You are loved by your creator.
“Very rarely will anyone die for a righteous person, though for a good person someone might possibly dare to die. But God demonstrates his own love for us in this: While we were still sinners, Christ died for us.” - Romans 5:7-8
On the third day,…
You are loved by your creator.
“Very rarely will anyone die for a righteous person, though for a good person someone might possibly dare to die. But God demonstrates his own love for us in this: While we were still sinners, Christ died for us.” - Romans 5:7-8
On the third day,…
You're using Burp Collaborator wrong.
Don't use Burp's default collaborator instance when testing for out of band vulnerabilities.
Many companies use egress filtering & block outbound traffic to the default collaborator domain oastify.com
It's worth setting up a…
Doing code analysis?
Use cursor.sh by @anysphere!
Whether you’re digging through a language you know or adventuring into a new one, using AI can definitely be helpful.
Don’t think it’ll replace us yet, but auditing got more accessible.
#typefully day 10
Finding vulnerabilities first = you get paid.
Want to be the first to hack on new functionality? Monitor your target’s JS files for new paths or parameters.
(automate with a headless browser to grab all dynamically loaded JS)
#typefully day 9
Focus is a competitive advantage.
It’s tempting to jump around, but deep focus on one thing pays off.
This applies beyond hacking, but you should stick to a target for a long time and become an expert.
For example, @nnwakelam knew more about Yahoo than any Yahoo employee…
You're probably directory brute-forcing wrong.
You should be methodical when targeting frameworks such as Express, Rails, Flask, Django, etc.
2/ By default, ffuf uses the GET HTTP method.
You should be fuzzing with different HTTP methods.
Try using a wordlist multiple times…
Companies run software they don't write.
Ex: Jira, GoAnywhere, etc.
Finding vulns in these types of software = lots of vuln targets = $$$
So, do code review!
Need the source? Find the software AWS's AMI Catalog.
Launch a server. SSH in. Pull it. Review it
#typefully day 4
197K Followers 1K FollowingCofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
161K Followers 6K FollowingThe leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
88K Followers 2K FollowingHacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_content
34K Followers 288 FollowingTweeting about Application Security, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my own
176 Followers 2K FollowingTime is valuable.. don’t waste it. I’m still learning and teaching. I make websites and cli software. #html, #css, #javascript, #python.🦾🦾. No love lost 😞.
197K Followers 1K FollowingCofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
161K Followers 6K FollowingThe leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
34K Followers 288 FollowingTweeting about Application Security, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my own
289K Followers 3K FollowingThe only official HackerOne Twitter account.
Peace of mind from security's greatest minds. #HackForGood #togetherwehitharder
32K Followers 429 FollowingHacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 5 years. YES Team Member
269K Followers 4K FollowingCo-founder of Tiny w/ @_Sparling_. We own @Dribbble, @Letterboxd, @AeroPress, and other wonderful companies. Funding science and journalism at Tiny Foundation.
33K Followers 4K Followingsolo gp investing in preseed and seed companies building in the future of work and play @behind_genius 🌱 also wrote a kid’s book about VC
11K Followers 2K FollowingGeneral Partner @redbudvc | Idea to Pre-Seed | Building a top-tier fund in middle America investing coast-to-coast 🎰 Pitch Us: https://t.co/yPbxSOsyls
47K Followers 2K FollowingChief Marketing and Revenue Officer @jonesroadbeauty. I write a weekly newsletter that will make you a better marketer. Sign Up: https://t.co/gG8NCklM27
632K Followers 575 Followingentrepreneurship zealot, grounded technology possibilist, believer in the power of ideas, passionate about sustainability & impact
490K Followers 52 FollowingCreator of Ruby on Rails, Co-owner & CTO of 37signals (Basecamp & HEY), NYT best-selling author, and Le Mans 24h class-winner. No DMs, email: [email protected]
14K Followers 4K FollowingPrincipal Vulnerability Researcher at spiderSilk. I turn keystrokes into pixels, like code on canvas. Salsa farmer. Firefox Dev. Views & code = my own.
5K Followers 2K FollowingBuilding @SMBdotco to help you buy/sell/operate profitable small businesses. Marketer turned dev. Ex-travel & RV tech growth. Founder https://t.co/BR3PhyczFM studio
799 Followers 1K FollowingFounder @rubix_agency - a marketing firm specialized in paid digital and performance PR | Growth advisor @primaryvc | former mattress salesman |@UWBadgers fan
21K Followers 1K FollowingCrafting micro-resorts & boutique hotels | Designed, built and sold Live Oak Lake | Course & community @xhospo | Free 7-day crash course👇🏼
62K Followers 293 FollowingBill Gross is a renowned expert in the bond market and is at the forefront of thought leadership on the subject of fixed income investing. https://t.co/uyMZ9DarCd