If you're testing a site that needs a unique CSRF-token for each call, you can use Hackvertor's custom tags to make a simple python script to fetch a new token for you. Very simple solution and works very nicely. Thank you again Gareth Heyes \u2028! gist.github.com/fransr/34a17f5…

I gave GPT-4 a budget of $100 and told it to make as much money as possible. I'm acting as its human liaison, buying anything it says to. Do you think it'll be able to make smart investments and build an online business? Follow along 👀

Using inspiration from M I have asked #ChatGPT to become CyberGPT and I will be their human counterpart to execute offensive testing. Let's see how good an #AI is at offensive testing. #redteam #infosec

I've made $500k+ from SSRF vulnerabilities. Here are my tricks:

I'm going to be overly aggressive and pushy in this tweet because I'm talking to myself, but maybe it'll help some of you all too. We live in the most comfortable, healthy, abundant time in the history of the universe. There are near infinite interesting things to work on.

OAuth Flow Authorization Code Flow.

Thank you Mantas Sabeckis for the awesome five-part blog series on "The Power of AXIOM"! Check it out here ott3rly.medium.com

[NEW-RELEASE] Generate Nuclei by ProjectDiscovery template as you browse the internet using Nuclei AI - Browser extension. Nuclei AI Extension: github.com/projectdiscove… #hackwithautomation #appsec #security #bugbounty

Burp PSA: If you want to use a large file of payloads in Intruder, *DO NOT* use Simple list's "Load" feature. Simple list is designed for "simple" lists, and it loads the entire file into a GUI JList. This is fine for small wordlists, but will absolutely become a memory issue

📖 The Copenhagen Book: how-to implement auth for the web @pilcrowOnPaper offers an opinionated guide, to pair with OWASP cheat sheets. • Server-side tokens • Sessions • Password auth & reset • Email verification • OAuth • MFA & Passkeys + more thecopenhagenbook.com

Is your target behaving weirdly under Firefox ? Would like to use chrome but don't wan't to lose PwnFox ? Here's a simple trick to get the coloration back with Chrome : ⬇️

GIVEAWAY ALERT! We are giving away our "Windows API Hooking for Red Teamers" course for 5 persons who liked and retweeted this tweet. winners will be picked on Wednesday this week. courses.pointersec.com/p/windows-api-… #infosec #malware #redteam #cybersecurity #hacking #pentest

🎖️ FREE Certified Network Security Practitioner (CNSP) Exam!🎖️ **No discount code needed** Here's how to claim your offer: 1️⃣ Like and share this post. 2️⃣ Fill out this Google form: 📝docs.google.com/forms/d/e/1FAI… 3️⃣ After submitting the form, we will email you the exam details. 💯

x.com/TheSecOpsGroup…

Melihat semakin banyaknya orang terdekat yang menjadi korban cybercrime, kehilangan harta benda, dan mengalami masalah akibat penipuan online, training ini hadir membantu Anda. - Full Syllabus: s.id/hacker - More about trainer: kortisa.com

Melihat semakin banyaknya orang terdekat yang menjadi korban cybercrime, kehilangan harta benda, dan mengalami masalah akibat penipuan online, training ini hadir membantu Anda. - Full Syllabus: s.id/hackers - More about trainer: kortisa.com

Recently I learned macOS has a built-in WiFi Sniffer

Advanced SQL Injection Techniques now available in GitBook. Make a copy/ Archive / Convert to PDF before they report this too :). #bugbountytip #BugBounty #SQLInjection #SQLi nav1n0x.gitbook.io/advanced-sql-i…

Proudly storing JWT auth token in localStorage in 2024 🥇

guys, it's over. i made my font like 2 sizes larger on my phone and i kinda like it