Learning Linux kernel exploitation - Part 1 - Laying the groundwork 0x434b.dev/dabbling-with-…

Let's find some DOM-based Vulnerabilities [ DOM XSS & Open Redirections ] Tips 1. Always Check ?returnurl=, ?next= and other redirection parameters before login. #bugbountytipes

DuplicateDump - Dumping LSASS With A Duplicated Handle From Custom LSA Plugin kitploit.com/2022/05/duplic…

New update to nanodump! You can now force WerFault.exe to dump LSASS for you. Thanks to Asaf Gilboa for the original research. github.com/helpsystems/na…

a🧵 ⚠️Orgs with mature security programs⚠️ Want a masterclass in scoping/running a bug bounty program? Read more from a program owner, (former) bounty platform employee, and top bug hunter (me😂) 🚨 Retweet, follow, & like for more sec content! 🚨 1/x

Hello everyone, in the link below you can find my report regarding the new Lockbit 3.0 Ransomware sample. I will try to gather all of the necessary information to help the defenders. I hope you liked it 🖖 github.com/whichbuffer/Lo…

Automating binary vulnerability discovery with Ghidra and Semgrep security.humanativaspa.it/automating-bin…

Ransomware Detection for Dummies - you'll see the same old commands used in 95% of the cases attack.mitre.org/techniques/T14… github.com/redcanaryco/at… cyborgsecurity.com/cyborg-labs/hu… picussecurity.com/resource/mitre… news.sophos.com/en-us/2021/05/…

Exploiting SQL Injection at Authorization token medium.com/@basudev_18233… #hackerone #BugBounty #bugbountytips #hackeronereport #writeups #Bugbountywriteupspublished

Get an in-depth analysis of recent #Windows #vulnerability, CVE-2022-30136> from cybersecurity expert and #exploit writer Ricardo Narvaja coresecurity.com/core-labs/arti…

As promised: Here's my story about 8 CVEs resulting in a plugin removal and more than $30,000 in bounties! I've chained 3 of them to go from unauthenticated to admin, aka how to exploit a blind SQL Injection via XSS. rcesecurity.com/2022/07/WordPr… #BugBounty #security

1/ Folks, today is July 22'nd. 22/7. Pi Approximation Day. We all learned in school that 22/7 is a good approximation for pi. But who came up with it? And how? It happened ~2300 years ago. In ancient Greece. Here's the story: 👇👇

90% of my Twitter DMs are asking me about how to start getting into Malware development. Well, I love answering them but it's easier to write a small thread about it so here we go. 1/12

Must Have Browser Extensions for Bug Bounty hacknopedia.com/2022/08/17/mus…

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more github.com/edoardottt/awe…

Bug bounty Roadmap:- lnkd.in/gDJ9VvR9

A lot of talk about bots on Twitter lately. Testing how many of my followers are bots. Only like and retweet if you are NOT a bot

I highly recommend this building your own OS series for learning reverse engineering. youtube.com/@nanobyte-dev/…

🛡️ Boost Your Pentesting Skills! Check out These Free Platforms 🔍 1. Avatao - avatao.com 2. Java Vulnerable Lab - github.com/CSPF-Founder/J… 3. microcorruption - microcorruption.com/login 4. Ringzero - ringzer0team.com/challenges 5. GameOver - sourceforge.net/projects/null-… 6.

Practical Bug Bounty: A free video course from the community, for the community ❤️ Source: tbm.c3c.io CC: Patrik Grobshäuser #infosecurity #BugBounty #Hacking #infosec #bugbountytips #Pentesting #redteam #cybersecurity #cybersecuritytips #CyberSecurityAwareness