Leaderboard

Ai semnat un contract?Ce scrie pe el? Asa va trebuie daca semnati ca primarii fara sa cititi.

Vand laptop Lenovo Y50-70, cumparat de la eMag, mai are garantie pana in August (putem rezolva in caz de probleme chiar si dupa garantie). Daca vreti detalii scrieti aici. Cine e hotarat da PM, cine combina dinozauri....sa mai bage o fisa ca nu accept. Pret de plecare 3500lei - in banii astia intra 16Gb RAM, SSD de 512Gb si HDD de 1Tb. Cine vrea poate renunta la o parte din memorie sau din HDD, SSD etc si mai negociem pretul. Specs: i7-4720HQ 3.6Ghz 6Mb cache 16Gb RAM SSD 512gb + 1Tb nVidia GTX GTX960M de 2Gb si 128bit Baterie 6 celule (2-3h) ODD extern Incarcator cu fast charging Pics: https://goo.gl/photos/2THKuqNMssJzRHCAA

Titlul e cam slab ales, pune screenshot / poza la factura aici fiecare lucru taxat trebuie sa-ti apara.

aHR0cDovL3guY28vNmxnUlU= (valabil 7 zile)

Understand the web application penetration testing methodology and toolkit Interact with web applications using Python and the Requests library Write a web crawler/spider with the Scrapy library Create an HTTP bruteforcer based on Requests Create a Password bruteforcer for Basic, NTLM, and Forms authentication Detect and exploit SQL injections vulnerabilities by creating a script all by yourself Intercept and manipulate HTTP communication using Mitmproxy Download (valabil 7 zile): aHR0cDovL3guY28vNmxnRGQ=

[h=1]IP.Board 4.1.4.x - Persistent XSS Vulnerability[/h] # Exploit Title: IP.Board Persistent XSS Vulnerability # Date: 29/10/2015 # Software Link: https://www.invisionpower.com/buy # Software version : 4.1.4.x # Exploit Author: Mehdi Alouache # Contact: mehdi.alouache@etu.univ-lehavre.fr # Category: webapps 1. Description Any registered user can execute remote javascript code by sending a private message to another user. The malicious JS code has to be written in the title of the message, and the receiver must have enabled the notifications when a new message is delivered. Note that the code will be directly executed as soon as the notification appear. (The receiver doesn't even need to check his inbox). 2. Proof of Concept Register on the forum (IP.Board) of a website as a regular user, and send a message to any user having the message notifications enabled. In the title field (and only here), a simple <script>alert(1)</script> will show a dialog box to the victim. 3. Solution: Patch the vulnerability with the (incoming) associated patch. -- ALOUACHE Mehdi Departement informatique Groupe A mehdi.alouache@hotmail.fr mehdi.alouache@etu.univ-lehavre.fr Sursa: https://www.exploit-db.com/exploits/38837/

Bă nene, tu ești nigerian full time! Se vede de la o poștă.

Ai PM

Man eu de exemplu am adsense si iau cam 200 de euro pe luna ,am intrebat daca e ceva in plus fata de adsense pentru canalul de youtube nimic mai mult.

# Pentru cei ce vor sa imbine laba cu munca # Adult website Pornhub now has something in common with Google, Microsoft, Facebook and other titans of technology – a bug bounty program to reward ethical hackers. Pornhub officially debuted its bug bounty program, with rewards between $50 and $25,000, on the HackerOne platform this week. The company says the program is currently limited to vulnerabilities on its main website; “other properties and applications” are not eligible for the program at this time. Corey Price, Pornhub vice president, said the program will help “protect and enhance the site for our 60 million daily visitors.” To qualify for a reward, bug hunters need to obey a set of rules and restrictions, including agreeing to disclose vulnerabilities “directly and exclusively” to Pornhub – bug hunters cannot get a payout if they report the bugs “anywhere else.” Bugs must be reported within 24 hours of discovery, and bounty hunters need to be the first to report a vulnerability to win a reward. According to its page on HackerOne, Pornhub began rewarding bug hunters 11 months ago, and has resolved 23 bug reports since then – although the Pornhub bug bounty program was only made public on HackerOne on Tuesday, 10 May. SOURCE: https://nakedsecurity.sophos.com/2016/05/12/pornhub-bug-bounty-program-will-pay-hackers-up-to-25000/

Introducing IBM Quantum Experience! Thanks for requesting an invitation to the IBM Quantum Experience! Your registration has been approved APPROVED!

Pentest cu o mana pe mouse si una in pantaloni.

Unleashing an Ultimate XSS Polyglot Ahmed Elsobky Foreground: When it comes to testing for cross-site scripting vulnerabilities (a.k.a. XSS), you’re generally faced with a variety of injection contexts where each of which requires you to alter your injection payload so it suites the specific context at hand. This can be too tedious and time consuming in most cases, but luckily, XSS polyglots can come in handy here to save us a lot of time and effort. What is an XSS polyglot? An XSS polyglot can be generally defined as any XSS vector that is executable within various injection contexts in its raw form. So, what polyglot you came up with? jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e Anatomy of the polyglot (in a nutshell): jaVasCript:: A label in ECMAScript; a URI scheme otherwise. /*-/*`/*\`/*'/*"/**/: A multi-line comment in ECMAScript; a literal-breaker sequence. (/* */oNcliCk=alert() ): A tangled execution zone wrapped in invoking parenthesis! //%0D%0A%0D%0A//: A single-line comment in ECMAScript; a double-CRLF in HTTP response headers. </stYle/</titLe/</teXtarEa/</scRipt/--!>: A sneaky HTML-tag-breaker sequence. \x3csVg/<sVg/oNloAd=alert()//>\x3e: An innocuous svg element!! Total length: 144 characters. Link: https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot

Nu e nimeni care ma poate ajuta PLS:D?

Lol , nu-mi vine sa cred ca la finele anului 2015 IPboard suferea de o vulnerabilitate XSS de copilasi indieni . Sa-mi bag pula , schimba-ti platforma