infosecwriteups.com/a-story-about-… #bugbounty #bugbountytip

I asked, “What’s the best chrome extension for startups?” I received 100+ replies. Here are 10 chrome extensions you must install:

Another one thread for #Osint.In this thread you will learn 16 more services for Recon & #OSINT to gather information about the target Retweet this tweet and let others to know about this. Author & Big thanks to Cyber Detective💙💛

RCE Cisco Prime 3.9.1 chaining vulnerabilities me and Advanced Persistent Dread discovered. CVE-2022-20656 CVE-2022-20657 Writeup here: f20.be/cves/cisco #infosec #RCE

You're a better hacker if you know how to build the thing you're trying to hack. Create labs, install stuff, configure it, breake it from the inside. Then apply that knowledge when attacking from the outside. You'll see clear flaws once you really know how it works.

20 of the smartest things that have ever been said: 🧵

Working on the DARPA FETT bug bounty with Synack Red Team for a few months in 2020 was an incredible experience for me. I really appreciate @Synack, DARPA, and README_ letting me share about it all. readme.security/how-i-hacked-m…

Life of a Red Teamer. Client: "Is it you? Did you guys run calculator?"

🆕📝New blog post: "Zero-Days" Without Incident - Compromising Angular via Expired npm Publisher Email Domains: thehackerblog.com/zero-days-with… (📈 5+ Million weekly npm package installs affected)

Blogged about my recent ATO on Synack Red Team. Special thanks to Lauritz for the amazing blog on Flickr ATO. #bugbountytips #BugBounty infosecwriteups.com/hacking-aws-co…

New Write-up on InfoSec Write-ups publication : "Hacking AWS Cognito Misconfiguration to Zero Click Account Takeover" #bugbounty #bugbountywriteup #bugbountytips ift.tt/roHhUgL

🔥 Microsoft SharePoint RCE, CVE-2022-22005 detailed analysis from our researcher @hnd3884 👉hnd3884.github.io/posts/cve-2022…

Too good

After changing my profile to read "Web3 Junkie" and "Top 200 ENS Holder", and tweeting routinely about web3, NFT and crypto, I have become a target of NFT phishing/scam attacks 😡 Anatomy of a scam I was sent (read on) 👇👇👇

New Write-up on InfoSec Write-ups publication : "SVG SSRFs and saga of bypasses" #bugbounty #bugbountywriteup #bugbountytips ift.tt/eruZ1NJ

Blogged about a fun SSRF I found last month on Synack Red Team #bugbounty #bugbountytips infosecwriteups.com/svg-ssrfs-and-…

write-up of Atlassian Bitbucket HazelCast RCE CVE-2022-26133 github.com/snowyyowl/writ…

3rd edition of #IWWeekly has got some interesting articles by some of our amazing writers and bug bounty hunters like Preetham Bomma , Proviesec, Héctor Martos to name a few. To get the #newlsletter every week, Subscribe here weekly.infosecwriteups.com #hacking #bugbounty #cybersecurity

johnjhacking this is still my fav

a new write-up on how to pentest NextJs framework apps Enjoy #security_tips_with_daoud deepstrike.io/blog/nextjs-se…