Matheus @pwn0bot1
Joined October 2016-
Tweets323
-
Followers151
-
Following814
-
Likes554
Fuzz for directories without killing the host: cat subdomains.txt | while read -r host;do bash fuzy.sh $host;done Save the following code in a file, for example fuzy.sh Code: gist.github.com/R0X4R/411f2ac4… #bugbounty #bugbountytips
If you Are Interested In Developing your Hacking skills Read some amazing @BlackHatEvents pdf <3. Demo Google dork: site:blackhat.com intext:"RCE" filetype:pdf #CyberSecurity #BugBounty #infosec
Added 3 more bypasses and included response length, so that we can use it to compare responses on various conditions #bugbounty #bugbountytips click on the below link to check that out. github.com/iamj0ker/bypas… @stokfredrik @ADITYASHENDE17 @sillydadddy
So many Drupal apps vulnerable to this :) Endpoint: /node/1?_format=hal_json write up: ambionics.io/blog/drupal8-r…
Android security testing Tools: Dex2JAR ByteCodeView JADX Dex2JAR JD-GUI Drozer Baksmali AndroGuard ApkTool QARK AndroBugs AppMon MobSF #Pentesting #bugbountytip #Hacking
Accessing Unauthorized Directories. Various tips not by me, it's collected from various guys and I organized it. Hope it may help you. #bugbounty #bugbountytips @ADITYASHENDE17 @sillydadddy @Alra3ees
Burp Extensions that I use: (1/n) 1. Autorize - To Test BACs 2. Burp Bounty - Profile-based Scanner 3. Active Scan++ - Add more power to Burp's Active Scanner 4. AuthMatrix - Authorization/PrivEsc Checks 5. Broken Link Hijacking - For BLH #bugbountytips #bugbounty
How to brute-force steghide password with bash: $ while read i; do echo -n "$i => "; steghide extract -sf yourimage.jpg -p "$i"; if [ $? -eq 0 ]; then break; fi; done < rockyou.txt
How to find local file read vulnerabilities based on cookies. Request GET /vulnerable.php HTTP/1.1 Cookie:usid=../../../../../../../../../../../../../etc/pasdwd Response HTTP/1.1 200 OK ... Server: Apache root:fi3sER6:0:1:System Operator:/:/bin/ksh// #bugbounty #bugbountytip
1. Send everything to @Burp_Suite for additional scanning. 2. ... 3. Profit? urlgrab --url SITE_HERE.com --ignore-ssl --proxy socks5://127.0.0.1:8080
Rate limit bypass: Add header/s with request X-Originating-IP: IP X-Forwarded-For: IP X-Remote-IP: IP X-Remote-Addr: IP X-Client-IP: IP X-Host: IP X-Forwared-Host: IP If bypass successful, & after a while blocking request again. Increment the last octate #infosec #bugbountytip
“Clickjacking to Account Takeover” by @abhishake100 link.medium.com/R0jhZFPFR6
How to Burp Good – n00py Blog n00py.io/2017/10/how-to…
#bugbounty #bugbountytips Automate sql injection 1.Browse all the application 2. Save all requests from burp to a file 3.Use github.com/Miladkhoshdel/… to automate . If WAF use github.com/m4ll0k/Atlas .thanks @HusseiN98D for showing this. Thanks tool creators !!
SSRF + CRLF + HTTP Pipeline + Docker API = RCE… How dangerous is Request Splitting, a vulnerability in Golang or how we found the RCE in Portainer and hacked Uber link.medium.com/dSWQ6ewPL6
#noobtip . Find subdomains:- amass enum -brute -w /root/wordlist.txt -d target -o target.txt Scan ports:- naabu -ports full -exclude-ports 80,443 -hL target.txt -o out.txt Find vulnerabilities:- nuclei -l out.txt -t nuclei-templates/cves/ -o results
#day33 #100daystolearnandimprove #bugbounty - SSTI again mohamedharon.com/2018/01/reflec… ackcent.com/blog/in-depth-… - Dirsearch payload suggested by @D0rkerDevil raw.githubusercontent.com/danielmiessler…
Hide your Powershell script in plain sight. Bypass all (a lot of ;-) Powershell security features #infosec #pentest #redteam github.com/OmerYa/Invisi-…
A Lot of developers only check the domain and forget about the tld. evil.com is blocked? e.g target.com try target.computer e.g target.net try target.network Simple tip but Effective! #BugBounty #BugBountyTips #Buguard
If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec
Human Red Team @HumanRedteam
852 Followers 1K Following OSINT/SOCMINT/Ethical human hacking/Training & consultancy
Nease @Nease659948
11 Followers 475 Following Vou fornecer algumas dicas e métodos práticos de ganhar dinheiro com o celular, permitindo que você alcance facilmente a independência financeira em casa.
