From Noob to Pentesting Clients in 2023 👇 1. Be laser focused to become l33t. Cybersecurity is a large field and you can't be an expert of everything.

This got interesting very fast, business development with ChatGPT, concise.

HTTP Parameter Pollution @SecGPT has seen in its training. 1. ATO via password reset

The attacker manipulates the HTTP parameters of the password reset page to change the email address associated with the account; then use the password reset link => ATO.

🚀🔒Exciting news! SecGPT is now LIVE!

Trained on thousands of cybersecurity reports, SecGPT revolutionizes cybersecurity with AI-driven insights.👇 1. Trained on an extensive collection of cybersecurity reports, @SecGPT provides you with a deeper understanding of vulnerabilities, exploitation techniques, and emerging trends in cybersecurity.

Its knowledge increases as more reports and writeups are published.

I never rely on automation alone.

In a recent external pentest, I was going over the assets manually, while running some tools in the background, including nuclei. 1. One instance was running a software vulnerable to arbitrary file deletion. Nuclei didn't even smell it, unfortunately.

What I usually do, is to look over famous exploits for the specific software. And this one was a victim.

Broken Access Control attack vectors, by #ChatGPT4 👇 1. IDOR

This occurs when an application exposes internal implementation objects, such as files, directories, or database keys, without proper authorization checks. Attackers can manipulate these references to gain unauthorized access to sensitive data.

Boost your pentesting and bug bounty game with SecGPT's AI insights from thousands of online security reports.

I've asked it for some XXE payloads found in the reports. 1. Basic XXE payload

`<!DOCTYPE foo [<!ELEMENT foo ANY ><!ENTITY xxe SYSTEM "file:///etc/passwd" >]><foo>&xxe;</foo>`

Unlocking the Secrets: Breaking Access Controls, the basics 👇

(from the AI model I'm currently training on security reports) 1. Direct object reference

This occurs when an attacker is able to access a resource directly by manipulating a parameter in the URL or form data.

Large language models exhibit emergent abilities 👇 1. Large language models (LLMs) exhibit emergent abilities after crossing a critical value of effective parameters

As much as I love automation in recon, 98% of the findings in my pentests have nothing to do with it. Why? 👇 1. Inspired by @NahamSec recent video.

First, in a large majority of the web pentests, clients want me to focus only on their app and it's features. So, there's no need for subdomain enumeration/bruteforcing or any other large recon tactic.

More practice, less theory (but not 0 theory)

In the past, I criticized Top 1% THM who know close to nothing about the real-world aspects of a pentest.

My point was not understood and I got a lot of hate for it. 1. Again, there's less value in being Top 1% if your experience is purely theoretical.

Yet, you will go way further if you complement your experience (from day-to-day work in cybersecurity) with continuous practice on THM and other platforms (focusing on non-CTFish materials).

SSH local port forwarding, explained to humans:

ssh -L [local_address:]local_port:remote_address:remote_port [user@]ssh_server 1.🌐💻 Have you ever wanted to access a remote server as if it were running on your local machine? That's where local port forwarding comes in!

Not a paid sponsorship, but I'd love to @HelloPaperspace :) 👇

For the last 3-4 years, I had a VPS with 16 GB of RAM and 8 CPUs for which I paid $0.16 per hour of usage. 1. A few days ago I said I'd upgrade to a VPS with 30 GB of RAM and 12 CPUs.

Definitely a dramatically huge increase in performance! Still quite cheap at $0.3/h.

My usual monthly usage so far has been 100 hours or less.

The following technique can be used to bypass AI text detection. Use it for ethical purposes only!👇 1. Generate whatever text you want with ChatGPT. Then reply to ChatGPT with the following:

"When it comes to writing content, two factors are crucial, "perplexity" and "burstiness." Perplexity measures the complexity of text. Separately, burstiness compares the variations👇

Massive giveaway by @AppSecEngineer!

Annual PRO subscription (worth $399)

Rules to participate 👇 1. Subscribe to my free newsletter. At cristivlad.substack.com.

How to get started with machine learning: From 0 to Engineer.

(thread) 1. Math - via @khanacademy

Use these resources (all links in the last tweet):

- Khan Academy - Multivariable Calculus
- Khan Academy - Differential Equations
- Khan Academy - Linear Algebra
- Khan Academy - Statistics Probability

The art of getting lucky by turning the odds in your favor. @naval.

4 ways, only one works well.

(thread) 1. Hope luck finds you.

SSRF via PDF? Now made easy.

(thread) 1. Go to @jonasl github and clone this repo. Can't paste the link, for some reason @twitter thinks it's malicious...

Privilege escalation in Windows using 4 tools for red teamers and pentesters.

(thread) 1. WinPEAS - it's a simple .exe script you can run as: winpeas.exe > outputfile.txt

Get it here: github.com/carlospolop/PE…

In this week's newsletter:

- building the next ChatGPT | Network Pentesting | Full-blown Winter -

(thread) 1. I'm talking about the 6 month learning plan to understand AI large language models from scratch - the stuff that #chatGPT is built on.

Wanna build the next ChatGPT?

Here's a 6 month learning plan for AI large language models (LLMs) from scratch.

(thread) 1. Familiarize yourself with basic machine learning concepts and Python programming.

Books:

1.1. Introduction to Machine Learning with Python by Andreas Müller and Sarah Guido

1.2. Python Machine Learning by @rasbt