Skilo

Just got a reward for a critical vulnerability submitted on @yeswehack -- Information Disclosure (CWE-200). yeswehack.com/hunters/skilo Big thanks to @TheLaluka for highly valuable collaboration 🥰 #YesWeRHackers

Leave some for us 😭😭😭 (Or answer the Claude Advocate form I filled so I can join 🙄😏🫰(thx again @_mudpak 💌))

Hoy hoy ! On se retrouve toujours demain soir (Mardi 21h) pour un stream d'exploitation PHP / Laravel ! ⚠️ CEPENDANNNNNNT ⚠️ Petit article de recherche @OffenSkillCorp released ! 💣️ thinkloveshare.com/offenskill/enk…

POV : Bonta = Bug ❄️ Vs 🔥 Brakmar = Feature Stream : Dofus & Game Hacking Stories Ft : N0x, it4, et Klaoude ! 😻 RDV Mardi 20 Mai, 21h @ twitch.tv/thelaluka

Let’s not say we’ve reported this behavior to Kong back in 2023 and they replied that it was a « problem within burp » instead of a vuln in their tool 🤷‍♂️ I know few people that got mistreated by this Kong « security » team for this bug and others, cc @TheLaluka @askilow

🚀 Big Announcement! 🚀 After 8+ years of working on PayloadsAllTheThings, I’m excited to release it as an ebook on Leanpub! 📖✨ To celebrate, I’m gifting 5 free copies to random retweeters! 🔥 👉 Retweet for a chance to win Thank you all for your incredible support! 🙌 This cheatsheet has been a labor of love and countless hours of dedication. 👉 Grab your copy now: leanpub.com/payloadsallthe… The results will be announced on 25th December. Entries will close Tuesday 24th, December at 12:00 PM (GMT) 🕐 #CyberSecurity #Infosec #PayloadsAllTheThings #EbookRelease

@AzeTIIx Ahah, c’est effectivement l’impression que j’ai eu durant nos échanges 🥲

@askilow Gg ! Les devs avaient pas l’air très content 🤭

Hi there! 👋 I'm proud to share with you my first CVE: cve.org/CVERecord?id=C… It wasn't the hardest vuln to find, nor the most spectacular, but I'm still pretty proud of it 🙂 It made me want to dig even deeper into 0day research and, hopefully, have even more CVEs to share! 😄

@Chocapikk_ 😂

@askilow github.com/brianvoe/slim-… Épique

We're excited to announce one of our giveaways thanks to "@CaidoIO" 🎉 We will pick 5 winners to win a 1-year Caido Pro license! To enter: 1️⃣ Follow us @BugBountyDefcon and @CaidoIO 2️⃣ Like this post ❤️ 3️⃣ Retweet this post 🔁 You have time to participate until Friday (9/13)!

Release 2.0 of smbclient-ng is out! 🔥 🥳 Introducing multiple sessions, startup scripts, and lots of refactoring and bug fixes! If you like it, please leave a star ⭐ on GitHub➡️ github.com/p0dalirius/smb…

Hi friends ! 🧙 Une amie (cc @RoxanneVignon ) cherche son premier job en tant que Dev Frontend Junior (idéalemnt react / redux 🤔), très-très chouette à vivre au quotidien, basée sur Grenoble et OK pour du remote, vous auriez des pistes (voir une place) pour elle ? 🙏🥺 Also, une alternance est envisageable, mais vu la double-demande et pénurie en ce moment, je me fais pas trop d'idées.. 😅 Tout like et RT et passage de CV est apprécié ! 😉🌹 Liens Utiles : - linkedin.com/in/roxanne-vig… - elskared.fr - github.com/ElskaRed - CV drive.google.com/file/d/1f0M_Qh…

@Wlayzz @yeswehack 🔥🔥🔥

Thanks @yeswehack for the LHE invitation ! 🤩

@_nwodtuhs 👌🏻

pyWhisker can now do cross-domain shadow credentials 👁️🫦👁️ github.com/ShutdownRepo/p… pywhisker[.]py --action add \ -d domainA -u owned_user -p password \ --target user_in_domainB --target-domain domainB

i pushed a C reverse shell on github (˵ - ᴗ - ˵ ) ✧ it's a step by step guide for beginners (as i am) github.com/pwnwithlove/C_…

@neo_reve @Dealabs Supprime, on voit ton code fidélité … N’importe qui peut s’en servir 😅

🐀 Bien joué les rats, on a fait planter leur appli 💀

Using #objectwalker I just found a new Server Side Template Injection payload to access the os module from within a jinja2 template: I will add it in @pentest_swissky's PayloadAllTheThings More infos about objectwalker here: twitter.com/podalirius_/st…

If someone's looking for a ticket for #THCon, I have one to sell. Feel free to dm me ! RTs appreciated 🙏 @ToulouseHacking

Have you ever heard about ezPlatform CMS ? Here is an exploit for the CVE-2022-41876 which leads to sensitive data leak. 🥷 github.com/Skileau/CVE-20… Big thanks to @0xTahiTi for developing all the exploit with me 😄

In a few minutes, I'm going to give my first talk at @BlackHatEvents Europe 2022! We'll explore a way to find interesting RPC functions to coerce authentications in @Windows protocols.