Discover and read the best of Twitter Threads about #Ethicalhacking
Most recents (23)
10 ways to use awk for hackers! 🚀 🧵👇 
1️⃣ Extracting Specific Columns from a CSV File
Quickly extract email addresses and phone numbers from a huge contact list.
#DataExtraction #EthicalHacking
Quickly extract email addresses and phone numbers from a huge contact list.
#DataExtraction #EthicalHacking
2️⃣ Filtering Lines Based on a Pattern
Filter out sensitive information like passwords from log files.
#LogAnalysis #Security
Filter out sensitive information like passwords from log files.
#LogAnalysis #Security
From Noob to Pentesting Clients in 2023 👇
1. Be laser focused to become l33t. Cybersecurity is a large field and you can't be an expert of everything.
2. Let's say you choose application security. Here's how I would skill up really fast.
HTTP Parameter Pollution @SecGPT has seen in its training.
1. ATO via password reset
The attacker manipulates the HTTP parameters of the password reset page to change the email address associated with the account; then use the password reset link => ATO.
The attacker manipulates the HTTP parameters of the password reset page to change the email address associated with the account; then use the password reset link => ATO.
2. Price manipulation in e-commerce platforms
The attacker manipulates the HTTP parameters of an e-commerce website to change the price of a product. The attacker can then purchase the product at a lower price than intended.
The attacker manipulates the HTTP parameters of an e-commerce website to change the price of a product. The attacker can then purchase the product at a lower price than intended.
🚀🔒Exciting news! SecGPT is now LIVE!
Trained on thousands of cybersecurity reports, SecGPT revolutionizes cybersecurity with AI-driven insights.👇
Trained on thousands of cybersecurity reports, SecGPT revolutionizes cybersecurity with AI-driven insights.👇
1. Trained on an extensive collection of cybersecurity reports, @SecGPT provides you with a deeper understanding of vulnerabilities, exploitation techniques, and emerging trends in cybersecurity.
Its knowledge increases as more reports and writeups are published.
Its knowledge increases as more reports and writeups are published.
2. Explore SecGPT's capabilities and see how it can assist you in enhancing your cybersecurity expertise.
Try it out for free at alterai.me
#ai #cybersecurity #infosec #pentesting #ethicalhacking #bugbounty #bugbountytips #secgpt
Try it out for free at alterai.me
#ai #cybersecurity #infosec #pentesting #ethicalhacking #bugbounty #bugbountytips #secgpt
Unlocking the Secrets: Breaking Access Controls, the basics 👇
(from the AI model I'm currently training on security reports)
(from the AI model I'm currently training on security reports)
1. Direct object reference
This occurs when an attacker is able to access a resource directly by manipulating a parameter in the URL or form data.
This occurs when an attacker is able to access a resource directly by manipulating a parameter in the URL or form data.
2. Horizontal privilege escalation
This occurs when an attacker is able to access resources or perform actions that are intended for another user with the same level of access.
This occurs when an attacker is able to access resources or perform actions that are intended for another user with the same level of access.
Often times to simplify my work I build scripts.👇
I recently discovered katana by @pdiscoveryio. And I turned this:
katana -d 5 -c 50 -p 20 -ef "ttf,woff,svg,jpeg,jpg,png,ico,gif,css" -u <https://tld> -cs "regex-to-restrict-to-tld-and-subdomains"
into this:
kata <tld>
I recently discovered katana by @pdiscoveryio. And I turned this:
katana -d 5 -c 50 -p 20 -ef "ttf,woff,svg,jpeg,jpg,png,ico,gif,css" -u <https://tld> -cs "regex-to-restrict-to-tld-and-subdomains"
into this:
kata <tld>
1. The long command does the following:
-d => depth 5
-c => concurrency 50
-p => threads in parallel 20
-ef => exclude these
-u => supply the top level domain (i.e. twitter.com)
-cs => scope for this regex (limited to the tld and its subdomains)
-d => depth 5
-c => concurrency 50
-p => threads in parallel 20
-ef => exclude these
-u => supply the top level domain (i.e. twitter.com)
-cs => scope for this regex (limited to the tld and its subdomains)
2. You can download the kata bash script from my repo below. Use it as:
kata <tld>
Do me a favor and star the repo, thanks!
#pentesting #infosec #cybersecurity #ethicalhacking #bugbounty #bugbountytips
github.com/CristiVlad25/s…
kata <tld>
Do me a favor and star the repo, thanks!
