https://medium.com/@kumawatabhijeet2002/mastering-xss-cross-site-scripting-attacks-a-comprehensive-guide-to-become-professional-bug-6251058c576e
check out this blog it is to the point π
@AfroSec
check out this blog it is to the point π
@AfroSec
Medium
π Mastering XSS (Cross-Site Scripting) Attacks: A Comprehensive Guide to become Professional Bug Bounty Hunter
Hello, everyone! π
π2
hey fam
i got u something today especially If you're into blue teaming, this site is perfect for you!
It has incredible contentβcheck it out and enjoy the journey ahead!
letsdefend.io
@AfroSec
i got u something today especially If you're into blue teaming, this site is perfect for you!
It has incredible contentβcheck it out and enjoy the journey ahead!
letsdefend.io
@AfroSec
π2
#Advent_Of_Cyber
One down! πͺππ
it was pretty easy and straightforward. The downloaded ZIP file contained two files. One was a Windows shortcut file designed to download malicious malware from a remote serverβin this case, GitHub. This malware was intended to harvest sensitive information. ππ
@AfroSec
One down! πͺππ
it was pretty easy and straightforward. The downloaded ZIP file contained two files. One was a Windows shortcut file designed to download malicious malware from a remote serverβin this case, GitHub. This malware was intended to harvest sensitive information. ππ
@AfroSec
π3π₯1
"if you are CEO of a company and you are dumb enough to leave your login info on posted note on your desk it is not a hack it is barely social-engineering" π : author Gilfoyle
https://youtu.be/Qm7k1CPFkIc?si=VB6U5tx9M2tLYTCL
@AfroSec
https://youtu.be/Qm7k1CPFkIc?si=VB6U5tx9M2tLYTCL
@AfroSec
YouTube
How to Get Someone's Password
It's inevitable that a criminal will make you the target. And one thing they may try to do is steal your password. This video demonstrates the many possible ways they may be able to get your password. Some might be your fault (like clicking a bad link), someβ¦
Forwarded from BePractical
While i have shared a lot of my bug bounty success story with you all, let me share story of my failures!
You know, When i was starting bug bounty hunting, I was unable to report a valid vulnerability for 6 month straight! Every report that i submitted got marked as informative, not applicable and duplicate! At that time, i was very demotivated, stressed and depressed. I was thinking, "Maybe bug bounty is not my thing" but suddenly, I started questioning myself:
1. Didn't i wanted to learn cyber security because it is my passion?
2. Am i only focusing on reporting vulnerabilities instead of improving my skills?
By asking these questions, I understand one thing: I need to switch my focus on learning, improving and hacking instead of getting demotivated because i was not getting any rewards! And eventually, I was able to get that first vulnerability and now i can easily say that i am the better version of myself than before!
You know, When i was starting bug bounty hunting, I was unable to report a valid vulnerability for 6 month straight! Every report that i submitted got marked as informative, not applicable and duplicate! At that time, i was very demotivated, stressed and depressed. I was thinking, "Maybe bug bounty is not my thing" but suddenly, I started questioning myself:
1. Didn't i wanted to learn cyber security because it is my passion?
2. Am i only focusing on reporting vulnerabilities instead of improving my skills?
By asking these questions, I understand one thing: I need to switch my focus on learning, improving and hacking instead of getting demotivated because i was not getting any rewards! And eventually, I was able to get that first vulnerability and now i can easily say that i am the better version of myself than before!
Day 5 - Done! π
it was all about the XXE vulnerability in web apps. It was super fun! If you want to dive deeper into this vuln, I recommend checking out the XXE room on TryHackMe, as well as resources like PortSwigger and PwnFunction's YouTube video [vid ].
I skipped Day 4 and Day 6 because my internet was like shit, but hopefully, Iβll catch up tomorrow!
@AfroSec
it was all about the XXE vulnerability in web apps. It was super fun! If you want to dive deeper into this vuln, I recommend checking out the XXE room on TryHackMe, as well as resources like PortSwigger and PwnFunction's YouTube video [vid ].
I skipped Day 4 and Day 6 because my internet was like shit, but hopefully, Iβll catch up tomorrow!
@AfroSec
π1
Forwarded from α―€ CONTENT ZONE α―€ (ΠΠ΅Π· Π²ΠΎΠΆΠ΄Ρ) (ππ‘π ππ₯π©π‘ππππ)
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯4
You ever have one of those moments where you just stop and think, "Wow, how did I not know this?" π
Well, today I realized something obvious: TOR isnβt just nameβitβs actually an abbreviation for "The Onion Router!" π€― All this time, I thought it was just a catchy title. Silly me, right?
And to make things even better,i barely remember what WiFi stands for... π€ Guess I need to dig into that next.
@AfroSec
Well, today I realized something obvious: TOR isnβt just nameβitβs actually an abbreviation for "The Onion Router!" π€― All this time, I thought it was just a catchy title. Silly me, right?
And to make things even better,i barely remember what WiFi stands for... π€ Guess I need to dig into that next.
@AfroSec
π4
Forwarded from Mira
Collection of resources to learn cyber-security, and pentest in general
https://github.com/Nickyie/Cybersecurity-Resources
https://github.com/Nickyie/Cybersecurity-Resources