Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Harsh Bothra Profile picture
Harsh Bothra
@harshbothra_
Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
9 subscribers
Feb 27, 2023 25 tweets 4 min read
SecurityStories - 52 Weeks, 52 Stories: Story - 9

~ My learning process has been the same through the years, continuous education.

Featuring Nicolas Krassas (@Dinosn) an OG hacker from Switzerland.

1/25 Question: Could you briefly introduce yourself?
Nicolas: I'm a senior penetration tester and your friendly security guy. I like to assist people with security questions and guide them through a solution.

2/25
Jul 28, 2022 5 tweets 1 min read
How to get into programming and earn while learning?

A Thread 🧵↓ Happy to share about a new platform made for developers called @StackUpHQ, where you can improve your programming skills while getting paid to learn and connect with a global community of developers.
May 11, 2022 9 tweets 2 min read
7 Free Practice Labs to Master GraphQL Attacks

🧵 1/
1. Damn Vulnerable GraphQL Application (DVGA)
github.com/dolevf/Damn-Vu…
May 8, 2022 17 tweets 4 min read
15 Security Standards You Must Know & Follow

🧵 1/

1. OWASP ASVS (Application Security Verification Standard)

owasp.org/www-pdf-archiv…
Apr 11, 2022 15 tweets 4 min read
12 Free Practice Labs to Master SQL Injection

🧵 1/
1. Audi SQLi Labs

github.com/Audi-1/sqli-la…
Apr 11, 2022 9 tweets 2 min read
#SecurityExplained S-101: CWE Top 25:
CWE-434: Unrestricted Upload of File with Dangerous Type

The software allows an attacker to upload or transfer harmful data that can be processed automatically within the product's environment.

1/ 2/
This flaw could affect any software that allows users to upload files.

The arbitrary file upload weakness concerns improper or missing file type validation when uploading files.
Apr 10, 2022 11 tweets 2 min read
#SecurityExplained S-100: CWE Top 25:
CWE-306: Missing Authentication for Critical Function

The software does not perform any authentication for functionality that requires a verified user identification or uses a considerable number of resources.

1/n 2/n
This vulnerability is frequently introduced during the architecture and design phase of the application development process.
Apr 9, 2022 12 tweets 2 min read
#SecurityExplained S-99: CWE Top 25:
​​​​CWE-190: Integer Overflow or Wraparound

🧵 1/

When the logic thinks that the final value will always be more significant than the original value, the software runs a calculation that can result in an integer overflow or wraparound.
Apr 1, 2022 16 tweets 4 min read
14 Payload Repositories to find all the required Payloads & Attack Vectors.

🧵 1/

1. Payloads All The Things

github.com/swisskyrepo/Pa…
Apr 1, 2022 14 tweets 2 min read
#SecurityExplained S-91: CWE Top 25:
CWE-611: Improper Restriction of XML External Entity Reference

1/n 2/n
When an application executes an XML document that contains entities pointing to external URIs, CWE-611 vulnerabilities can occur.
Mar 31, 2022 14 tweets 2 min read
#SecurityExplained S-90: CWE Top 25: CWE-918: Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and obtains its contents, but it does not check that the request is routed to the correct destination.

1/n 2/n

Malicious parties can use CWE-918, also known as server-side request forgeries (SSRF), to trick a server into making requests to obtain access to internal infrastructure, sensitive data, and more.
Mar 30, 2022 14 tweets 3 min read
11 MindMaps I have created that you may find useful!

🧵 1/

1. XML Attacks

xmind.net/m/xNEY9b/
Mar 30, 2022 8 tweets 2 min read
#SecurityExplained S-89: CWE Top 25: CWE-522: Insufficiently Protected Credentials

The product transfers or saves authentication credentials, but it does so improperly that it can be intercepted or retrieved by unauthorized individuals.

1/n 2/n
This flaw relates to an architectural security approach that has been misdesigned. Another form of credential attack uses flaws in how passwords are encoded, saved, and handled by a web application, network, or software system.
Mar 29, 2022 15 tweets 2 min read
#SecurityExplained S-88: CWE Top 25: CWE-732: Incorrect Permission Assignment for Critical Resource

The product defines permissions for a security-critical resource so that unwanted actors can read or modify it.

1/n 2/n
 When a resource's permissions are set to allow access to a broader range of actors than is required, sensitive information may be exposed, or undesired parties may modify the resource.
Mar 28, 2022 12 tweets 3 min read
9 Free Practice Labs to Master Cross-Site Scripting 1/
1. PortSwigger XSS Labs
portswigger.net/web-security/c…
Mar 28, 2022 9 tweets 2 min read
#SecurityExplained S-87: CWE Top 25: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

The product makes sensitive information available to someone who isn't explicitly permitted to access it.

1/n 2/n
CWE-200 arises when confidential information (e.g., application systems and network information, user-supplied data such as names email addresses) is made available to individuals who are not authorized to see it.
Mar 27, 2022 4 tweets 2 min read
#SecurityExplained S-86: Vulnerable Code - 65

This code is vulnerable to NoSQL Injection attack.

User-provided data such as URL parameters and POST body content should always be considered untrusted and tainted.

1/n 2/n
 Applications that perform NoSQL operations based on tainted data can be exploited similarly to regular SQL injection bugs. Depending on the code, the same risks exist as with SQL injections: The attacker aims to access sensitive information or compromise data integrity.
Mar 26, 2022 7 tweets 2 min read
#SecurityExplained S-85: Vulnerable Code - 64

This code is vulnerable to Insecure Deserialization Attack.

User-provided data such as URL parameters, POST data payloads or cookies should always be considered untrusted and tainted.

1/n 2/n
 Deserialization based on data supplied by the user could result in two types of attacks:

Remote code execution attacks, where the structure of the serialized data is changed to modify the behavior of the object being unserialized.
Mar 21, 2022 9 tweets 2 min read
7 Cyber Security Conferences Channel You Must Follow

🧵 1/

1. Black Hat

youtube.com/c/BlackHatOffi…
Mar 14, 2022 18 tweets 4 min read
17 Search Engines every Security Professional Must Know

🧵 1/

1. Shodan - Search Engine for the Internet of Everything

shodan.io
Mar 13, 2022 4 tweets 1 min read
#SecurityExplained S-72: Vulnerable Code - 51

This code is vulnerable to SQL Injection attacks.
User-provided data, such as URL parameters, should always be considered untrusted and tainted.

1/n 2/n
 Constructing SQL queries directly from tainted data enables attackers to inject specially crafted values that change the initial meaning of the query itself. Successful database query injection attacks can read, modify, or delete sensitive information from the database ...