#pentesting #infosec #cybersecurity #ethicalhacking #bugbounty #bugbountytips
github.com/CristiVlad25/s…
As much as I love automation in recon, 98% of the findings in my pentests have nothing to do with it. Why? 👇
1. Inspired by @NahamSec recent video.
First, in a large majority of the web pentests, clients want me to focus only on their app and it's features. So, there's no need for subdomain enumeration/bruteforcing or any other large recon tactic.
First, in a large majority of the web pentests, clients want me to focus only on their app and it's features. So, there's no need for subdomain enumeration/bruteforcing or any other large recon tactic.
2. This doesn't mean that I don't use automation. I automate some of the boring and repetitive tasks via bash and python.
More practice, less theory (but not 0 theory)
In the past, I criticized Top 1% THM who know close to nothing about the real-world aspects of a pentest.
My point was not understood and I got a lot of hate for it.
In the past, I criticized Top 1% THM who know close to nothing about the real-world aspects of a pentest.
My point was not understood and I got a lot of hate for it.
1. Again, there's less value in being Top 1% if your experience is purely theoretical.
Yet, you will go way further if you complement your experience (from day-to-day work in cybersecurity) with continuous practice on THM and other platforms (focusing on non-CTFish materials).
Yet, you will go way further if you complement your experience (from day-to-day work in cybersecurity) with continuous practice on THM and other platforms (focusing on non-CTFish materials).
2. If you're not working in cybersecurity yet, but you want to, no problem.
Get your daily real-world experience from VDPs (and not paid bounties).
Get your daily real-world experience from VDPs (and not paid bounties).
1. Subscribe to my free newsletter. At cristivlad.substack.com.
2. Like and retweet this post (the top post of the thread).
SSRF via PDF? Now made easy.
(thread)
(thread)
1. Go to @jonasl github and clone this repo. Can't paste the link, for some reason @twitter thinks it's malicious...
2. Copy Burp Collaborator URL to the clipboard.
The most frequent vulns I found in 80+ pentests in 2022.
(thread)
(thread)
1. Rate Limit Bypass
In more than half of the pentests I conducted, I found that there were no rate limits imposed on login functions or authentication mechanisms. This lack of rate limiting, combined with weak password policies, can lead to accounts being easily compromised.
In more than half of the pentests I conducted, I found that there were no rate limits imposed on login functions or authentication mechanisms. This lack of rate limiting, combined with weak password policies, can lead to accounts being easily compromised.
2. Session Token not Invalidated upon Logout
This vuln is caused when the session token is not invalidated at user logout. If the validity of the token or the time to expiry is long, this can lead to the token being leaked, potentially resulting in a data breach or other vulns.
This vuln is caused when the session token is not invalidated at user logout. If the validity of the token or the time to expiry is long, this can lead to the token being leaked, potentially resulting in a data breach or other vulns.
what can @RealTryHackMe learn from @hackthebox_eu? I asked #chatgpt. And here's what I got.
(thread)
(thread)
1. Advanced techniques and skills
HackTheBox challenges are often more advanced and may require a deeper understanding of different technologies and techniques. This can be a great opportunity for TryHackMe users to learn and practice more advanced skills.
HackTheBox challenges are often more advanced and may require a deeper understanding of different technologies and techniques. This can be a great opportunity for TryHackMe users to learn and practice more advanced skills.
2. Real-world scenarios
HackTheBox challenges are designed to be more realistic and often mimic real-world scenarios. This can provide a valuable learning opportunity for TryHackMe users who want to gain experience in more realistic environments.
HackTheBox challenges are designed to be more realistic and often mimic real-world scenarios. This can provide a valuable learning opportunity for TryHackMe users who want to gain experience in more realistic environments.
1. Synack @SynackRedTeam
What I love: triagers, quality and variety of targets, scope width, fast payouts, tight community, dashboard
What I don't love (yet): LP+, vulnerability rewards
What I love: triagers, quality and variety of targets, scope width, fast payouts, tight community, dashboard
What I don't love (yet): LP+, vulnerability rewards
2. Intigriti @intigriti
What I love: community, community, community, quality of triaging, dashboard, hybrid pentests (despite I didn't get any)
What I don't love (yet): variety of tragets, private programs, vulnerability rewards
What I love: community, community, community, quality of triaging, dashboard, hybrid pentests (despite I didn't get any)
What I don't love (yet): variety of tragets, private programs, vulnerability rewards
damn, the level of sophistication that attacks can reach. I didn't know this, thanks @RealTryHackMe
(thread)
(thread)
1. Domain names were originally composed of Latin characters a-z and 0-9.
2. In 1998, IDN (Internationalized Domain Name) was implemented to support language-specific script or alphabet from other languages, such as Arabic, Chinese, Cyrillic, Hebrew and others.
