Show more

Day62: Okay, I lied. Not HtB. Looked at an Offensive Security Proving Grounds-Playground box. Watched a live walk-through on the box. Also watched an Ippsec video re: LFI.

Congrats to USWNT on CONCACF win! Good game to Canada, as well!

ath0 boosted

.
Brian Tyler Cohen wrote:

The same Republicans saying abortion should be a “states’ rights” issue are plotting a national abortion ban if they win in November. It’s about control— and the only way to stop them is to vote.

Day61: Finished _Bug Bounty Bootcamp_, skipped chapter 23 and read chapters 24 & 25. Tomorrow, back to .

ath0 boosted
ath0 boosted

I really wish that large leftist accounts would focus more on productive countermeasures and less on mouth-foaming outrage.

Vilifying Mitch McConnell is wasted effort that plays into GOP mechanations, and using that platform to drive turnout and support for Democrat Senate candidates would go a lot further towards making the evil turtleman irrelevant.

@Xponent @th3j35t3r Is 5.56 “over-sized” for hunting deer or boar? I’m not a hunter, so I don’t know. I’ve been calling my congress critter to ban 30-round magazines. Want to use a 5.56 to hunt deer or boar, go ahead—here’s your 3-round magazine. (Call your congress critters! Here are scripts and contact info: 5calls.org/)

Day59: Turns out I read chapter 20 yesterday and chapter 21 tonight. Duh. Saw a walk through yesterday that leveraged looking for .git on a web page. I haven’t done an analysis on that kind of information disclosure vuln, but I reckon it’s rare but damaging. Tomorrow, we read code.

@JMHardin Only if you have a copy of the playlist beforehand, "Never Gonna Give You Up" isn't on it, and he does, in fact, play "Never Gonna Give you Up". Would probably still be a pretty good show.

Day58: Read chapter 21 in _Bug Bounty Bootcamp_. Dangling CNAME is bad, m'kay? A deeper dive on sign-sign-on exploits is really going to be needed for effectiveness.

Day57: watched a live stream, Alh4zr3d breaks two k8s challenges on try hack me

Day56: More cracking at trick.htb. Found a thing on an entry point, but I'm stuck turning it into something more useful. Tantalizing config on entry point two, but it isn't giving me any goods.

Day55: More banging on trick.htb. Found a new potential entry point. Took a while to figure out how to find it, but didn't get terribly far on it before I had to pack it in.

Day54: Read another chapter, chapter 19, of _Bug Bounty Bootcamp_.

Kidlet offered a fun thought: Ramps are just domesticated hills.

Day53: Got creds from yesterday's scans. Explored the app, looking for escalation vector. Found limited LFI, so progress!

Nick Kyrgios' problem space with tennis is between his ears. Such talent. Rooting for him to get his attitude right. He'd be so great for the game if he could quit being such a boor.

ath0 boosted

Day52.1: Went to the forums for some hints. Revisited a service I thought was a dead end. Double-checked syntax and tried another potential configurable. Boom. Found another entry point. Now I'm starting to get some progress. ...and I'm leaving to go to a concert soon. Gotta unplug for a bit, every now and again!

Show more

ath0

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.