HHHHarshil

New blog post with @infosec_au: We found a vulnerability in Subaru where an attacker, with just a license plate, could retrieve the full location history, unlock, and start vehicles remotely. The issue was reported and patched. Full post here: samcurry.net/hacking-subaru

@Gonski47 Classic Gonski47 move

🤷‍♂️😂

New writeup from @_specters_ and I: we're finally allowed to disclose a vulnerability reported to Kia which would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate. Full disclosure: samcurry.net/hacking-kia

What you think, you become. What you feel, you attract. What you imagine, you create.

@d415k Congrats 🔥

I have successfully passed the HTB Certified Web Exploitation Expert (HTB CWEE)! I am so happy to hear that I am the first person to pass the exam.

My template for identifying CVE-2023-5830 is now available within @pdnuclei's community template repository (github.com/projectdiscove…)! Update your nuclei templates and read more about the vuln via the pinned post on my profile.

@Gonski47 @pdnuclei NUCLEI UPDATE LOADED 😮‍💨

This field is too vast to know it all, let alone remember it all the time. So the question becomes what "baseline" knowledge is, and how deep it goes(e.g. Nmap? Probably baseline. Unconstrained delegation? Probably not.) Portfolios/proven work and practical certs > trivia IMO

Wrote a blog on CVE-2023-5830 which is a critical (CVSS 9.8) security vulnerability in ColumbiaSoft's Document Locator. Shoutout to @micahvandeusen for the help on this! Link to Nuclei template provided in the blog. blog.gonskicyber.com/cve-2023-5830-…

@s1zzzz > Discord Mod

Help Desk > Pentester > Red Team Operator

CVEs!!! 🤩 CVE-2024-1708 and CVE-2024-1709 assigned for the #ScreenConnect vulnerabilities. .... and ah, the words 'affected from version 0' are pretty brutal 😅😅

With the release of the PoC's by @watchtowrcyber and @HuntressLabs, I have created a nuclei template to help identify any instances of ScreenConnect that may be vulnerable to the authentication bypass. thanks @s1zzzz for the idea 🤠 gist.githubusercontent.com/hhhharshil/be1… #ScreenConnect

A more refined query to find unpatched ScreenConnect instances would look like the following: Server: ScreenConnect -"ScreenConnect/23.9.8.8811" Direct link: shodan.io/search?query=S… #ScreenConnect

@Rhynorater @ctbbpodcast 👀

I'm cooking up a pretty sick episode of @ctbbpodcast outlining 15+ gadgets that are useful in web vuln chains. It's pretty awesome to see all of this written out - there are so many attack vectors out there and ways that developers can make mistakes. I love this industry.

@0xr0BIT @zeropointsecltd @_RastaMouse @xct_de @k0zmer @vulnlab_eu @Pzz02 Congrats!

Did a thing. Me iz baby operator nao :3. GG @zeropointsecltd @_RastaMouse Enjoyed the experience :). Except for Flag7. That one will haunt me fr. Shoutout to the usual suspects: @xct_de @k0zmer @vulnlab_eu @Pzz02

Entra ID Protection (previously Identity Protection) could have stopped many incidents I’ve worked before they even started. But there are gotchas and misconceptions that can catch you out. Check out my five of these, and share any others you’ve got! campbell.scot/entra-id-prote…

Discovered and exploited an arbitrary file delete vulnerability that lead to SYSTEM level privileges. Thanks to the goat @filip_dragovic.

@Gonski47 VENVS

Wrote a little casual blog on basic tool management for pentesting - check it out and let me know what you think! blog.gonskicyber.com/guide-to-tool-…

@BadAt_Computers Goated

Got my first big submitted and accepted from the data.

@bxmbn Great read! Love the use of wayback machine to hunt for endpoints.

Wanna know How I prevented a Mass Data Breach? Go Read: @bxmbn/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d" target="_blank" rel="nofollow noopener">medium.com/@bxmbn/how-i-p… Wanna know How a Bank offer led to PII Leak? Go Read: @bxmbn/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8" target="_blank" rel="nofollow noopener">medium.com/@bxmbn/i-recei… More writeups coming soon 🖤