SCANNING AT SCALE (masscan, nmap, axiom, recon.dev) youtu.be/7ogiwKaIvxw #CyberSecurity #bugbounty #infosec

I published an article about remote code execution in cdnjs that could allow tampering of 12.7% of all websites on the internet. blog.ryotak.me/post/cdnjs-rem…

I published an article about a potential remote code execution in PyPI (Python's Package Registry) that could allow an attacker to compromise the ecosystem of Python. blog.ryotak.me/post/pypi-pote…

0xCrashX Steve Campbell I totally forgot this existed. github.com/Greenwolf/ntlm…

GCP Penetration Testing Notes📝: Part 1: 0xd4y.com/2022/10/01/GCP… Part 2: 0xd4y.com/2022/10/24/GCP… #TheSecureEdge #Infosec #cloud #hacking #gcp #Google

Got a new exploit and need a big enough dataset of web servers to test it legally (while netting some bounties)? Inventory’s got you covered!

Want to do smart contract audits? You should learn Solidity first. There's no shortcut to that. However, today I'm sharing with you MY step-by-step guide on how I PERSONALLY studied it, hopefully to help you get started and save you some time 👇

I want to be a TOP smart contract auditor. Solidity is a MUST HAVE, but building a strong foundation in EVM is crucial. Starting this week, I'll be diving deep into the EVM. Today, I'm sharing my ORDERED STEP-BY-STEP study plan. Join me, and let's tackle it together! 👇

Earned More than $10000 in bounties, successfully hacked 11 company. want to learn more about 'Dependency Confusion' attack? Then follow this 👇 github.com/x1337loser/Dep… #infosec #BugBounty #bugbountytips #bugbountytip

DetectDee - Hunt down social media accounts by username, email or phone across social networks. github.com/piaolin/Detect… #cybersecurity #OSINT

1. Prompt Storm A Google Chrome extension that hand feeds you the best prompts to use with ChatGPT and Google's Bard. promptstorm.app

Start leveraging AI now, or get left behind. I turned my website, YouTube video, PDF, Notion page, and code into a chatbot like ChatGPT to talk with and get answers quicker. Here's how to save hours a day:

15 powerful AI tools to save hours of work:

How Secrets Leak in CI/CD Pipelines Secrets leak in CI/CD pipelines routinely. CI/CD workflows typically require developers to provide valid credentials for the 3rd party resources their pipeline interacts with. 👀trufflesecurity.com/blog/secrets-l… #DevOps #Kubernetes #CICD

🔥 Having some hard time with Initial Access during your gigs? Join the February☢️Modern Initial Access and Evasion Tactics☢️ training round and dive deep into lesser known arcanes of common file vectors! Class trusted by many experienced fellow RTerz! binary-offensive.com/initial-access…

😈 How to protect Evilginx using Cloudflare and HTML Obfuscation * Cloudflare's 'Under Attack Mode' * Geo-block connections outside of you/target * Use another server as a redirector * Use meta refresh and HTML obfuscation By Jack Button #redteam jackphilipbutton.com/post/how-to-pr…

#HITB2024BKK Secret Scanning in Open Source at Scale (in-depth) - Danish Tariq & Hassan Khan Yusufzai - conference.hitb.org/hitbsecconf202…

Slides for 3 cloud security talks from Hacker Summer Camp 1️⃣ Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access - By Nick Frichette docs.google.com/presentation/d… 2️⃣ Exploiting Common Vulnerabilities in AWS environments - By Seth Art

Khalani network compromised. Check out github.com/mickeymou3e/kh… for their private data. Refused bounty after fixing the issue. #Web3 #khalaninetwork #CryptoNews #BugBounty #katana #SmartContracts