↳
In-reply-to
»
@sorenpeter you raw feed says otherwise. Also, https://txt.sour.is/conv/wj5bcwq.
⤋ Read More
@bender@twtxt.net Hehe good sleuthing 🤣 I swear it was an edit ✍️ Haha 😂 yarnd now “sees” both every single time, where-as before it would just obliterate the old Twt, but remain in archive. Now you get to see both 😅 Not sure if that’s a good thing or not, but it certainly makes it much clearer how to write “code logic” for detecting edits and doing something more UX(y) about ‘em 🤔
☁️How to Setup a Custom Subdomain on xss.ht — A Complete Hacker’s Guide
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Fhow-to-setup-a-custom-subdom … ⌘ Read more
$500 Bounty: For a Simple Open Redirect
How a Language Chooser Flaw Led to Open Redirect and Server Issues on HackerOne
** Login? Who Needs That? Bypassing OAuth Like a Lazy Hacker on Sunday ☀️**
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/login-who-needs-that-bypassing-oauth-like-a- … ⌘ Read more
** How to Turn Cybersecurity Into a Full-Time Income (My Blueprint)**
💡Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-turn-cybersecurity-into-a-full-time-income-my-blueprint-f4d70 … ⌘ Read more
↳
In-reply-to
»
@twtxtory Hello 👋 Welcome to Yarn.social / Twtxt 😅
⤋ Read More
Was just looking at the client you’re using Twtxtory 🤔 Very nice! 👍 is this your client, did you write it? I’d not come across it before!
**Path Traversal Attack: How I Accessed Admin Secrets **
Path Traversal Attack: How I Accessed Admin Secrets 📂
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/path-traversal-attack-how-i-accessed-admin-secrets-fa5de1865031?source … ⌘ Read more
Top 5 Open Source Tools to Scan Your Code for Vulnerabilities
These tools help you find security flaws in your code before attackers do.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-open-source-tools-to-s … ⌘ Read more
**The Fastest Way to Learn Web Hacking in 2025 (With Free Resources) **
🔓Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-fastest-way-to-learn-web-hacking-in-2025-with-free-resourc … ⌘ Read more
Hidden Tricks to Spot Phishing Emails Before They Trick You!
Phishing emails are like traps set by cybercriminals to trick you into sharing personal details, clicking dangerous links, or downloading…
[Continue reading on InfoSec Write-ups … ⌘ Read more
** Hostile Host Headers: How I Hijacked the App with One Sneaky Header **
Hey there!😊
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-hea … ⌘ Read more
GitLab CI for Python Developers: A Complete Guide
Automating Testing, Linting, and Deployment for Python projects using GitLab CI/CD
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/gitlab-ci-for-python-developers-a-complete-guide-83794cb91 … ⌘ Read more
** How I discovered a hidden user thanks to server responses ?**
My first real step into web hacking and it wasn’t what i thought it would be.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-discovered-a-hidde … ⌘ Read more
How to Build a Threat Detection Pipeline from Scratch (Like a Cyber Ninja!)
Hey, cyber fam! Have you ever asked yourself:
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-build-a-threat … ⌘ Read more
Nothing changed… except for one detail. And that was enough to hack
Sometimes, hacking doesn’t require any exploit… just good observation.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/nothing-c … ⌘ Read more
**Burp, Bounce, and Break: How Web Cache Poisoning Let Me Control the App **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-bounce-and-break-how-web-cache-poisoning-let-me-con … ⌘ Read more
SOC L1 Alert Reporting : Step-by-Step Walkthrough | Tryhackme
As a SOC analyst, it is important to detect high-severity logs and handle them to protect against disasters. A SOC analyst plays the…
[Continue reading on InfoSec Write-ups … ⌘ Read more
**404 to 0wnage: How a Broken Link Led Me to Admin Panel Access **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=r … ⌘ Read more
How to Start Bug Bounty in 2025 (No Experience, No Problem)
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss—-7b … ⌘ Read more
↳
In-reply-to
»
Testing mentions, immediately followed by commas. Let's see: @prologic, this one is local, it might not break. Now, this one @ isn't local. Nor this @ one. Will they break. Let's find out!
⤋ Read More
I’ll see if I can fix this and write a test case for what’s going on here. I think this is made difficult now because folks like @eapl.me@eapl.me decide that it’s okay to have a . (period) in their # nick 🤣 tbh I think nick(s) should have rules of what they can and cannot be comprised of. i.e: no punctuation 🤦♂️
Copilot taking over?
I tried GitHub Copilot (Free) in Visual Studio Code again for some small GoBlog changes. Copilot can now generate tests (although it doesn’t feel intelligent, as you need to correct quite a few things), it can do code reviews before committing and it can generate commit messages. Of course, it can also do code completions and write complete code, if you want it to do so. ⌘ Read more
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240
The strange trick that exposed a hidden security flaw (and how you can find bugs like this too).
