One spot claimed, two spots are waiting for two curious minds.

Only one spot left! Go get the last coupon! It goes without saying that if you are already a pentester, don't even bother with challenge 🙃

#Pentesting guys out there, I have a GET param that gets injected into a HTTP call. I have path traversal and can only control the path of the backend API, not the hostname. I have direct access to the API, so fuzzing the API is irrelevant. Any exploitation ideas? RT for reach

I think I just found a Cloudflare #XSS bypass, and customer trusted the WAF. The app was using jquery, so I leveraged it to get and run my own script. And the WAF saw nothing.

I invest days prepping #redteam pretexts and scenarios, only to find that the customer's email policy blocks new domains🤦‍♂️ Melvin langvik Dominic Chell 👻 what's your strategy for maintaining a good domain reputation to use for upcoming engagements? Or just switch to social media?

I never wanted having an Instagram account, and when I did, I will NEVER want to create one..

Found an accessible SMTP server without authentication during an engagement. What do you think I did? 🤔

We would like to express our condolences to Blue Teamers. Microsoft has announced Microsoft Excel will now support Python. More information: techcommunity.microsoft.com/t5/microsoft-3…

In our latest post, Matt Johnson details how we were able to publish a malicious VSCode extension to the marketplace and leverage it for initial access during a red team mdsec.co.uk/2023/08/levera… vimeo.com/853281700?shar…

I always had a background voice that some hacker will deface my apps when I was a developer. It was my main motivation to learn web hacking. Today, I am sharing how it's done so you secure yours. #webdevelopment #ethicalhacking youtu.be/FvpZkEHpF8g

DevTunnels, blue are going to begin searching for DevTunnels.ms. Get ready ahead of time and use domains like: global.rel.tunnels.api.visualstudio\.com tunnels-prod-rel-tm.trafficmanager\.net *.app\.github.dev syonsecurity.com/post/devtunnel…

extremely saddened by the tragic and deadly 6.9 magnitude earthquake that hit home in Morocco 🇲🇦 the death toll has already surpassed 2,000 (at time of writing) with more than 1400 injured. my sincere condolences and prayers to all the people and families victims of this

🕵️‍♂️Love a good CTF with a twist?👀Dive into this video where I leverage log poisoning, unveiling the dark secret of a notorious corporation.🕵️‍♀️📽️ #CTF #LogPoisoning #MustWatch youtu.be/DwI76dOtgjk

Interesting...

Next week I will be in NYC. What places do you recommend for food? I heard fast food is a must try. Leave me your replies

This #BlackFriday, I am giving away my course "Hack like a white hat" for the first 1k students on Udemy. Available until 29th. Enroll, learn, and don't forget to leave a feedback! Enjoy: udemy.com/course/hack-li…