How to Set Up a Honeypot for Your Apache2 Server ⌘ Read more
↳
In-reply-to
»
Also, I should cut down on coffee. Seriously, I've nearly had a ... I honestly don't know what it was; A Panic attack? A heart attack? I dunno, I just felt like my heart and lungs were so about to burst I had to go for a run to cope.
⤋ Read More
@aelaraji@aelaraji.com I use to be a pot or more a day but have cut that back in the last 4 or so years to just 2-3 cups. Main reason was because I was getting jittery which didn’t happen before. I do think it is good to go without periodically (probably applies to more things than coffee) to just reset the system.
I don’t drink it often but decaf’s taste has gotten better too.
I Lost $3,750 in 30 Seconds — The ATO Bug 99% of Hackers Miss (Here’s How to Avoid It)
The 1 Burp Suite Mistake That Cost Me $3,750 — Fix It in 30 Seconds
[Continue reading on InfoSec Writ … ⌘ Read more
SOC L1 Alert Reporting : Step-by-Step Walkthrough | Tryhackme
As a SOC analyst, it is important to detect high-severity logs and handle them to protect against disasters. A SOC analyst plays the…
[Continue reading on InfoSec Write-ups … ⌘ Read more
**404 to 0wnage: How a Broken Link Led Me to Admin Panel Access **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=r … ⌘ Read more
How to Start Bug Bounty in 2025 (No Experience, No Problem)
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss—-7b … ⌘ Read more
️ Hacking and Securing Kubernetes: A Deep Dive into Cluster Security
Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by … ⌘ Read more
I had Chick-fil-A breakfast today (sausage, egg, and cheese biscuit, hash browns, coffee, and orange juice). Then at lunch my work place offered hot dogs. I had two (kosher, if that matters), plus a coke, a macadamia nuts cookie, and a small chocolate brownie.
So, here I am, at home, feeling hungry but guilty and refusing to eat anything else for the rest of the day. To top it off, I have only clocked 4,000 steps today (and I don’t feel like walking). I am going to hell, am I?
This is something for @movq@www.uninformativ.de and old OS hobbyists alike: FreeDOS 1.4! Get it while it’s hot!
↳
In-reply-to
»
All these remind me of the "blog" ability once existed in Yarnd. I hate to be the party pooper, but little to non interest from me. LOL. I am up to increase the length of a twtxt, though. It is rather limiting right now.
⤋ Read More
See:
<textarea id="text" name="text" placeholder="Hi! 👋 Don't forget to post a Twt today!" rows="4" maxlength="576" required="true" aria-required="true"></textarea>
So, 576?
️ Free TryHackMe Jr Penetration Tester Roadmap with Resources and Labs
A free, TryHackMe-inspired roadmap with resources and labs to kickstart your penetration testing journey.
[Continue read … ⌘ Read more
5 Tools I Wish I Knew When I Started Hacking ⌘ Read more
Black Basta Leak Analysis ⌘ Read more
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240
The strange trick that exposed a hidden security flaw (and how you can find bugs like this too).
[Continue reading on InfoSec Write-ups »](https://in … ⌘ Read more
Lab: Exploiting an API endpoint using documentation
We will solve this lab based on the API documentation exposed to delete Carlos’s user.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-d … ⌘ Read more
** HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ️**
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.co … ⌘ Read more
↳
In-reply-to
»
@kate I already have my IRC server
⤋ Read More
irc.mills.io running behind Caddy Layer 4. However I don't terminate TLS at the edge in this case.
@bender@twtxt.net Sure! 👍
{
...
