hakluke
@hakluke
Followers
88,338
Following
1,725
Media
779
Statuses
12,753
Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_content
🇦🇺🦘
Joined July 2017
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Will Still
• 123409 Tweets
Rio Grande do Sul
• 109632 Tweets
#MOONLIGHT_MVTeaser
• 94331 Tweets
プロフェッショナル
• 54135 Tweets
RPWP CONCEPT PHOTO 2
• 47000 Tweets
JOONGDUNK LOVE WORKPOINT
• 34776 Tweets
YOASOBI
• 28234 Tweets
青山先生
• 27947 Tweets
SDカード
• 24528 Tweets
عدنان البرش
• 15686 Tweets
#無責任でええじゃないかLOVE
• 14127 Tweets
VACHSS
• 13809 Tweets
排外主義的
• 13664 Tweets
Due to COVID19, all TCP applications are being converted to UDP to avoid handshakes.
53
326
2K
I want to keep track of the latest cybersecurity news.
I also don't want to spend all my time on Twitter.
Here are 5 great cybersecurity news outlets that I rely on!
🧵👇
54
492
2K
This huge Twitter thread contains what I think are all of the best resources for learning to hack in 2021.
Buckle up!
Here we goooo! 👇
20
564
2K
Become an Nmap pro in 30s 👇🕥
Nmap is a port scanner, but it does much more including service/OS detection and even vuln scanning.
By default nmap does a standard TCP SYN scan on the top 1000 ports of host.
$ nmap host
For more verbosity use -v or -vv.
$ nmap -vv host
🧵👇
68
562
2K
I don't think that most people use Amass effectively, or understand how powerful it is. Here's how I personally use it.
25
544
1K
Giveaway! 🎉
I'm going to buy someone a new MacBook Pro M2 13".
To enter, retweet this tweet, then follow:
@hakluke
,
@hacker_content
&
@haksecio
.
If you're a cybersecurity org looking for high quality content and social media management, check out 👇
546
2K
1K
I use this tool regularly!
It's very simple, it does reverse DNS lookups as fast as possible. It's a great way of discovering domains and subdomains owned by a company when you know their IP address range(s).
38
291
1K
FINALLY releasing hakrawler!
A web crawler for hackers! Check out the blog post for details.
27
449
1K
Hi all, dropping another tool today. This one is very simple, it does reverse DNS lookups as fast as possible.
It's a great way of discovering domains and subdomains owned by a company when you know their IP address range(s).
Check it out:
26
479
1K
I have created a lot of useful little hacking tools over the last few years, sometimes I tweet about them, sometimes I don't.
Here's a list of some of the most useful ones, and a brief explanation of what they do! 🧵👇
57
340
1K
Much like Amass, a lot of people don't use Nmap to its full potential. Here's a bunch of tips on how I use actually use Nmap.
If you get something out of this article, share it!
26
456
1K
Cybersecurity has a huge marketing problem.
We are still spending a silly amount of energy trying to convince orgs that security is important.
68
147
1K
Try this when testing webapps:
1. Set up burp in browser1
2. Do a password reset request in browser1
3. Open the password reset email in browser2 and copy the token
4. Search your Burp history for the token, if it is there, you've got yourself a nice easy account takeover!
15
365
1K
I once did an internal network pentest for a large hotel chain. I sat down with a coffee, the head of IT had just finished telling me I won't find much.
The DC was vulnerable to Eternal Blue. I was DA before I finished the coffee.
This was 2 years after eternal blue dropped!
30
51
1K
This is my day-to-day hacking tool stack:
🛠️ Burp
🛠️ Nmap
🛠️
@securitytrails
🛠️
@Shodanhq
🛠️
@spiderfoot
🛠
@ipinfoio
🛠️ My own tools ()
🛠️ Everything by
@pdiscoveryio
🛠️ Everything by
@tomnomnom
That covers about 99% of my hacking 🤷♂️
9
261
1K
When hacking webapps, I have a little bag of bugs I always check for that are commonly missed. Here's one: I check if signing up with the same username as a deleted account will give me access to their old data.
What's your favourite little bug that others often miss?
24
239
999
Most people click phishing links because they fell for the pretext. I click phishing links because I know it's a phishing link and I'm curious about their tactics.
32
89
980
For those who have been in the cybersecurity game for a while now - what advice would you give your younger self, in a single tweet?
309
132
963
Nmap tutorial time!
Nmap is a port scanner, but it does so much more including service/OS detection and even vuln scanning.
By default nmap does a standard TCP SYN scan on the top 1000 ports of host.
$ nmap host
For more verbosity use -v or -vv.
$ nmap -vv host
THREAD ⬇️
16
327
944
If I want to quickly, manually spray an application input, I use this payload:
'"><svg/onload=alert()>{{7*7}}
It's fairly short, and will give indicators of basic SQLi, XSS and SSTI vulnerabilities.