phoenixbioinfosys @phoenixbioinfo1
82 Followers 289 Following phoenixbioinfosys is a portal for everyone who is intrested in biotechnolgy , hacking , networking , bioinformatics
⚡sh4rkd0wn @sh4rkd0wn
159 Followers 2K Following
Mallory729 @Malgal0101
290 Followers 2K Following CHRISTIAN!! Follow God's word & You will have a life of happiness You could Never Imagine! His Word Is The ONLY WAY! STOP BIDEN BEFORE ITS 2 LATE
GPB @__GPB__
13 Followers 92 Following
TheZakMan @thezakman
315 Followers 2K Following Graphic Artist / CTF Player / ʁakɚɹ / Bug Hunter https://t.co/3Wk9WMb53N https://t.co/ob3ot9VgGa 𝓘 𝓟𝓮𝓮𝓹 𝓢𝓱𝓲𝓽
Fábio Lins @atlas_offzz
31 Followers 237 Following
Medxiv Brasil @JuliantoMoen
132 Followers 674 Following Feed RSS de notícias traduzidas somente com resumos relacionado a saúde para se atualizar
can @sevenstringsx
7 Followers 217 Following
Alexandro Abade @alexandroabade
181 Followers 1K Following
Adriana Gomez @AdrianaLoureir3
219 Followers 1K Following Attorney/ Digital Law/ Startup/ Compliance and Data Privacy/Learn/Create/Curious/ Attended#GirlsPowerTech (GPT)Brazil/Technology Enthusiast, Digital Marketing.
Colodro Jr @ColodroJ
14 Followers 312 Following
A TROPA DOS FLUXOS @atropa_df
4 Followers 35 Following MELHOR CANAL DE MANDELÃO, ATIVE O SININHO TÁ, É NAQUELE PIQUE 🎶
SkyNet Tools @SkyNetTools
7K Followers 5K Following Providing the Latest #Infosec #News, #Tools, and #Exploits #BugBounty
Rogi-Mar Cardozo @FuziNot
304 Followers 2K Following Cryptography Engineer && Blockchain Researcher Mastodon: @[email protected]
_ @votsy_totsy
1 Followers 295 Following
CTF Players @CtfPlayers
364 Followers 198 Following A collection with tips and tutorials for those who want to know or improve in CTF (Capture the Flag).
Victor @StiveFreaks
11 Followers 445 Following
ShrimpGO @shrimp_go
195 Followers 89 Following Infrastructure Analyst and Security Enthusiast | ctf @fireshellst
b1nr3v3rs3 @b1nr3v3rs3
1 Followers 104 Following
Eduardo Bruno @EduardoSegInfo
93 Followers 779 Following
/dev/random @0xDezzy
3K Followers 5K Following 🏴☠️ Dallas based security consultant | Anti-Social Social Engineer | High Tech Low Life | 🜏 My views are my own 𖤐
Cyber Sorcerer @Cyber_Sorcery
202 Followers 2K Following Former SysAdmin that switched to Cybersecurity Detection Engineering, Incident Response, Pentest, Purple Team, etc... OSCP | GWAPT | GCSA | CCNP | MCSA
Rodolfo Nützmann @RodolfoNutzmann
311 Followers 3K Following Networking & InfoSec geek since the 20th century.
Lina @d0rkph0enix
37K Followers 10K Following Infosec dork, boxer, poker player, dog owner/operator, spiller of things. Cars, vidya games, and cooking are my jam. #ChiefsKingdom and Royals fanatic. #SecKC
new100 @ricardonilsen
177 Followers 1K Following
ΜΔDΞRΔS @hackermaderas
22K Followers 14K Following Home of #CyberpunkisNow. Hacker, researcher, writer, creating original #Technology #InfoSec #OSINT #Privacy content & analysis.
