Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
@jub0bs@infosec.exchange (also jub0bs.bsky.social) Profile picture
@jub0bs@infosec.exchange (also jub0bs.bsky.social)
@jub0bs
#infosec enthusiast • #golang dev & trainer • @GoSXBGo • minimalist • #degrowth advocate • atheist • chaotic good • trying to make sense of the Web • he/him
Aug 29, 2021 4 tweets 1 min read
Perhaps you're attacking an API with a solid CORS configuration, and your form-based CSRF attack using "text/plain" is failing because the server replies that it expects "application/json". 😭 Try this trick... 1/3 #bugbountytips Send a no-CORS request with content type "text/plain; application/json". If your request only contains CORS-safelisted headers, no preflight request will be triggered! 🤯 2/3 UntrueTautTriangle.jub0bs.repl.co
Jun 26, 2018 19 tweets 5 min read
I'm only halfway through Bertrand Meyer's 2014 book, "Agile! The Good, the Hype and the Ugly", but it's already proven its worth as a lucid, unrestrained appraisal of #Agile principles and methodologies. Here are a few passages that resonated with me... "#XP's insistence that [pair programming] should be the absolute rule [...] makes little sense conceptually, as it neglects the role of programmer personality (some excellent developers like to concentrate alone and will resent having to be paired) [...]"