Disclaimer: This isn't a replacement for proper testing.
10
282
909
can be super useful for bypassing filters to exploit SSRF vulnerabilities.
<anything>.<IP>.nip.io will redirect to the <IP> you specify.
For example:
will resolve to 1.1.1.1
I learned this from here:
3
321
902
Before learning hacking, get some fundamental knowledge in:
- Networking
- Coding
- Linux
The stronger your foundational knowledge is, the more stable it is to build on.
What are some other things that are good to have fundamental knowledge in?
59
172
888
Well folks, I tried Google Keep, then Notion, then Obsidian. I even tried Microsoft OneNote at one point.
I'm back to using Apple notes.
This meme sums up my process perfectly.
110
75
883
There is still SO MUCH CSRF to find in bounty programs.
CSRF comes in many forms. Try:
- Removing the token parameter entirely
- Setting the token to a blank string
- Changing the token to an invalid token of the same format
- Using a different user's token
More in thread 👇
15
288
848
IPs go in ---> hostnames come out! 🚀
Useful for finding domains and subdomains belonging to a company from their IP addresses!
Install now. Link in thread 🧵👇
7
185
850
Serious hacking tip: have another hobby in your life that doesn't involve computers.
48
102
838
Me after doing my 4th annual pentest for the same client, finding all the same vulnerabilities again
17
64
853
Okay infosec twitter - I'd love your help to write a blog! What are your most frequently used hacking tools currently?
(p.s. you can't say a programming language)
I'll start:
Burp Suite
ffuf
nmap
curl
nuclei
160
109
801
Did you know you can now use ngrok without even installing ngrok? 😱
11
201
801
Cybersecurity is a whole industry that is based around mistakes being made in other industries. So weird.
29
123
780
What are your top 3 cybersecurity related twitter accounts that provide you the most value?
👇
161
117
772
I want to keep track of the latest cybersecurity news.
I also don't want to rely solely on Twitter.
Here are 5 great cybersecurity news outlets that I rely on daily! 👇
30
182
742
This is my day-to-day hacking tool stack:
🛠️ Burp
🛠️ Nmap
🛠️ Httpx
🛠️
@securitytrails
🛠️
@Shodanhq
🛠️
@spiderfoot
🛠️ My own tools (mostly open source on github)
🛠️ Everything by
@projectdiscoveryio
🛠️ Everything by
@tomnomnom
That covers about 99% of my hacking 🤷♂️
20
145
745
You’re about to start hacking a web application.
What’s the first thing you do?
317
97
717
I hope you enjoy my latest blog post "How to Hack Your Ex-Girlfriend's Facebook Account"
70
116
745
Become an Nmap pro in 30s 👇🕥
Nmap is a port scanner, but it does much more including service/OS detection and even vuln scanning.
By default nmap does a standard TCP SYN scan on the top 1000 ports of host.
$ nmap host
For more verbosity use -v or -vv.
$ nmap -vv host
👇
40
219
735
If you could choose one hacker to spend the next 12 months teaching you everything they knew, who would it be? 🤷♂️
👇
731
87
725
For all you redditors out there, I’ve compiled a list of Cybersecurity subreddits, enjoy!
19
182
714
What song would you play when you're in an office and all of the computers suddenly start displaying this?
448
62
707
Bug bounty rules:
- Go deep
- Focus on areas that other people don't/can't
- Read the documentation
- Don't compare yourself to others
- Try everything
- Detach from the outcome
11
125
686
Okay here's the deal.
I'm giving away 100
@TCMSecurity
training courses. 50 of them are the Practical Ethical Hacking course, and the other 50 are Practical Malware Analysis & Triage.
To enter:
1. Retweet this tweet
2. Follow
@hakluke
,
@haksecio
and
@hacker_content
Good luck!
162
845
655
If you want to pursue cybersecurity as a career, the most important skill you can develop is ✨ communication ✨.
31
57
672
Did you know that Google open sourced their fuzzing dictionaries? 📚
📚
5
196
678
The first (and most difficult) step to learning hacking is to get off Twitter.
33
52
660
@typjohns
Actually this truck is from a random post on reddit:
The picture is fake, I'd guess the story is too!
47
11
684
List the associated CIDR ranges of a domain that are owned by the same organisation with haktrails associatedips! 🚀
Install haktrails now 👉
9
219
638
How to hack web applications in 2023: Part 1 🚀
💻 Types of web apps
⚙️ Setting up for testing
🪲 RCE
🐞 SQLi
🐛 XXE
🪳 Insecure Deserialization
🐜 XSS
And that's just Part 1! 😱 👇
#hacking
#pentesting
#bugbounty
12
187
624
It's 9am and I'm 2 coffees deep on a Monday morning.
