Burp. Instead of a chat next to it, extends itself: tools, actions, live traffic and findings. AIO to reduce context switching while testing Repo: github.com/six2dez/burp-a… Docs: burp-ai-agent.six2dez.com

Had an incredible time meeting @Arl_rose and amazing @Hacker0x01 team at Security@ and Ambassador World Cup at Sheraton Mall of the Emirates, Dubai. Also met some amazing hackers & community members from across the globe including @Akshanshjaiswl, @aadityaprasad14 & @varshitmodi

Been quiet working on something personal for a while, born from that frustration jumping from labs to real hacking chaos... Thrilled to finally introduce Barracks & our WarZone concept! ⚔️ barracks.army/blog/why-we-bu… 🧵 #AntiCTF #BugBounty #CyberSecurity

My friend made a very interesting disclosure while searching for vulnerabilities. I personally couldn't believe it when I saw that he was able to make Self-XSS in a Ruby on rails application to RCE. Deserves time to read 👇 @handball10/from-self-xss-to-rce-in-ruby-on-rails-1f9f2d33c1cb" target="_blank" rel="nofollow noopener">medium.com/@handball10/fr…

This was a great find and had a super interesting root cause: hackerone.com/reports/3000510

@delhivery @help_delhivery this is beyond frustrating. My shipment, which was time - sensitive, has been delayed twice without any explanation. I have a critical deadline to meet, and your incompetence has completely derailed everything.

I sent courier to my friend using @delhivery and experienced horrible experience. The courier guy calls my friend and says " he could'nt come due to wrong address so if you want the courier then come to office and pick it up". A thread

If you use ChatGpt for your small business, then I would recommend this setting to avoid any of your data being used as part of its training model. Settings > Data controls > Improved the model for everyone - Turn off

Story time @JioCare @reliancejio @RIL_Updates How you failed to provide your services for existing customers. It all started with the optical fiber cable that connects my home router to a nearby jump box. Date : July 14,2024 :

🚀 Big News Alert!!! N00B_4rMY is now VULNCON! Committed to cybersecurity, we fortify digital landscapes. Based in India, we fuel cyber knowledge, encourage exploration, and foster cooperation. Get ready for exhilarating on-site Security Conferences and Capture The Flag. (1/n)

🚀 Just coded a powerful CVE (Common Vulnerabilities and Exposures) identification script! With ThreatTracer, you can find CVEs for a software component and version. It even checks for public exploits on GitHub and exploitDB. Powered by Python! linkedin.com/posts/anmolksa…

Check for your Google Maps API keys here! URL: googlekey.blindf.com #bugbounty #CyberSecurity

A tale about a Red Team exercise and the Forcepoint Endpoint One DLP client - vsociety reddit.com/r/netsec/comme…

The security research team at @assetnote discovered a pre-authentication RCE vulnerability through a cryptographic flaw in Citrix ShareFile. It's been assigned CVE-2023-24489. You can read the technical blog post here: blog.assetnote.io/2023/07/04/cit…

Just published a new blog post on my latest #BugBounty hunting journey! Had an interesting DOM-based #XSS and CSSi. Sometimes, the hunt doesn't go as planned, but there's always something to learn! Check out my write-up for the full disclosure. kuldeep.io/posts/fulldisc…

From internet bxmbn.medium.com/how-i-test-for…

📖 Security Interview Questions Security interview questions with possible explanations for roles in: * AppSec * Pentesting * Cloud Security * DevSecOps * Network Security and more By @jassics github.com/jassics/securi…