Harsh Bothra Profile picture
Mar 5 6 tweets 2 min read
4 Subdomain Enumeration Tools you must have in your Arsenal 💻

🧵
Mention your favourite subdomain enumeration tools/scripts in the comments. ☄️

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Harsh Bothra

Harsh Bothra Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @harshbothra_

Mar 4
#SecurityExplained S-63: CWE - 20: Improper Input Validation [CWE Top 25]

The product/program does not validate or validate poorly or input that can disrupt a program's control flow or data flow.

1/N 🧵
2/N

When software fails to properly validate input, an attacker can construct it in a way that the rest of the application does not expect. As a result, components of the system may receive unwanted input, resulting in a change in control flow or even arbitrary code execution.
3/N
The flaw appears during the Architecture and Design, as well as the implementation stages.

It allows to:
- Cause the Program to Stop
- Set Arbitrary Command Execution
- Cause Excessive Expenditure of Resources
- Read and Compromise Personal Information
Read 11 tweets
Mar 3
7 Hacking Books you must read.

🧵
1/

1. Web Application Hackers Handbook

amazon.in/Web-Applicatio…
2/

2. Real-World Bug Hunting

amazon.in/Real-World-Bug…
Read 8 tweets
Mar 2
#SecurityExplained S-61: CWE-787: Out-of-bounds Write

The Out-of-bounds Write is a software security vulnerability that occurs when the data is written beyond the boundaries (i.e. past the end, before the beginning) of the intended buffer.

1/n
2/n
This weakness is also listed in the CWE TOP 25 (2021). This has been given the CWE ID as CWE-787

- This vulnerability could result in buffer overflows, memory corruption, the crash of the software or even a code execution.
3/n
As per the cwe.mitre.org, The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
Read 9 tweets
Mar 1
#SecurityExplained S-60: Introduction to CWE

According to the official description, the CWE™ (Common Weakness Enumeration) is a community-developed list of software and hardware weakness types.

[1/n🧵]

#AppSec #infosec #websecurity #cybersecurity #bugbountytips #Pentesting
2/n
It serves as a common language, a measuring stick for security tools, and as a line for weakness identification, mitigation, and prevention efforts. The list includes more than 924 Common Weaknesses in Software & Hardware.
3/n
There are multiple options available to look for a CWE such as:
- By Software Development
- By Hardware Design
- By Research Concepts
- External Mappings such as (CWE TOP 25, OWASP TOP 10, Software Fault Pattern Cluster and more)
Read 8 tweets
Feb 28
#SecurityExplained S-59: Ruby ERB SSTI

Server-Side Template Injection (SSTI) vulnerabilities occur when user-supplied data is inserted into a template and insecurely evaluated as an expression by the template engine.

#appsec #bugbountytips
[1/n 🧵]
This may allow an attacker to trick the template engine into evaluating an expression that could allow an attacker to execute system commands or get a shell
To look for template injection vulnerability, it is essential to enumerate and know if the template engine is in use.

2/n
3/n
If the application uses a template engine, the next thing is to know what language-based template injection is used and what all classes and methods are accessible that could be chained together to perform the desired action.
Read 7 tweets
Feb 1
#securityexplained S-32: Account Takeover Methodologies

A thread on my Account Takeover Methodologies 🧵

[1/n]

#appsec #infosec #webappsec #bugbountytips #bugbounty #hacking #Coding #security #development #securecoding #learn365 #securityexplained
[2/n]
An account takeover usually refers to gaining persistent access to the victim user's account and performing all the authentication actions as a victim would be able to do. The severity of account takeover issues is usually considered between High to Critical.
[3/n]
However, it also depends upon the complexity and likelihood of the attack.
In general, the account takeover is not a "vulnerability class" itself but an impact result of a vulnerability.
Read 27 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(