landaboot @landaboot
27 Followers 457 Following
Clandestine @akaclandestine
49K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |
DC | David Lee @dccybersec
13K Followers 847 Following Freelancing | Cybersecurity | @saferinternetpr![[Hacker + lover of bash] I Don't know how to hack but i know how to pwnd!](https://pbs.twimg.com/profile_images/1176789748322643968/bEReriMR.jpg)
Ahsan Khan @hunter0x7
34K Followers 1K Following [Hacker + lover of bash] I Don't know how to hack but i know how to pwnd!
Harsh Bothra @harshbothra_
43K Followers 741 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
PortSwigger Research @PortSwiggerRes
111K Followers 7 Following Web security research from the team at @PortSwigger
𝓜𝓪𝓻𝓽𝓲�... @xoxomartins
92K Followers 3K Following ! 𝟏𝟖, 𝐬𝐩, ⚤ | “Tudo o que você procura“😈 • Conteúdos personalizados, chamadas privadas e muito conteúdo 🔞🔥 Vem ver tudo aqui 👇🏻
Ruyter @poubelruyter
188K Followers 33 Following Bilionário, filantropo, gênio e humilde. Seja bem vindo.
RedTeam Nation @RedteamN
227 Followers 283 Following Leading the charge in Red Team Training. Taking students from little security knowledge to full Red Teamers to advance their careers. https://t.co/Qj1eaWsY3k
OSINT Combine @osintcombine
22K Followers 661 Following We are leaders in Open Source Intelligence training and services in Australia. #OSINT
Human Red Team @HumanRedteam
852 Followers 1K Following OSINT/SOCMINT/Ethical human hacking/Training & consultancy
Chirag Savla @chiragsavla94
3K Followers 5K Following With Knowledge We Know the Words.. But... With experience We Know their Meaning ! #HOF #Microsoft #BigBasket
John Hammond @_JohnHammond
298K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
👑 King Of Tips �... @KingOfBugbounty
6K Followers 23 Following 👑 OneLineTips project 👑 Github: https://t.co/o8SCytw7Fr Twitter owner: @OFJAAAH
TryHackMe @RealTryHackMe
283K Followers 103 Following An online platform that makes it easy to break into and upskill in cyber security, all through your browser.
Raunak Parmar @trouble1_raunak
2K Followers 1 Following Senior Cloud Security Engineer @WKL_cyber | OSWE | Presenter at @BlackHatEvents @defcon @nullcon | Author of Vajra | ex DJ & Music Producer
Blog do iPhone @blogdoiphone
377K Followers 79 Following Um dos mais populares sites sobre iOS (iPhone, iPad e iPod touch) do Brasil.
Rana Khalil 🇵🇸 @rana__khalil
56K Followers 844 Following AppSec Team Lead | OSCP | CEO & Instructor of @ranakhalilacad
Ashish Kunwar @D0rkerDevil
13K Followers 5K Following ex @Microsoft Security Researcher| Vulnerability Research | Threat Intel | EASM | DE | Penetration Tester | Opinions here are solely mine not my employer
👑 OFJAAAH 👑 @ofjaaah
19K Followers 506 Following Bug Hunter ☣ | Hi I Hacker spare time and not spare time too 🧙♂️. https://t.co/9opHyVyAF6 / Twitch https://t.co/VtHcEj9WCJ
Dominic Chell 👻 @domchell
18K Followers 540 Following Just your friendly neighbourhood red teamer @MDSecLabs | Creator of /r/redteamsec | https://t.co/3k3EBAZqGd | https://t.co/KwO2OwDOkl
Pedro Ribeiro @pedrib1337
9K Followers 342 Following Reverse Engineer | Director @ https://t.co/KuU3tiG1Om | Exploit Chef @FlashbackPwn
Elon Musk @elonmusk
225.4M Followers 1K Following
RedTeamVillage @RedTeamVillage_
36K Followers 2K Following Red Team Village | Join us on https://t.co/ILZhRFw4Y7 . Check our next events at: https://t.co/fJwIUSTI16
Shantanu Khandelwal @shantanukhande
1K Followers 461 Following Cyber Security Researcher. #RedTeam Own Opinions
Đào Trọng Nghĩa @nghiadt1098
2K Followers 1K Following Windows user. Pwn2own Vancouver 2021/2022. Pwner at @dfsec_com. Tweets are my own. https://t.co/4Y2w4FalIC
Ring3API 🇺🇦 @ntlmrelay
7K Followers 3K Following #ThreatHunting / #BlueTeam engineer. I'm just looking for traces in the logs. Reading and retweeting cool stuff. MITRE ATT&CK Defender:CTI,SOCAsses,AE,PTM,THDE.
