Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Sachin Grover Profile picture
Sachin Grover
@maverickNerd
Linux Security Engineer | OSCP | Thinker | Motivator | Traveler | Learner
Tyler Sparks Profile picture 1 subscribed
Jan 6, 2020 4 tweets 1 min read
CSRF Bypasses:
1. Check if there is any CSRF token in request, if yes, remove token and send request, is it bypassed? Modify the CSRF token to any other CSRF token, Check if CSRF token is matched with any cookie token, if yes, you can bypass this. 2. You are seeing no CSRF token? Don't be overexcited.
3. There can be origin check on server side, This CSRF protection is done using CORS policy.
4. Origin is always send by the browser, you can't modify or send your own Origin by XMLHttpRequest or Fetch API.
Jul 26, 2019 9 tweets 3 min read
There were some days when I wasn't learning anything,I was not satisfied with the way life was going on,then I heard about most challenging certificate in security #OSCP.I read more than 100 reviews of it and everyone was calling it as tough and requires "TRY HARDER" attitude. I registered 4 it because I want huge kick on my ass.On first day,I don't even know abt port scanning.Yes,I was ok/somewhat good in linux but never went deep into topics which can be used in exploitation,never knew in my life that gathering info is having significant importance.