Imran Parray
@imranparray101
Founder - @snap_sec
ID:865990152446853121
https://snapsec.co 20-05-2017 17:58:36
2,6K Tweets
5,8K Followers
673 Following
Introducing SnapSec's advanced vulnerability management system!
Say goodbye to tedious PDF reports from vendors.
Our innovative solution centralizes collaboration, consultation, and prioritization for hassle-free security management.
#Cybersecurity #bugbounty #appsec
During the presentation, I introduced a highly structured approach to discover 'Privilege Escalation and Access Control issues' in modern Web applications.
#cybersecurity #bugbountytips
Discovering Log4shell & 5 privilege escalations on Agorapulse.
Check out our blog post for the full details: snapsec.co/blog/Hacking-A…
#CyberSecurity #bugbounty #infosec
5 Tips to Find DOM based XSS Vulnerabilities
1) Manual Code Review to look for sources and sinks
2) Using DOM invader by PortSwigger
3) Look for User Controlled Inputs
4) Taint Analysis
5) Parameter Manipulation
#appsec #cybersecurity #bugbounty
Just wrapped up a short but insightful podcast with VAIDIK PANDYA ! We covered key topics like:
💻 Infosec entry points
🐛 Bug bounty hunting vs penetration testing
📚 Advice for newcomers to appsec
Check out the full video here: youtu.be/P3ZtUVi0OvE
#BugBounty #infosec
Mind-Maps for Bug Hunters, Penetration Testers, Offensive/Defensive Security Professionals
github.com/imran-parray/M…
#cybersecurity #bughunting
One of the aspects of #bugbounty that I dislike is when triagers or program owners lower the severity of a report without providing any explanation.
Things could have been much easier if they would have been obliged to add some explanation to why they are doing so.
Cybersecurity threats are increasingly prevalent and dangerous. Preventing and mitigating these threats require proactive steps like educating employees, regular assessments and testing, strong access controls etc
#cybersecuritytips #pentesting #infosec
Cloudclear is an automated tool designed to receive a list of domains as input and then identify and remove all the domains that have cloudflair and cloudfront protection.
#BugBounty #cybersecurity