[Continue reading on InfoSec Write-ups »](https://in … ⌘ Read more
Lab: Exploiting an API endpoint using documentation
We will solve this lab based on the API documentation exposed to delete Carlos’s user.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-d … ⌘ Read more
** HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ️**
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.co … ⌘ Read more
↳
In-reply-to
»
💡 I had this crazy idea (or is it?) last night while thinking about Twtxt and Yarn.social 😅 There are two things I think that could be really useful additions to the
⤋ Read More
yarnd UI/UX experience (for those that use it) and as "client" features (not spec changes). The two ideas are quite simple:
I’d have to write i up in full, but essentially looks a bit like this (contribived examples follow)…
Am I the only one that’s confused by the discussions, and then the voting we had on the whole threading model? 🤔 I’m not even sure what I voted for, but I know it wasn’t the one that won haha 🤣 (which I’m still very much against for based on an intuition, experience and lots of code writing lately).
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minutes
🚀Free Article Link…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-1 … ⌘ Read more
Exposed Secrets in JavaScript Files
🔥Free Article https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?sk=ffd9ca6c8ede38ac77dcb68a507b9299
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exposed-secrets-in-javascript-fi … ⌘ Read more
Wazuh Installation & Configuration: A Step-by-Step Tutorial
Hello, my digital adventurers! In this article, I will provide you with a step-by-step guide for installing and configuring the Wazuh…
[Continue reading on InfoSec Write-ups » … ⌘ Read more
**CORSplay of the Century: How I Hijacked APIs with One Misconfigured Header **
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/corsplay-of-the-century-how-i-hijacked-apis- … ⌘ Read more
**Bypassing Like a Pro: How I Fooled the WAF and Made It Pay **
Hi there!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rss—-7b722bf … ⌘ Read more
i am writing a quick little guide on deploying soju/gamja all in docker. because i am bored
** Something something something, week notes **
I’ve finished my little exploratory jaunt through the writings of Sally Rooney this week. I’ve left aside one of her novels for some other time, Beautiful World, Where Are You. Some authors have clear habits, or“projects.” Rooney strikes me as such an author. Naming either seems a bit trickier, though. Something something something, what do normative friendships between people entail, something something something how is morality constructed by other peoples’ percep … ⌘ Read more
↳
In-reply-to
»
hey everyone i've spent my whole day trying to set up soju + gamja in docker and now i am down a rabbit hole of building caddy with layer4 support and trying to get TLS for my IRC server and NOTHING IS WORKING
⤋ Read More
@kat@yarn.girlonthemoon.xyz oh and the logs say “failed to write msg: use of closed network connection” WHAT DOES THAT MEAN
Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugs
📌Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-suite-beyond-basics-hidden-f … ⌘ Read more
↳
In-reply-to
»
jenny really isn’t well equipped to handle edits of my own twts.
⤋ Read More
@kat@yarn.girlonthemoon.xyz It’s more like a cache, it stores things like “timestamp of the most recent twt we’ve seen per feed” or “last modification date” (to be used with HTTP’s if-modified-since header). You can nuke these files at any time, it might just result in more traffic (e.g., always getting a full response instead of just “HTTP 304 nope, didn’t change”).
@quark@ferengi.one Yes, I often write a couple of twts, don’t publish them, then sometimes notice a mistake and want to edit it. You’re right, as soon as stuff is published, threads are going to break/fork by edits.
↳
In-reply-to
»
7k words of docs on deploying a livejournal folk. you absolutely want to read 7 thousand words of me forcing dreamwidth into production shape in docker https://stash.4-walls.net/selfhostdw/
⤋ Read More
@kat@yarn.girlonthemoon.xyz i did this in september but it took me this long to do the write up part lmfao
Secret tricks to get hidden information in Bug Bounty
This article gives you a best and hidden tricks to find secret or hidden information from GitHub. we can call hidden approach on GitHub.
[Continue reading on InfoSec Write-ups »](https:/ … ⌘ Read more
️ Blind XSS Attack in Production: My Favorite Exploit with a Delayed Surprise
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8F-bli … ⌘ Read more
↳
In-reply-to
»
(#2zhuzoa) @andros @bender @prologic @eapl.me btw does twtxt dm and salty can be bridged together? iirc you planned this
⤋ Read More
@doesnm.p.psf.lt@doesnm.p.psf.lt It was always intended to have both Yarn.social and Salty.im integrate together. Yes. This includes having a set of specifications that anyone can write clients to.
10 Wonderful TV Shows That Started Strong but Ended Unfinished
Anyone who has competed in track and field at any level knows it’s easy to start out strong. What’s much more difficult is maintaining that initial burst of speed for the entire race and then finishing strong. Some TV shows come out of the gate swinging, with strong casts, clever writing, and highly compelling plotlines. […]
The post [10 Wonderful TV Shows That Started Strong but Ended Unfinished](https://l … ⌘ Read more
“Sysmon Unleashed: Tracking and Tackling Malicious Activity on Windows”
Introduction
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/sysmon-unleashed-tracking-and-tackling-malicious-act … ⌘ Read more
**Click, Recon, Jackpot! ️♂️ How a Subdomain Led Me to an S3 Treasure Trove **
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/click-recon-jackpo … ⌘ Read more
⚡️Oops, They Logged It! Turning LFI into Remote Shell Like a Pro ⚔️
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Foops-they-logged-it-turning-l … ⌘ Read more