Rupam Bhattacharya

Introducing StarcSec - a unified platform to manage your application security needs! We're thrilled to announce that we'll be participating in the GISEC Global cyber security exhibition from 14-16 March 2023, Hall 4 / SP26 #StarcSec #Cybersecurity #GISECGlobal

I just completed recording the 3rd Video today + 1 Live session . A lot of awesome hackers and knowledge shared 🙌🏽 Will soon be posting the videos 😄 Thanks @harshbothra_ @vlakhani28 @ru94mb and @IamRenganathan for your time 🙌🏽 Live session : youtu.be/wxwwsneb8Is

Get ready for the live session with @ru94mb on the channel youtube.com/c/HackingSimpl… 😎 Post your questions here or on the chat 🙌

Topic : "Let's talk cybersecurity with Harsh" Hacker : @harshbothra_ Topic : "Playing with IDORs" Hacker : @IamRenganathan Topic : "Cybersecurity journey from 'Scanners' to 'Posture Management'" Hacker : @ru94mb

Thank you @AseemShrey for inviting me. I am looking forward to sharing my journey with your audience and learning from the conversation. 🚀

We are back again to in person meets in @nullDubai on 24-Sep-2023 starting at 4:00 PM. You can map the venue. Can’t wait to see everyone in person again after a looong break.

The Academy #listicle on Tools for scanning IPv6 networks now has detailed guides on each of the tool mentioned! Check out this #Thread in case you missed any of the #OpenSource tools we discussed kloudle.com/academy/tools-…

17 Search Engines every Security Professional Must Know 🧵

Interesting Read: github.com/assetnote/blin…

Microsoft Teams: 1 feature, 4 vulnerabilities We stumbled upon several vulnerabilities in Team's link preview feature, out of which MS only fixed one so far. positive.security/blog/ms-teams-…

While everyone was focused on #log4j, @exploitph showed us how to escalate privileges from a regular domain user to full domain access leveraging CVE-2021-42278 & CVE-2021-42287. I wrote a quick blog post with some hunting ideas. #ThreatHunting #BlueTeam @mvelazco/hunting-for-samaccountname-spoofing-cve-2021-42287-and-domain-controller-impersonation-f704513c8a45" target="_blank" rel="nofollow noopener">medium.com/@mvelazco/hunt…

@anantshri @notsosecure All the best @anantshri !!

A bittersweet moment for me as I close my @notsosecure id for one last time. Taking some time off from work and then will reposition myself in the new wild wild west world.

@makash Healthy competition is always good and organizations have safeguards against information leakage... if u just want to see what their customers see, it's already an accepted practice... and it's win win for both parties... PS. execution >> ideas

Does it make sense to sign up for what we consider to be our competition? To understand how their product works. Is that considered okay or that is a no no?

@anantshri @makash @w3bd3vil @nullcon @aseemjakhar @antriksh_s @amolnaik4 @goodbestguy @riyazwalikar @abh1sek @NeeluTripathy March end sounds great for a quick Goa meetup... @null0x00 or @nullcon the idea is to meet everyone... 🙂

@makash @w3bd3vil @nullcon @aseemjakhar @antriksh_s @amolnaik4 @goodbestguy @riyazwalikar @abh1sek @NeeluTripathy anytime in march works for me. I can matchup schedule as per others.

⭐New surprises +🚀 New Voyage = 🔥Mega Nullcon 👊Next Nullcon has to be Mega & the patience you folks have shown to come back to Nullcon Goa, deserves a better plan for that Mega #Conference ! Here is the Special Announcement⤵️ #NullconGoa2022 #NullconBerlin2022 #Infosec

Just watched "Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond" - must-read research by @intruder_io's Daniel Thatcher intruder.io/research/pract…

The first post of our #reeducate program has been published!! This was done by 0xzim from UiTM. Check out our pinned tweet if you want to learn more about the program. 🤘 An introduction to Server Side Request Forgery blog.rehack.xyz/2021/11/an-int…

Container security best practices: Comprehensive guide sysdig.com/blog/container…

Android security checklist: WebView Learn how to attack and protect WebView on Android blog.oversecured.com/Android-securi…

After several months of research and development, I’m happy to announce the release of the new FullHunt platform. A new free public platform to discover all your Internet-connected assets in seconds. 🚀🚀🥁🥁✨✨ fullhunt.io/blog/2021/09/2…