ಟ್ವೀಟ್ಗಳು
- ಟ್ವೀಟ್ಗಳು
- ಟ್ವೀಟ್ಗಳು & ಪ್ರತಿಕ್ರಿಯೆಗಳು
- ಮಾಧ್ಯಮ
@PaulosYibelo ತಡೆಹಿಡಿಯಲಾಗಿದೆ
ನೀವು ಖಚಿತವಾಗಿಯೂ ಈ ಟ್ವೀಟ್ಗಳನ್ನು ನೋಡಲು ಬಯಸುವಿರಾ? ಟ್ವೀಟ್ಗಳನ್ನು ನೋಡುವುದು @PaulosYibelo ಅವರನ್ನು ತಡೆತೆರವುಗೊಳಿಸುವುದಿಲ್ಲ.
-
ಪಿನ್ ಮಾಡಿದ ಟ್ವೀಟ್
Exploiting Most PHP upload boxes with CVE-2015-2348 http://www.paulosyibelo.com/2015/03/exploiting-php-upload-forms-with-cve.html …
#research#poc#php -
Releasing… ==== http://INCEPT10N.com A polyglot inception written in four file formats – all at the same time: = JPEG = CSS = JS = HTML
-
Coming across an XSS vulnerability at Google sites is wrong I expected http://nootropic.me/blog/en/blog/2016/09/20/%e3%82%84%e3%81%af%e3%82%8a%e3%83%8d%e3%83%83%e3%83%88%e3%82%b5%e3%83%bc%e3%83%95%e3%82%a3%e3%83%b3%e3%82%92%e3%81%97%e3%81%a6%e3%81%84%e3%81%9f%e3%82%89%e3%81%9f%e3%81%be%e3%81%9f%e3%81%begoogle/ …
-
Another Cisco WebEx 1.0.5 RCE (Arbitrary Command Execution in via Module Whitelist Bypass) found by
@taviso https://bugs.chromium.org/p/project-zero/issues/detail?id=1100 …pic.twitter.com/PYbWvUmJBC
-
There was a secret URL in WebEx that allowed any website to run arbitrary code. ¯\_(ツ)_/¯ https://bugs.chromium.org/p/project-zero/issues/detail?id=1096 …
-
Super interesting work by
@cure53berlin on CSP bypasses!https://twitter.com/patricktoomey/status/822137306907873282 … -
The bug is finally fixed: How to inject JS in a static PDF to steal it without user interaction http://insert-script.blogspot.co.at/2016/10/pdf-how-to-steal-pdfs-by-injecting.html …
-
Best pull request comment ever?https://github.com/rapid7/metasploit-framework/pull/7815 …
-
Hacker tip: always be coding - it'll broaden your perspective on how software is build and learn you new tricks how to get around defenses.
-
GitHub Enterprise SQL Injection - Incorrect usage of Rails ActiveRecord leads to SQL Injection
#BugBounty http://blog.orange.tw/2017/01/bug-bounty-github-enterprise-sql-injection.html … -
[ 2013 ] NSA: We made a database of everyone. Wikileaks: THIS IS AN OUTRAGE! [ 2017 ] Wikileaks: We're gonna make a database of everyone.
-
-
Kaspersky identified SSL certificates by a 32bit fingerprint (!!!), making it trivial for MITM to create collisions. https://bugs.chromium.org/p/project-zero/issues/detail?id=978 …
-
Two days ago someone registered a British company called `; DROP TABLE "COMPANIES";-- LTD`. Oh well... https://beta.companieshouse.gov.uk/company/10542519 …
-
@sirdarckcat hah, my CSP nonce bypass: https://jsbin.com/vigodiqifo/ -
@kkotowicz@sirdarckcat <animate> works as well of course <svg><animate href=#x attributeName=href to=//14.rs /><script id=x src=x></script -
Another type of CSP nonce bypass. FF+Chrome. Works with traditional reflected XSS. http://sirdarckcat.github.io/csp/fakexss.html … Happy new year!
-
Throwing 1 more in there ;)
#Zend Framework zend-mail#RCE#exploit CVE-2016-10034#infosec#itsecurity#php#php7 https://legalhackers.com/advisories/ZendFramework-Exploit-ZendMail-Remote-Code-Exec-CVE-2016-10034-Vuln.html …pic.twitter.com/XDeWBZh9DY
-
ጳውሎስ 파울로스 ಹಿಂಬಾಲಿಸಿದ್ದಾರೆ Devdatta Akhawe, Andrew Leonov, null Amsterdam and 6 others
-
@frgx
Security Engineer at Dropbox. Previously, Berkeley CS Grad. Opinions are my own, and mostly wrong. Him/he.
-
-
-
Amazing Row Hammer presentation by
@brainsmoke creates factorizable SSH keys with bit flips.pic.twitter.com/9rb7NU7ycH
ጳውሎስ 파울로스
Martin Kleppe
yappare
x0rz
Tavis Ormandy
Eduardo Vela
Andrew Leonov
alex
HD Moore
Jobert Abma
Orange Tsai
Pro-bono Pyromaniac
Josh
Ingvar Stepanyan
长短短
.mario
Dawid Golunski
Trammell Hudson™
ಲೋಡಿಂಗ್ ಸಮಯ ಸ್ವಲ್ಪ ತೆಗೆದುಕೊಳ್ಳುತ್ತಿರುವಂತೆನಿಸುತ್ತದೆ.
Twitter ಸಾಮರ್ಥ್ಯ ಮೀರಿರಬಹುದು ಅಥವಾ ಕ್ಷಣಿಕವಾದ ತೊಂದರೆಯನ್ನು ಅನುಭವಿಸುತ್ತಿರಬಹುದು. ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ ಅಥವಾ ಹೆಚ್ಚಿನ ಮಾಹಿತಿಗೆ Twitter ಸ್ಥಿತಿಗೆ ಭೇಟಿ ನೀಡಿ.