# Layer 4 Reverse Proxy
layer4 {
# Gopher
0.0.0.0:70 {
route {
proxy <internal_ip>:70
}
}
# IRC (TLS)
0.0.0.0:6697 {
route {
proxy <internal_ip>:6697
}
}
}
}
Happy 4/20 Easter
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minutes
🚀Free Article Link…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-1 … ⌘ Read more
Reflected XSS using Bookmark ⌘ Read more
Exposed Secrets in JavaScript Files
🔥Free Article https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?sk=ffd9ca6c8ede38ac77dcb68a507b9299
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exposed-secrets-in-javascript-fi … ⌘ Read more
**How I Hijacked OAuth Tokens Through a Parallel Auth Flow Race Condition — $8500 P1 Bug Bounty ** ⌘ Read more
BL!ND.exe || Breaching Databases in Total Silence ⌘ Read more
Time-Based Blind SQL Injection: “Hack the Clock” ⌘ Read more
Wazuh Installation & Configuration: A Step-by-Step Tutorial
Hello, my digital adventurers! In this article, I will provide you with a step-by-step guide for installing and configuring the Wazuh…
[Continue reading on InfoSec Write-ups » … ⌘ Read more
**CORSplay of the Century: How I Hijacked APIs with One Misconfigured Header **
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/corsplay-of-the-century-how-i-hijacked-apis- … ⌘ Read more
**Bypassing Like a Pro: How I Fooled the WAF and Made It Pay **
Hi there!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rss—-7b722bf … ⌘ Read more
↳
In-reply-to
»
i am writing a quick little guide on deploying soju/gamja all in docker. because i am bored
⤋ Read More
@kat@yarn.girlonthemoon.xyz it’s up but idk it’s kinda boring i hope it’s helpful though https://stash.4-walls.net/irc1/
↳
In-reply-to
»
@prologic oooh this looks interesting!!! maybe i could play around with it in docker and see how to integrate it with caddy layer4 for TLS + my existing web client and bouncer!!
⤋ Read More
@kate@yarn.girlonthemoon.xyz I already have my IRC server irc.mills.io running behind Caddy Layer 4. However I don’t terminate TLS at the edge in this case.
WAF Bypass Masterclass: Using SQLMap with Proxychains and Tamper Scripts Against Cloudflare &…
A hands-on guide to understanding and testing WAF evasion techniques usin … ⌘ Read more
Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugs
📌Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-suite-beyond-basics-hidden-f … ⌘ Read more
Obfuscation Isn’t a Fix, And It Cost Them $2,500 — A Real-World Case Study ⌘ Read more
ResolverRAT: A Sophisticated Threat Targeting Healthcare and Pharma
he healthcare and pharmaceutical sectors are prime targets for cybercriminals due to their sensitive data and critical infrastructure. In…
[Continue read … ⌘ Read more
** CVSS 10.0 Critical Vulnerability in Erlang/OTP’s SSH: Unauthenticated Remote Code Execution Risk**
A critical security vulnerability (CVE-2025–32433) with a CVSS … ⌘ Read more
Automating GraphQL Bug Bounty Hunting with GrapeQL ⌘ Read more
7k words of docs on deploying a livejournal folk. you absolutely want to read 7 thousand words of me forcing dreamwidth into production shape in docker https://stash.4-walls.net/selfhostdw/
️♂️ “I Didn’t Plan to Find a P1… But My Script Had Other Plans ” ⌘ Read more
Top 20 Linux Commands Every Pentester Should Know ⌘ Read more
Secret tricks to get hidden information in Bug Bounty
This article gives you a best and hidden tricks to find secret or hidden information from GitHub. we can call hidden approach on GitHub.
[Continue reading on InfoSec Write-ups »](https:/ … ⌘ Read more
Hacking and Securing Docker Containers: A Deep Dive into Common Vulnerabilities and Test Cases
Disclaimer: This document is for educational purposes only. Exploiti … ⌘ Read more
Why The End of MITRE’s CVE Isn’t A Big Deal ⌘ Read more
Hacking Linux with Zombie Processes ⌘ Read more
️ Blind XSS Attack in Production: My Favorite Exploit with a Delayed Surprise
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8F-bli … ⌘ Read more
iOS 18.4.1 Update Released with CarPlay Fix & Security Patches
Apple has released iOS 18.4.1 update for iPhone, along with iPadOS 18.4.1 for iPad. The software updates include a few bug fixes and important security patches, making them recommended to update. Additionally, iOS 18.4.1 includes a bug fix for a particular issue with CarPlay not connecting properly in some situations. If you have been experiencing … [Read More](https://osxdaily.com/2025/04/16/ios-18-4-1-up … ⌘ Read more
MacOS Sequoia 15.4.1 Update Released with Bug & Security Fixes
Apple has released MacOS Sequoia 15.4.1 as a software update for Mac users running the Sequoia operating system. The update focuses exclusively on security updates and bug fixes, and contains no new features. Separately, Apple also released iOS 18.4.1 for iPhone, iPadOS 18.4.1 for iPad, and updates to tvOS, watchOS, and visionOS, and those updates … [Read More](https://osxdaily.com/2025/04/16/macos-sequoia-15- … ⌘ Read more
Reimagining the SOC Analyst Role Using AI — What is Actually Realistic? ⌘ Read more