Harsh Bothra Profile picture
Mar 21 • 9 tweets • 2 min read
7 Cyber Security Conferences Channel You Must Follow

🧵
2/

2. DEFCON Conference

youtube.com/user/DEFCONCon…
3/

3. OWASP Foundation - AppSec & Other Events

youtube.com/c/OWASPGLOBAL/…
4/

4. RSA Conference

youtube.com/c/RSAConference
6/

6. null - The Open Security Community

youtube.com/c/nullTheOpenS…
7/

7. Red Team Village

youtube.com/c/RedTeamVilla…
Drop your favourite conference talks & playlist links in the comment and help everyone learn something interesting.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Harsh Bothra

Harsh Bothra Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @harshbothra_

Mar 14
17 Search Engines every Security Professional Must Know

🧵
1/

1. Shodan - Search Engine for the Internet of Everything

shodan.io
2/

2. Censys Search

search.censys.io
Read 18 tweets
Mar 13
#SecurityExplained S-72: Vulnerable Code - 51

This code is vulnerable to SQL Injection attacks.
User-provided data, such as URL parameters, should always be considered untrusted and tainted.

1/n
2/n
Constructing SQL queries directly from tainted data enables attackers to inject specially crafted values that change the initial meaning of the query itself. Successful database query injection attacks can read, modify, or delete sensitive information from the database ...
3/n
...and sometimes even shut it down or execute arbitrary operating system commands. The solution is to use prepared statements and to bind variables to SQL query parameters with dedicated methods like bindParam, which ensures that user-provided data will be properly escaped.
Read 4 tweets
Mar 5
4 Subdomain Enumeration Tools you must have in your Arsenal đź’»

🧵
Read 6 tweets
Mar 4
#SecurityExplained S-63: CWE - 20: Improper Input Validation [CWE Top 25]

The product/program does not validate or validate poorly or input that can disrupt a program's control flow or data flow.

1/N 🧵
2/N

When software fails to properly validate input, an attacker can construct it in a way that the rest of the application does not expect. As a result, components of the system may receive unwanted input, resulting in a change in control flow or even arbitrary code execution.
3/N
The flaw appears during the Architecture and Design, as well as the implementation stages.

It allows to:
- Cause the Program to Stop
- Set Arbitrary Command Execution
- Cause Excessive Expenditure of Resources
- Read and Compromise Personal Information
Read 11 tweets
Mar 3
7 Hacking Books you must read.

🧵
1/

1. Web Application Hackers Handbook

amazon.in/Web-Applicatio…
2/

2. Real-World Bug Hunting

amazon.in/Real-World-Bug…
Read 8 tweets
Mar 2
#SecurityExplained S-61: CWE-787: Out-of-bounds Write

The Out-of-bounds Write is a software security vulnerability that occurs when the data is written beyond the boundaries (i.e. past the end, before the beginning) of the intended buffer.

1/n
2/n
This weakness is also listed in the CWE TOP 25 (2021). This has been given the CWE ID as CWE-787

- This vulnerability could result in buffer overflows, memory corruption, the crash of the software or even a code execution.
3/n
As per the cwe.mitre.org, The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(