Diego Aguiar @realdiegoaguiar
132K Followers 16 Following Empresário & Investidor de Alto Risco. https://t.co/tU5bTBuuyk
MacMagazine.com.br @MacMagazine
102K Followers 45 Following Tudo sobre Apple, iPhone, Mac, iPad, Apple Watch, AirPods, Apple TV+, iOS/iPadOS, macOS e mais! Quer falar com a gente? https://t.co/7gRiuxvTnU
Aditya Shende @ADITYASHENDE17
60K Followers 420 Following MS Cyber 🇬🇧 | Work @BforeAI | @Bugcrowd Top 100 | Bug Bounty Trainer | Keynote Speaker | Professional Biker | @kong_sec 🇮🇳 | Own Views ≠ Employment
Sam Curry @samwcyo
97K Followers 1K Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
Hussein Daher @HusseiN98D
49K Followers 197 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 21th/270000 BugCrowd Hacking Platform
Katie Paxton-Fear @InsiderPhD
93K Followers 2K Following Dr, apparently. Security Adovcate @semgrep & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
LADRÕES SE DANDO MAL... @Iadroes
116K Followers 46 Following Perfil NÃO recomendado para menores de idade 🔞
JesusCopy® @Jesus_copy
152K Followers 392 Following Fomos criados para ser uma cópia de Jesus e nada vai nos impedir de cumprir esta missão! Conheça a Loja JesusCopy👇🏼
HAHWUL @hahwul
11K Followers 257 Following 🔥 Offensive Security Engineer, Developer and H4cker. Feel free to call me HAH-hul or HOWL—whichever you prefer!
November Rain @xchopath
1K Followers 57 Following Not your favourite infosec guy • Pentester by day, mood-driven 'lazy-ass' hunter by night • OSCP / PNPT / CEH.
HackerOnTwoWheels @HackerOn2Wheels
11K Followers 602 Following I hack things and ride motorcycles. Co-Founder of Talaria Security Labs and UGWST. OSCP | OSCE | OSWE | eWPT | RTO 🇧🇷🇺🇲🇯🇵🇪🇸 Jesus is Lord.
Kei @keikane_
5K Followers 392 Following Founder @aiko_corp. AI/infosec. Weeb Exploit Dev. Perpetually Tired.
Adriano Ribeiro @adriano_srib
553 Followers 2K Following Security Researcher / Captain and founder of the FireShell Security Team.
Praveen Nair @m4lv0id
1K Followers 2K Following Red Teamer (OSCP, eCPPT, CREST CRT, CRTP, CRTE) | CTF player @hackthebox_eu : https://t.co/BzgLlY16YO Keybase : https://t.co/WH2V5ZNiC3
Red Team Village @redteamvillage
2K Followers 130 Following Founded in 2017, we're one of the oldest community driven combat readiness village for Adversarial attack simulation and Red teaming tactics.
Sreehari (Invisible) @sr33h4ri
419 Followers 780 Following Red Teamer | Goon: @dc0471 | Core team @AdversaryVillag at @Defcon villages |
/dev/random @0xDezzy
3K Followers 5K Following 🏴☠️ Dallas based security consultant | Anti-Social Social Engineer | High Tech Low Life | 🜏 My views are my own 𖤐
JampaSec @jampasec
261 Followers 484 Following O evento de Segurança da Informação de João Pessoa! 📅 12 de setembro de 2020 🏫 IESP Faculdades
Trends for United States
You might like