These 5 tools and techniques have completely transformed my pentesting and appsec assessments:
(thread)
(thread)
1. Burp Suite PRO + Extensions (@PortSwigger)
This is my bread and butter. Honestly, when testing web and mobile applications, I don’t think I could do without.
This is my bread and butter. Honestly, when testing web and mobile applications, I don’t think I could do without.
In a world overloaded with information, "how to" is not so valuable anymore. "how I" is the new valuable approach. Here are 5 reasons:
(thread)
(thread)
1. It’s More Authentic
By sharing your experiences and insights, you are providing a more personal and authentic perspective on the topic. This is especially valuable when it comes to topics where there are many different approaches/opinions.
i.e: #cybersecurity #ethicalhacking
By sharing your experiences and insights, you are providing a more personal and authentic perspective on the topic. This is especially valuable when it comes to topics where there are many different approaches/opinions.
i.e: #cybersecurity #ethicalhacking
2. It Is More Relatable
People can relate better to your story than they can to a generic “how to” approach because they can identify with the struggles and successes that you have experienced.
i.e.: How I hacked XYZ...
People can relate better to your story than they can to a generic “how to” approach because they can identify with the struggles and successes that you have experienced.
i.e.: How I hacked XYZ...
Here's a list of 5 FREE Cybersecurity trainings.
🧵👇
.
.
.
#bugbounty #cybersecurity #infosec #hacking #tech #learninig #datasecurity #linux #ransomware #ethicalhacking #cybersecuritytraining #cybersecurityawareness #malware #informationsecurity #isecurity
🧵👇
.
.
.
#bugbounty #cybersecurity #infosec #hacking #tech #learninig #datasecurity #linux #ransomware #ethicalhacking #cybersecuritytraining #cybersecurityawareness #malware #informationsecurity #isecurity
Platforms to practice hacking 🔥❤🐞 → Tryhackme
→ Hackthebox
→ Pentester Lab
→ tcm-security
→ Vulnhub
→ Offensive Security
→ Vulnmachines
→ Portswigger Web Security Academy
→be practical
1/3
#bugbountytips #Ethicalhacking #cybersecuritytips #bugbountytip #infosec
→ Hackthebox
→ Pentester Lab
→ tcm-security
→ Vulnhub
→ Offensive Security
→ Vulnmachines
→ Portswigger Web Security Academy
→be practical
1/3
#bugbountytips #Ethicalhacking #cybersecuritytips #bugbountytip #infosec
→ Hacker101
→ PicoCTF
→ HackMyVm
→ Try2hack
→ Cybrary
→ RangeForce
→ Letsdefend
→ vhackinglabs
→ Hacksec42
→ BugBountyHunt3r
→ CyberSecLabsUK
→ certifiedsecure
→ CTFTime
→ 247CTF
2/3
#bugbountytips #Ethicalhacking #cybersecuritytips #bugbountytip
→ PicoCTF
→ HackMyVm
→ Try2hack
→ Cybrary
→ RangeForce
→ Letsdefend
→ vhackinglabs
→ Hacksec42
→ BugBountyHunt3r
→ CyberSecLabsUK
→ certifiedsecure
→ CTFTime
→ 247CTF
2/3
#bugbountytips #Ethicalhacking #cybersecuritytips #bugbountytip
→Alert to win
→Attack-Defense
→Bancocn
→Certified Secure
→CMD Challenge CryptoHack
→CTF Komodo Security
→Ctftime
→Cyberdefenders
→CyberSecLabs
→EchoCTF
→Explotation Education
→Google CTF
→Hack The Box
→Hackaflag BR
→Hacker Security
#bugbounty
→Attack-Defense
→Bancocn
→Certified Secure
→CMD Challenge CryptoHack
→CTF Komodo Security
→Ctftime
→Cyberdefenders
→CyberSecLabs
→EchoCTF
→Explotation Education
→Google CTF
→Hack The Box
→Hackaflag BR
→Hacker Security
#bugbounty
Day 4 Of #CyberSecurity/ #ethicalhacking for Beginners.
Vulnerabilities and attacks
A vulnerability is a weakness in design, implementation, operation, or internal control.