Time for a thread about starting and building your cybersecurity career.
👇🧵
25
129
622
One of my tools, hakrawler, has been added to Kali Linux 2022.2!
This really means a lot to me. I remember using Kali back when it was called BackTrack when I was in high school. I never thought I would write a tool that would be included!
34
28
603
10
190
598
A Bach. of Cybersecurity from a major university in Australia takes 3 years and costs $16,308 USD (after government help) plus textbooks and other random uni fees.
For that price you could get:
- OSCP
- OSEP
- OSWP
- PNPT
- CISSP (training material and exam)
... 🧵👇
51
91
606
Huge announcement:
I quit my job at Bugcrowd!
Read the blog / watch the video to find out why, and what I'm doing next.
97
51
602
Discovering the origin host behind a reverse proxy with hakoriginfinder! 😱
Useful for bypassing cloud WAFs! 💪
Install here 👉
3
184
594
When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:
dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u <target>
16
226
583
Hacking is a mentality that can be applied to much more than computers.
31
95
537
The ultimate OSCP guide: Part 1 - Is OSCP for you?
🤔 Would I recommend it?
⏰ How much time do you need?
🧑🔬 How much lab time should you purchase?
🙋 How to ask good questions
💡 Exam tips
Some info is out of date but most is very relevant.
9
135
546
As a security professional I have been working very hard since the log4j exploit was released to create high quality memes.
14
39
545
Did you know
@Cloudflare
released an open source vulnerability scanner that is based off Nmap and Vulners?
👉 Nmap locally within a container
👉 Push results to cloud
👉 Deploy the scanner on Kubernetes
It looks amazing! How did I only just find out?
6
141
525
Did you know that you can run ngrok without even installing ngrok by using as a SSH reverse tunnel?
ssh -R 80:localhost:80 http
Is the equivalent of:
ngrok http 80
🤯
9
110
514
There has never been a better time to test if "no log" VPNs actually do keep logs.
8
62
493
I just hit 30k followers 😊
To celebrate giving away 30
@PentesterLab
subscriptions.
To enter, quote tweet this with a message of gratitude to someone that has helped you become a better hacker/human.
Thanks to
@PentesterLab
/
@snyff
who provided 50% of the subs.
❤️🧡💛💜💚
93
78
491
Soon I'll be releasing hakrawler, a fast web crawler for extracting endpoints + assets from web applications. It allows crawling at scale over large domain sets.
I can wait to let this loose on bug bounties!
Follow me on Github to know when it drops:
14
114
481
When you start to learn hacking you think you don't know anything, but after studying it obsessively for years, you KNOW you don't know anything.
30
66
476
How to ACTUALLY get started with bug bounties. This may sound brutal, but it is the advice that 90% of my inbox needs to hear.
25
91
467
Trying this out tonight:
1. Get a list of IP addresses owned by an org using their ASN, or any other technique
2. Get a list of subdomains using any subdomain enumeration technique
3. Try every subdomain as a vhost on every IP address that is running a web server
4. $$$?
22
89
469
python2 is being deprecated, so it's time to switch:
python -m SimpleHTTPServer
with
python3 -m http.server
Thanks
@rabb1t0x21
!
8
161
460
Have you created any cool tools on GitHub? I want to see them, half finished or not! Drop them in the comments with a description about what it does.
I'll start :) give hakrawler a URL, it will give back URLs and locations of JavaScript files. Fast!
62
110
456
How to hack web applications in 2023: Part 2 🚀
🪲 SSRF
🐞 Business Logic Vulns
🐛 IDORs
🪳 Authentication Issues
🐜 CSRF
🕷 Directory Traversal
🦟 File Inclusion
And that's just Part 2 😱 👇
#hacking
#bugbounty
#pentesting
9
128
462
Here are 6 of my favourite sources of recon data:
👇
-
-
-
-
-
-
-
They're like search engines for hackers!
16
150
451
This is the No. 1 mistake people make when they are pentesting. Don't do this!
33
81
452
Quickly get the ASN of an IP address, along with the associated company name and location:
curl <ip>
This is a great way to confirm ownership of an IP/domain. It also is a great way to services that might be in use (AWS/Azure/Cloudfront/Akamai, etc.)
9
150
449
If you find a S3 subdomain takeover, you need to set up the S3 bucket in the correct region, otherwise it doesn't work.
To find the region, use `dig` to get the IP address, then put the IP into to grab the region easily.
3
113
445
Hacking is a mentality that can be applied to much more than computers.
19
59
446
How To Hack Web Applications in 2023: Part 2
🐞 SSRF
🐛 Business Logic Vulnerabilities
🐜 IDORs
🕷 Authentication issues
🦟 CSRF
🪲 Directory traversal
🪳 LFI/RFI
Learn how to hijack web applications before attackers do 👇
7
132
439