Good past few days at synack, managed to find another SQL injection and a file inclusion on some IIS targets. Been loving bitquark's shortscan tool combined with FFUF to find deep/hidden assets. #bugbounty github.com/bitquark/short…

When you find 1 SQL injection, always assume there are more. Great end to June and start to July so far! #bugbounty

The dangers of kernel-level access from these saas security vendors have never been clearer than today. It's not about moving laterally to competitor product with the same access. It's reevaluating these solutions wholistically and moving towards limiting kernel access.

brain rot

1 Bug, $50K+ in bounties: how Zendesk left a backdoor in hundreds of companies #bugbountytips gist.github.com/hackermondev/6…

Took a bit of a break but started back up last week. One neat tip for SQL Injections: If you find that you can enumerate database and table names but not column names in an injection, there is likely SELECT based column permission restrictions on the current DB user. These are

Have had an unhealthy, borderline autistic obsession with looking for SQL injections lately. November being another case in point with nearly $30k worth of them across a few targets. Something about them just call to me. Wish I had some sick tip to share for them but there was

Do people actually think triage teams have the bandwidth to personally reply to each report with the amount of garbage that hits their inbox every day? Of course they use templates like lol

Wait… the real cheatsheet was just the documentation all along?

Weird SQLi on an old ASP target — Here's how I got in 👇 1) Stumbled across a dusty looking ASP app & a classic login form. Nothing fancy, just a POST to /login.asp with username and password. But the backend was doing something weird with sp_executesql. 2) Initial payloads

Entrepreneurship is just hacking capitalism.

Exciting announcement - our (cc Joseph Thacker) plugin Shift was acquired by Caido! Aaand they've made it free. ^_^ thanks Caido Now, natural language HTTP modification, AI-powered Replay tab renaming, and much more are available to all. Check the vid below for features.

You’re given Windows Vista, no job, no money. You have 30 minutes to make $1 online. What’s your plan?

Everyone got OCD when this thing coming up in front of your car

Add handler.ashx to your IIS wordlists, if you ever see it served on an IIS target always test it for path traversal / LFI. These pages at first glance look like nothing (because all code execution happens server side) but I've found multiple of these endpoints this year alone