Since we are talking about Polyglots, today I have SQLi Polyglot for you.
A context insensitive sqli payload polyglot, a thread. 🧵👇
#infosec#appsec#bugbountytips#security
When it comes to SQLi, the SQli polygot is the payload that runs in context of ' (single quote) and " (double quote).
E.g
SLEEP(1) /*' or SLEEP(1) or'" or SLEEP(1) or "*/
But the tricky part is how to exploit it.
If you disect the code, you would notice that SQL statement should always return one single word. Otherwise comparison will anyway fail in PHP code.
SOP 🫧, Same Origin Policy.
A browser security framework that every #hacker should know.
Know what is it in this thread 🧵👇
#infosec#security#appsec#cybersecurity#SOP#http
SOP is browser security model, and I find lot of folks out there, who still dont understand it in and out.
Let me cover it here, in few threads.
Let's Start.
Jul 30, 2022 • 12 tweets • 3 min read
📄 I have reviewed nearly 250+ resume for security engineering role in my company, recently !!
🚀Below are few suggestions for a good RESUME from hiring perspective.
🧵👇
#infosec#security#InfoSecJobs#resume
Header
↓
Summary
↓
Work Exp
↓
A Section for Books, Patents, Blogs, OSS, Certs Etc
↓
Your Skill relevant to job you are applying.
↓
Awards & Recognition
↓
Educational Qualifications (Last thing I care for)
↓
Who are you out of work.
Oct 10, 2021 • 7 tweets • 3 min read
🚨🚨 Another 10K giveaway
50 Like - Burp Suite Ext Dev - 10 Coupons
100 Likes - SOP Zine - 10 Coupons
150 Likes - Web Auth Zines- 10 Coupons
200 Likes - Bundle - 3 Coupons
Turbo intruder: Power of Python with @Burp_Suite Intruder.
I use it to tailor my pen-testing for a specific target and targetted #bugbounty
#infosec#appsec#bugbountytips#bugbountytip#security
How to - 🧵🙃👇 1/n Using: CE so that everyone can explore.
Intruder in CE is limited in multithreading, Turbo-Intruder can overcome that.
- Install through Extender
- Send req to the plugin.