Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Anugrah SR 📌| #HackLearnDaily Profile picture
@cyph3r_asr
Aug 24, 2021 15 tweets 7 min read Read on X
Scrolly
10 Awesome Firefox Extensions to Enhance Your Pentesting/Bug bounty Hunting.

Thread 🧵👇
1⃣ FoxyProxy Standard
FoxyProxy is an advanced proxy management tool that completely replaces Firefox's limited proxying capabilities.

Url: addons.mozilla.org/en-US/firefox/…
2⃣ Firefox Multi-Account Containers
Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs that preserve your privacy.

Containers+authorize = broken access control bugs!

Url: addons.mozilla.org/en-US/firefox/…
3⃣ PwnFox
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
Features includes:
> Single click BurpProxy
> Containers Profiles
> Toolbox injection
> Security header remover

FoxyProxy + Containers = pwnfox

Url: addons.mozilla.org/en-US/firefox/…
4⃣HackTools
Hacktools is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells to test your web application.

Url: addons.mozilla.org/en-US/firefox/…
5⃣ Wappalyzer
Identify technologies on websites

Url: addons.mozilla.org/en-US/firefox/…
6⃣ Shodan
The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

Url: addons.mozilla.org/en-US/firefox/…
7⃣DotGit
An extension to check if .git is exposed in visited websites.

url: addons.mozilla.org/en-US/firefox/…
8⃣Open Multiple URLs
Opens a list of URLs

url: addons.mozilla.org/en-US/firefox/…
9⃣ Cookie-Editor

Cookie-Editor lets you efficiently create, edit and delete a cookie for the current tab. Perfect for developing, quickly testing or even manually managing your cookies for your privacy.

Url: addons.mozilla.org/en-US/firefox/…
🔟 S3 Bucket List
Finds Amazon S3 Buckets while browsing then records it in the add-on content.

Url: addons.mozilla.org/en-US/firefox/…
If i missed out any amazing extension, comment down!

Follow @cyph3r_asr for more such contents!
11 Hackbar
Feature
* Load, split, execute url from address bar.
* Custom/add referrer url, User Agent, cookie.
* Tools: md5, sha1, sha256, rot13 encryption, url, base64 encoding, beautifier json data, sql, xss features.

Url: addons.mozilla.org/en-US/firefox/…
12 Hunter

Find email addresses from anywhere on the web, with just one click.

url: addons.mozilla.org/en-US/firefox/…
13 Modify Header Value

Add, modify or remove a header for any request on desired domains.

url: addons.mozilla.org/en-US/firefox/…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Anugrah SR 📌| #HackLearnDaily

Anugrah SR 📌| #HackLearnDaily Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @cyph3r_asr

Anugrah SR 📌| #HackLearnDaily Profile picture
May 28, 2022
These CTFs will teach you about Ethereum, Solidity, the EVM, DeFi, and other interesting aspects of the web3 ecosystem. 🚀

Everything while you hack into vulnerable smart contract implementations.

START HERE if you prefer to learn by doing rather than reading.👇
1. Capture the Ether
URL: capturetheether.com

Capture the Ether is a game in which you hack Ethereum smart contracts to learn about security.
2. The Ethernaut
URL: ethernaut.openzeppelin.com

The Ethernaut is a Web3/Solidity based wargame inspired on overthewire.org, played in the Ethereum Virtual Machine. Each level is a smart contract that needs to be 'hacked'.
Read 9 tweets
Anugrah SR 📌| #HackLearnDaily Profile picture
May 27, 2022
My tweets are filled with web3 🚀

If anyone learning smart contact and web3 security drop your resources below🙏

Here are some amazing resources I found to learn Solidity 👇
1. cryptozombies.io
2. smartcontract.engineer
Read 7 tweets
Anugrah SR 📌| #HackLearnDaily Profile picture
Sep 30, 2021
What is SSO? How can we hack it?

Comes let's see! 🧵👇
👉 Single Sign-On or SSO allows you to log in to one system, and you can access multiple systems in the back-end.
👉 SSO allows the users to access software resources across systems in the back-end, SSO simplifies the process how a user logs into the systems. With one set of credentials, a user can securely log into multiple web applications and websites.
Read 16 tweets
Anugrah SR 📌| #HackLearnDaily Profile picture
Sep 10, 2021
📅Day 4
#hacklearndaily

1⃣WebSecAcadamy: Sql Injection Databases (portswigger.net/web-security/s…)

2⃣THM: tryhackme.com/room/hipflask

3⃣Documentaion: smoggy-mozzarella-076.notion.site/SQL-d655b37898…

4⃣Blog of the day: medium.com/nerd-for-tech/…
5⃣Nothing!
Read 4 tweets
Anugrah SR 📌| #HackLearnDaily Profile picture
Jul 18, 2021
Here are 5 simple resources to learn subdomain enumeration in depth for beginners.

More the subdomains = More assets to look for vulnerabilities🐞

🧵👇
1⃣ Subdomain Enumeration Guide 2021

Author: @sidxparab
sidxparab.gitbook.io/subdomain-enum…
This guide contains all the needed knowledge for performing a good subdomain enumeration in a beginner's perspective. Detailed explanation about why this technique was used and how to perform them.
2⃣The Art of Subdomain Enumeration

Author: @appseccouk
appsecco.com/books/subdomai…

This book discusses the some sub-domain enumeration techniques, tooling around these techniques and also mitigation.
Read 7 tweets
Anugrah SR 📌| #HackLearnDaily Profile picture
Jul 9, 2021
10 Vulnerable Android Applications for beginners to learn Android hacking.

🧵👇
1. InjuredAndroid

A vulnerable android application ctf examples based on bug bounty findings, exploitation concepts.

Creator: @B3nac
playstore link: play.google.com/store/apps/det…
github: github.com/B3nac/InjuredA…
walkthough:
2. Android AppSec (Kotlin)

App will help you to practice Android Security to make your apps more secure

Creator: @hpandro1337 @_RaviRamesh
playstore link: play.google.com/store/apps/det…
ctf: ctf.hpandro.raviramesh.info
walkthrough: youtube.com/c/AndroidAppSec
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(