#SSOT #tech #hackers #hacking
Thread
1/13
Vulnerabilities and attacks
A vulnerability is a weakness in design, implementation, operation, or internal control.
#SSOT #tech #hackers #hacking
Thread
1/13
2/13
Backdoor
A backdoor in a computer system, a cryptosystem or an algorithm, is any secret method of bypassing normal authentication or security controls.
Backdoor
A backdoor in a computer system, a cryptosystem or an algorithm, is any secret method of bypassing normal authentication or security controls.
Denial-of-service attack
3/13
Denial of service attacks (DoS) are designed to make a machine or network resource unavailable to its intended users.
3/13
Denial of service attacks (DoS) are designed to make a machine or network resource unavailable to its intended users.
#Ethicalhacking
நாம இன்னைக்கு வாழ்ந்துட்டு இருக்குற நவீன உலகத்தில நம்முடைய தகவல்கள் எல்லாமே எதோ ஒரு வகையில ஆன்லைன் Data-வாக சேமித்து வைக்கப்பட்டு இருக்கு அது நம்முடைய கைபேசியோ அல்லது அரசின் Databaseலயோ எதோ ஒரு இடத்தில இருக்கிறது.அந்த தகவல்களை பாதுகாப்பாக வைத்திருக்க நாம் பல்வேற
நாம இன்னைக்கு வாழ்ந்துட்டு இருக்குற நவீன உலகத்தில நம்முடைய தகவல்கள் எல்லாமே எதோ ஒரு வகையில ஆன்லைன் Data-வாக சேமித்து வைக்கப்பட்டு இருக்கு அது நம்முடைய கைபேசியோ அல்லது அரசின் Databaseலயோ எதோ ஒரு இடத்தில இருக்கிறது.அந்த தகவல்களை பாதுகாப்பாக வைத்திருக்க நாம் பல்வேற
முயற்சிகளை செய்கிறோம்,அதைவிட பல மடங்கு முயற்சிகளை செய்து பாதுகாக்கிறது நம்முடைய அரசாங்கம்.எவ்வளவு தான் பாதுகாப்பாக வைத்து இருந்தாலும் அதில் எதாவது ஒரு Loophole கண்டுபிடிச்சு அந்த தகவல்களை எல்லாம் திருட முயற்சி செய்றாங்க.
இதையெல்லாம் செய்றாங்க பாத்திங்களா அவங்க பேர் தான் Hackers
இதையெல்லாம் செய்றாங்க பாத்திங்களா அவங்க பேர் தான் Hackers
இப்படி நடக்குறதை தடுக்கறாங்க பார்த்திங்களா அவங்க பேர் Ethical Hackers .
இந்த இரண்டு பேருக்கும் உள்ள வித்தியாசத்தை பற்றித்தான் பார்க்கபோறோம் இந்த Threadla முதலில் ஹேக்கிங் அப்டின்னா என்ன அப்டினு தெரிஞ்சுப்போம் நமக்கு அல்லது ஒரு பெரிய நிறுவனத்திற்கு தெரியாம அவங்களோட தகவல்களை
இந்த இரண்டு பேருக்கும் உள்ள வித்தியாசத்தை பற்றித்தான் பார்க்கபோறோம் இந்த Threadla முதலில் ஹேக்கிங் அப்டின்னா என்ன அப்டினு தெரிஞ்சுப்போம் நமக்கு அல்லது ஒரு பெரிய நிறுவனத்திற்கு தெரியாம அவங்களோட தகவல்களை
Let’s take a trip down memory lane with some of our highlights from this year…
JANUARY: question time! We received more than 280 questions under the hashtag #AskDraghi, on cryptocurrencies, Europe’s economic recovery and the likelihood of another global crisis. Watch President Draghi’s response on bitcoin.
FEBRUARY: the discussion continued. Chief Economist Peter Praet answered questions in a live Twitter Q&A. You asked about central banking and beyond, with topics ranging from economic development to how he pronounces his last name (the “e” is silent) twitter.com/i/moments/9616…
What is #ethicalhacking? And why do we encourage it? Watch to find out.
Our TIBER-EU framework details how financial companies can test their cyber resilience. Ethical hackers (red team) attack a company (blue team); only a few employees within the company know it’s happening (white team) ecb.europa.eu/pub/pdf/other/…
If you’d like to know more about the role of the white team – the group of employees from within the company that organises the hack – have a look at our newly published TIBER-EU white team guidance ecb.europa.eu/pub/pdf/other/…
