#hack100days Day56: More cracking at trick.htb. Found a thing on an entry point, but I'm stuck turning it into something more useful. Tantalizing config on entry point two, but it isn't giving me any goods. #infosec #cososec #hackthebox #tryharder

#hack100days Day55: More banging on trick.htb. Found a new potential entry point. Took a while to figure out how to find it, but didn't get terribly far on it before I had to pack it in. #infosec #cososec #hackthebox

#hack100days Day54: Read another chapter, chapter 19, of _Bug Bounty Bootcamp_. #infosec #cososec

Kidlet offered a fun thought: Ramps are just domesticated hills.

#hack100days Day53: Got creds from yesterday's scans. Explored the app, looking for escalation vector. Found limited LFI, so progress! #infosec #cososec #hackthebox

Nick Kyrgios' problem space with tennis is between his ears. Such talent. Rooting for him to get his attitude right. He'd be so great for the game if he could quit being such a boor. #wimbledon

#hack100days Day52.1: Went to the forums for some hints. Revisited a service I thought was a dead end. Double-checked syntax and tried another potential configurable. Boom. Found another entry point. Now I'm starting to get some progress. ...and I'm leaving to go to a concert soon. Gotta unplug for a bit, every now and again! #infosec #cososec #floydcoverband

#hack100days Day52: Kept at htb/trick. Had to spend some time getting acquainted with how "Break" works in ZAP. Wanted to edit a page coming from the server. Didn't get the result I was hoping for. Got one more setting to try before ruling this approach out. #infosec #cososec

#hack100days Day51: Flippin' power outage. It's back on and the day isn't done. I've been enumerating htb/trick. Once service appears to be a dead end. Another service is not giving anything up easily. A third service is interesting, I'm not as well versed in its tech. Fortunately, there's metasploit for that. For now, anyways. #infosec #cososec #hackthebox

#hack100days Day50: Watched some more of a stream with alh4zred. Shadowed someone on discord while they hacked on an android app. Got to see similarities between web apps and mobile apps. Also got to point out a ZAP feature, so I contributed a little bit! ;) #infosec #cososec

#hack100days Day49: Read chapters 17 and 18 of _Bug Bounty Bootcamp_. #infosec #cososec

Vamos Rafa!

#hack100days Day48: Mixed it up today. Started watching https://www.youtube.com/watch?v=Llw2PAlXUoE, which led to a twitter/@Alh4zr3d livestream on https://www.twitch.tv/alh4zr3d, which then led me to twitter/@mttaggart and led me to https://www.youtube.com/taggarttech which has an API hacking video I want to watch next. #infosec #cososec

#hack100days Day47: Read chapter 16 of _Bug Bounty Bootcamp_. #infosec #cososec

#hack100days Day46: “Home again, home again, jiggity jig.” Rock and Roll Hall of Fame and chapter 15 of _Bug Bounty Bootcamp_ done. Enjoying a jigger of Canadian whiskey to unwind.

#hack100days Day45: Baseball Hall of Fame visited today and Chapter 14 of _Bug Bounty Bootcamp_ done. Going to need to do some more labs and walkthroughs of deserialization. Feels a bit like a dark art. #infosec #cososec #vacation

#hack100days Day44: Chapter 13 of _Bug Bounty Bootcamp_ done. #infosec #cososec

#hack100days Day43: Read chapters 11 & 12 of _Bug Bounty Bootcamp_. Tomorrow is travel day. #infosec #cososec

#hack100days Day42: Read chapter 10 of _Bug Bounty Bootcamp_. #infosec #cososec