osama_alaa

45 posts

osama_alaa

@osama_hroot

#eWPTX #CRTP #eCPPTv2 #eMAPT #eWPT

Katılım Nisan 2018

105 Takip Edilen791 Takipçiler

osama_alaa@osama_hroot·6 Kas

Weaponizing Trust: ClickOnce Deployment with AppDomainManager Injection malcrove.com/weaponizing-tr… #redteam #malcrove

English

138

osama_alaa@osama_hroot·22 Eyl

الحمد لله VMware fixed two vulnerabilities in vCenter server: CVE-2021-21992 >> XML parsing denial-of-service vulnerability CVE-2021-21993 >> SSRF vulnerability For more info vmware.com/security/advis…

Română

osama_alaa retweetledi

Kha1ifuzz@kha1ifuzz·9 Nis

Insecure Java Deserialization leading to RCE (CVE-2021-27335) in one of the common Banking Applications discovered by one of @malcrove team members: malcrove.com/kollectapps-in…

English

osama_alaa@osama_hroot·4 Mar

@AndreGironda Downloaded the appliance , got the jar file , then get the code from it.

English

Andre Gironda@AndreGironda·1 Mar

@osama_hroot Where is that source code from?

English

osama_alaa@osama_hroot·27 Şub

An unauthorized server-side request forgery (SSRF) vulnerabilities (#CVE-2021-21973) POC

English

260

osama_alaa@osama_hroot·4 Mar

@0xrudrapratap @intx0x80 It is overriding the WSGI python script which has WSGIScriptAlias in server configuration .

English

0xrudra@0xrudrapratap·4 Mar

@osama_hroot @intx0x80 is the log upload file more like a cron file or correct me if I'm wrong.

English

osama_alaa@osama_hroot·4 Mar

Unauthenticated RCE in VMware View Planner (#CVE-2021-21978) POC Advisory: vmware.com/security/advis…

English

170

398

osama_alaa@osama_hroot·4 Mar

@FlEx0Geek كلهم نفس ال parameter :D

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·24 Şub

@osama_hroot شوية بجز تعيشك ملك 😂😂

العربية

osama_alaa@osama_hroot·23 Şub

That what happens when my internet speed is slow :D

English

osama_alaa@osama_hroot·4 Mar

@marlborojamez @aulliakenz This is upload scanner extension , just let it run on background.

English

osama_alaa@osama_hroot·4 Mar

@KhantePrajwal upload scanner

English

Prajwal Khante@KhantePrajwal·1 Mar

@osama_hroot which extension are you using?

English

osama_alaa@osama_hroot·25 Şub

@steventseeley @Viss Does you manage to do that without any service restart?

English

ϻг_ϻε@steventseeley·25 Şub

@Viss Cache overwrite

English

ϻг_ϻε@steventseeley·25 Şub

Who needs SSH for CVE-2021-21972? :->

English

476

osama_alaa@osama_hroot·30 Oca

Cloudflare XSS bypass in input tag : Payload : onfocus=alert&#x00000000028;1&#x00000000029; autofocus> Don't rely on public payloads to bypass WAFs , as most of them won't work :D You have to craft your own payload . #xss #bypass #bugbountytip #BugBounty

English

146

415

osama_alaa@osama_hroot·12 Oca

Write-up of #hackyholidays CTF , Thanks @adamtlangley for the challenges. osama-alaa.medium.com/h1-ctf-grinch-… #bugbounty #bugbountytips #infosec #hackerone #ctf

English

osama_alaa@osama_hroot·25 Ara

Finally finished @Hacker0x01 ctf individually with a hint in challenge 11 , it wasn't a human challenge :D Thanks @adamtlangley for this wonderful ctf especially Evil Quiz and attack-box challenges #ctf