Share this page!

Abhishek Meena Profile picture
Twitter logo
Dec 3 5 tweets 3 min read
Advanced Header Filtering using tcpdump

To better inspect the request and responses in dump, we would like filtered data packets

To do this, we look for packets that contain PSH & ACK Flag

PSH Flag used to enforce immediate delivery

#bugbounty #infosec #hacking

Thread🧵: 👇
Following diagram depicts the TCP header and shows that TCP flags are defined starting from 14th byte

See img 👇 : we can see ACK & PSH Flag represented by fourth and fifth bits of the 14th byte

Calc req bytes :

CEUAPRSF
WCRCSSYI
REGKHTNN
00011000 = 24 decimal

More 🧵: 👇
These bytes will give us 00011000, or decimal 24

We can pass this number to tcpdump with TCP[13] = 24 as display filter

To see on packets that contains ACK & PSH bit set represented by 4th and 5th byte (24) of 14th byte of TCP header

More 👇
Note : that TCP array index use for counting the bytes starts at zero 0, so syntax should be ( TCP[13] ).

This will show us that filtered https request and responses
Hope you like 👍 this Amazing header Filtering Trick

Join my 🪲 Bounty Tips and tricks Group : t.me/bugbountyresou…

#bugbounty #infosec

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Abhishek Meena

Abhishek Meena Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Aacle_

Abhishek Meena Profile picture
Dec 5
Top 5 Tips To Prevent SSRF
#bugbounty #infosec

🧵(1/n)
📌Here are some tips for preventing SSRF attacks:

➡ Validate user-supplied input:

Make sure to properly validate any user-supplied input to ensure that it is not malicious.

This can help to prevent attackers from sending crafted requests to your application.

🧵(2/n)
➡ Use a whitelist approach :

Instead of trying to identify and block specific types of malicious input, a whitelist approach allows you to specify the types of input that are allowed.

This can help to prevent attackers from sending requests to unintended destinations.

🧵(3/n)
Read 7 tweets
Abhishek Meena Profile picture
Dec 4
Here are 5 tips for beginners Before participating in bug bounty programs: 🔰
#bugbounty #infosec

Thread 🧵:👇
1. Start with an easy target:

If you are new to bug bounty programs, it can be helpful to start with an easy target.

This can help you to gain experience and build your skills without getting overwhelmed.
2. Learn from others

Many resources available online that helps you learn about bug bounty programs and how to find vulnerabilities

These resources can include forums, blogs, and tutorials

Take Advantage of these resources and learn from the experiences of others.
Read 7 tweets
Abhishek Meena Profile picture
Dec 4
OWASP Top 10 Overview 🔥
#bugbounty #Infosec #bugbountytips

See🧵(1/12)
🔰 Broken access Control

Broken access control is a security vulnerability that can occur in many different types of applications and systems.

Here are a few examples of broken access control: Image
🔰 Cryptographic failure

Cryptographic failure refers to a situation where a cryptographic system or algorithm fails to provide the intended level of security.

Some common causes of cryptographic failure include: Image
Read 12 tweets
Abhishek Meena Profile picture
Dec 4
Top 12 Accessories that Hacker use Mostly
#bugbounty #Infosec #Hacked #hacking

List of Items🧵:👇
1. Raspberry Pi 4

This is very useful we can install entire Kali Linux on this credit card sized computer.

Raspberry Pi also can be used in many other projects. Cybersecurity experts use it on various way.

👇: More Image
2. USB Rubber Ducky

The USB Rubber Ducky delivers powerful payloads in seconds by taking advantage of the target computers inherent trust all while deceiving humans by posing as an ordinary USB drive.

👇: More Image
Read 14 tweets
Abhishek Meena Profile picture
Dec 3
LINUX - /etc/passwd -deeply

• /passwd: A human-readable text file which stores information of user account.

• etc/group: also a human-readable text file which stores group information as well as user belongs to which group can be identified through this file.

Thread🧵: 👇 Image
• Encrypted password:
The X denotes encrypted password which is actually stored inside /shadow file. If the user does not have a password, then the password field will have an *(asterisk).

More : 👇
• User Id (UID): Every user must be allotted a user ID

• (UID). UID 0 (zero) is kept for root user and UIDs 1-99 are kept for further predefined accounts, UID x.x.x.x

• Group Id (GID): It denotes the group of each user; like as UIDs, the first x.x.x.x

More : 👇
Read 5 tweets
Abhishek Meena Profile picture
Dec 2
Bugbounty Thread 🧵:

On :
Steps Needs to Approach a Target
#bugbounty #infosec

Version : 1

➡ Walk through the application

The first step to identifying vulnerabilities in a web application is actually using the web application

More 🧵(1/n) :👇 How to approach a target
➡ Create an account

click on the links you can see what the application does(and to identify an attack surface i.e. what parts of the application have functionality that you can attack) use the different functionality(e.g. making transactions)

🧵(2/n) :👇
• What languages/frameworks did the developer use
• What version of the server/language.

During the walk through, it’s important to think like a developer. During this process try and think of the design/implementation of a particular feature

🧵(3/n) :👇
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(