1. X
  2. Somdev Sangwan
Giriş yapKaydol
Somdev Sangwan
3,960 posts
user avatar
Somdev Sangwan
@s0md3v
Security Researcher & Developer
India
somdev.in
July 2017 tarihinde katıldı
201
Takip ediliyor
35.1K
Takipçiler
YanıtlarYanıtlarMedyaMedya

X'te yeni misin?

Kişiselleştirilmiş zaman akışını almak için hemen kaydol!

Hesap oluştur

Kaydolarak, Çerez Kullanımı da dâhil olmak üzere Hizmet Şartları ve Gizlilik Politikası'nı kabul etmiş oluyorsun.

Terms·Privacy·Cookies·Erişilebilirlik·Ads Info·© 2026 X Corp.
Don't miss what's happening
Haberleri önce X'teki kişiler alır.
Giriş yapKaydol
  • Sabitlendi
    user avatar
    Somdev Sangwan
    @s0md3v
    27 Eyl 2025
    Just hit 100k stars on GitHub ✨ 9 years, 50+ projects and love from the community 💕
    10K
  • user avatar
    Somdev Sangwan
    @s0md3v
    10 Eyl 2019
    Learn Regex in 4 tweets :) cat matches cat ca+t matches caaaaaaaaaaaat but not ct ca*t matches caaaaaaaaaaaat and also ct ca{2,4} matches caat, caaat and caaaat c(at)+ matches catatatatatat c(at|orn) matches cat and corn c[ea] matches cat and cet c[ea]+ matches caaaat and ceeet
  • user avatar
    Somdev Sangwan
    @s0md3v
    18 Şub 2025
    bring back ASCII art and UIs with personality 😞💔
    00:00
    81K
  • user avatar
    Somdev Sangwan
    @s0md3v
    24 May 2022
    🚨 ALERT 🚨 Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.
  • user avatar
    Somdev Sangwan
    @s0md3v
    1 Oca 2020
    Incident: Account hacked despite having 2FA Expectation: <some fancy technique> Reality: Website had no 2FA on "Password Reset" mechanism and the attacker got straight in. Sometimes bugs are too simple, hiding in plain sight.
  • user avatar
    Somdev Sangwan
    @s0md3v
    17 Nis 2022
    Simple tip to find juicy assets that most hackers miss 🔥 1. Resolve all subdomains to IP addresses. Save IPs to list1.txt 2. Find the organization name target.com uses in SSL certificates 3. Go to shodan.io and search ssl:"Target Company"
  • user avatar
    Somdev Sangwan
    @s0md3v
    28 Kas 2019
    Check if a server is running any vulnerable services wget https://raw.githubusercontent(.)com/vulnersCom/nmap-vulners/master/vulners.nse -O /usr/share/nmap/scripts/vulners.nse && nmap --script-updatedb All done, now you can do a scan with nmap -sV --script vulners <target>
  • user avatar
    Somdev Sangwan
    @s0md3v
    25 Şub 2021
    So, my project "Arjun" is a part of Kali Linux now 🎉
  • user avatar
    Somdev Sangwan
    @s0md3v
    31 Tem 2020
    2 Factor Authentication testing cheatsheet. I am not the author of this, forgot where I got this from.
  • user avatar
    Somdev Sangwan
    @s0md3v
    31 Mar 2022
    Introducing "Smap", a drop-in replacement for Nmap powered by shodan.io Github: github.com/s0md3v/Smap Features: - no shodan account required - mimics nmap's arguments and output - supports oX/oG/oN outputs (and more) - fully passive, just 1 http request per host
  • user avatar
    Somdev Sangwan
    @s0md3v
    14 Oca 2022
    The hacker after executing 'whoami' on my PC to check his privileges (I have replaced whoami with a command that prints the IP address and location of everyone connected to me and then says, "you tell me")
  • user avatar
    Somdev Sangwan
    @s0md3v
    7 Oca 2019
    OSINT gang rise up 👉😎👈
  • user avatar
    Somdev Sangwan
    @s0md3v
    26 Ara 2019
    SSRF Break Points [1/2] - Anything that accepts a URL - File upload option? Change type="file" to type="url" and submit a URL. - Image upload? Submit a svg containing "image" element with the payload in xlink:href attribute. Try ImageMagick exploits.
  • user avatar
    Somdev Sangwan
    @s0md3v
    27 Şub 2022
    Want to find XSS in a list of 100000 URLs? This will give you all the URLs that have parameters commonly vulnerable to XSS. cat urls.txt | uro | parth --pipe xss