The source code of the HelloKitty ransomware has been leaked on the XSS forum by kapuchin0 (Gookee).

Tired of Hack the Box and Portswigger labs? Well, here are my top 5 FREE platforms that I guarantee you've never heard of! 👇 (Did I mention they were free???) #infosec #BugBounty #ctf

This post is for all beginners who are stuck after solving PortSwigger Academy. So i have just created a list (Hack The Box )which u can refer & follow after you are done with your basics from PortSwigger & PentesterLab . docs.google.com/spreadsheets/d…

I just published Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€ link.medium.com/NUgNiH4rCEb #bugbounty #infosec #hacking

Someone just sent me an XSS to collaborate on. It was an interesting case so I thought I'd tweet about it. They'd found an xss in auth.example.com, which was a subdomain that is only used to authenticate users. They were having trouble escalating the XSS because this

The new year is almost here, don’t forget to add the following to your password cracking/spraying lists: Spring2024 Spring2024! Summer2024 Summer2024! Winter2024 Winter2024! Fall2024 Fall2024! Password2024 Password2024! Companyname2024 Companyname2024!

Daily Notes : Day 79 File Upload Escalation: 1. Set filename to ../../../tmp/lol.png and try to achieve a path traversal 2. Set filename to sleep(10)-- -.jpg and you may be able to achieve a SQL injection 3. Set filename to <svg onload=alert(document.domain)> to achieve a XSS

Enhance your understanding of Cyber Security with Ansh Bhawnani, Application Security Engineer at ICE! 🌐🔒 🗓️ Date: 26 January '24 🕕 Time: 6 pm 👤 Speaker: Ansh Bhawnani 🔗 Register now: namespacecomm.in/techx

The Okta hack that keeps on giving! Cloudflare announced a new data breach today in it's continued battle against creds stolen during a previous Okta hack Let's dig in:

#NCIIPC is looking for expert pen-testers, security researchers and ethical hackers to secure nation's CIIs. Join NCIIPC scheme for Crowdsourcing of Pen Testing of CIIs.

Five activities every web hacker should do at least once: 1. Read the source code of an HTTP request parser 2. Write a small web application with registration, authentication, file upload... 3. Read an RFC 4. Participate in a Capture The Flag competition. 5. Fix a

Waiting for pentest job descriptions to add OSCP+ as a minimum requirement for analysts.. #oscp #informationsecurity

#RatanTata is the World's Biggest Donor. He has donated ₹829,734 crore. Built multiple free hospitals, schools & saved millions of lives. Today, on his death, the whole world is crying. Some unheard instances of Mr. Tata that will make you cry: 🧵

The same people concerned about their privacies are happily posting their artistic photos all over the internet. I mean the evolution is great and exciting but the right way to do it is not to train those public AI models with your personal stuff.

Read “Unauthenticated Kibana Dashboard Access — A Serious Security Risk You Can’t Ignore“ by Pratik Dabhi on Medium: infosecwriteups.com/unauthenticate… #bugbounty #infosec #hacking

Is bug bounty a realistic full-time career in 2025? 🤔 My friend's Ansh Bhawnani awesome video, 'Reality of Bug Bounty 2025' by Bitten Tech, dives deep into the challenges & opportunities! A must-watch for aspiring bug bounty hunters! Reality of Bug Bounty 2025