🔥 Puredns v2.1.0 has been released!. This update comes with quality of life features:. ☑ Bruteforce many domains at once.☑ Specify bruteforce location in domain.☑ Flag to use trusted resolvers only.☑ . more!. 🚨 Please RT and like for reach! ♥🤗.

Highly recommended!.

RT @d3mondev: @NahamSec Bug bounty hunting is a mental game, so remember this: there's always one more bug. Developers are humans, and hum….

As a bug bounty hunter, I’m sooo happy with all the AI tools that allow non-engineers to push code in production 🤑.

RT @0xtavian: How to choose remote wordlists or upload your own local wordlists when running a module that has the _wordlist_ variable!. He….

TIL that CAA records can cause notifications when a certificate is requested from a CA that isn't permitted for the domain. A subdomain takeover slipped through my fingers because of that. They fixed it before I could submit a report. Always check those CAA records first!.

I wish I could better show appreciation to some of the triagers who are awesome. Like with a tip or something. (this is probably a terrible idea).

RT @smiegles: 🚀 Introducing SanicDNS 🚀. Looking for lightning-fast domain resolutions? SanicDNS resolves up to 5M domains per second! 🏎️💨….

Another lightbulb moment! Having Claude 3.5 Sonnet write my commit message from a git diff. Better documentation than I could ever write 🤯.

I'm super happy with Open WebUI. I'm running Claude 3.5 Sonnet and ChatGPT 4o side by side while coding. They often give me a different perspective. I unsubbed from ChatGPT and will use the API exclusively from now on.

In my anecdotal experience, I prefer code written by Claude 3.5 Sonnet over ChatGPT 4 about 70% of the time. I find the code is cleaner, more idiomatic, and that the prompt is more closely respected.

Me: Haven't hacked in a long time. Time to get back in the saddle!. Also me: Opens vim and starts coding instead.

RT @d3mondev: This is the story of my best and most fun hack to this date! Takeaways at the bottom. Found a single page app that asked for….

RT @joaxcar: What about. x.y.z("test-INJECT"). should not be too hard.

It's like a rainbow of words.

I don't hunt very often but I look forward to more hacking next year. Hopefully I'll have more stories to share!.

💡Takeaway #3: An idea is always worth testing, even if it is unlikely to succeed. I never thought using a JSESSIONID cookie obtained from a different path would work.

💡Takeaway #2: When I hit a redirect to a login page, I'm ALWAYS going to try repeating the request at least 100 times to see if I can bypass. That may not work ever again. but who knows!.

💡Takeaway #1: Setting a goal helped me push through. Even though I didn't find the information I needed to login to the app legitimately, continuously searching for it led me to find multiple issues and kept me going.

😤 Followed a two-month long battle to have one of those two reports not marked as duplicate of the other, but in the end they both got triaged and paid. I also found a 3rd vulnerability, but unfortunately that one had already been reported by someone else earlier.

I can't really explain that one. My best guess is that there was a misconfigured load balancer in front of I wrote that in a report and provided my curl script to reproduce the issue easily and called it a day.