David Johansson @securitybits
Working with software security, playing with security software. London Joined April 2012-
Tweets98
-
Followers181
-
Following66
-
Likes56
@LewisArdern Yes, if your tweet can count as an ad? 😁
Workaround for "Audit selected items" (does not work when crawl is used): hide out of scope items in the site map filter before initiating the scan and they will be excluded ("Consolidate items..." also has an option to check and verify this).
⚠️In v2's Scanner, items excluded from the Suite scope may be crawled/scanned nonetheless ⚠️ forum.portswigger.net/thread/scanner…
First day of attending Burp Pro training with @Agarri_FR was great and nice to see @CryptoGangsta getting some credits for his blog in the course too, really looking forward to the rest of this class!
Apart from being able to extract the content, #Chrome also sends the full file path when viewing a local PDF, but #Acrobat doesn't do the same. Looks like Chrome always truncates the last character of the file path, incorrectly assuming it's a trailing NULL value.
Portable Data exFiltration: XSS for PDFs by @garethheyes #BHEU portswigger.net/research/porta…
I was looking for an example of RFD to demonstrate on when I realized that @PortSwigger labs provides what I need: portswigger-labs.net/xss/content-ty… Interesting side note: Chrome in Android associates the download with the current page before link is visited, not the download server.
@albinowax Yes, I agree that DoS is a bit lame and boring compared to the other requests smuggling attacks you've shown, yet potentially devastating for those affected. Just hoping that script kiddies don't turn into "death smugglers". ;)
Playing around with HTTP request smuggling at @WebSecAcademy tonight after work to confirm that it's trivial to abuse both CL.TE and TE.CL for denial of service attacks, below is a simple page load taking several minutes. Perhaps this is well-known already?
@rsinha My 15 year old iBook is still running fine and apparently up to date, so why not use it for online banking in addition to watching memes? ;)
@rsinha No, close but I'm afraid you need to get 012345 to hit the jackpot.
@Hexploitable @SW_integrity @NowSecureMobile Wishing you all the best in your new adventure! It's been great working with you and I'm sure you'll do a fantastic job I'm your new role.
@securestep9 Interesting but nothing really new, attempting to ensure 'secure payment' within an insecure and compromised site is doomed to fail. You can outsource your PCI DSS compliance, but you cannot outsource your security responsibility.
@securestep9 "the take away here is that the big cloud concept of security free from vulnerabilities is wrong. That’s what we showed. It can happen there as well. It’s just software and software has bugs." ^^^this is so true!
@floyd_ch @swisscyberstorm @cathapman @EnriqueITE @thedeadrobots Agree, it was great to meet you all!
Had a great evening with the speakers' dinner at @swisscyberstorm, looking forward to the conference tomorrow and what promises to be a great day of security talks! It's a pleasure to be invited to present at this event.
@pacohope A bit disappointed about you keeping the same job, I mean I had hoped that you would take over the presidency over there instead. ;) Wish you all the best though, we'll all miss you!
@Uber came over to London and gave us a better taxi experience, now we return the favour by sending over @monzo to do the same for your banking!
We're coming to the USA! 🎉 Join the waitlist at monzo.com/usa and follow @monzousa for updates 🇺🇸 monzo.com/blog/2019/06/1…
My daughter was there to cheer me on at the 25km mark, now she got inspired and told me she wants to start training for a marathon when she grows up. :)
I finally crossed the finish line in 4:06:15... Thanks everyone for the support along the way, fantastic experience!
@m1splacedsoul @ZeroNorthSec Exciting times, wish you all the best!!
@ChurchE20 @jamesclary @RichardHouseCH @NHSBartsHealth @StMungos @CR_UK Thanks a million for all your support today!
Lewis Ardern @LewisArdern
2K Followers 635 Following Security Researcher @Semgrep & Host of @SecuriTnC. Application Security is my 🍞 & 🧈.
Grant 🌱🏴�... @Hexploitable
1K Followers 1K Following Specifically focused on security engineering & research. Extensive background in AppSec, mobile reverse engineering, and RASP
Paco Hope @pacohope
2K Followers 1K Following follow me on https://t.co/SGEHX2mL7v #Security / #Privacy / #Cloud / Music / Cigars • Opinions are my own
Matthew hegarty @matthewhegarty5
6 Followers 28 Following
Cristian @Cybercgm
24 Followers 64 Following Estudiante de ciberseguridad. Aprendiendo fundamentos de redes, sistemas y seguridad informática. Decidido a construir una carrera en el área y formarme.
Rawikun @Rawikun371590
6 Followers 117 Following
Shankar Garikapati @gbshankar31
141 Followers 3K Following Identity, Fraud, Security, Privacy and Distributed Systems / Staff Engineer & Tech Lead at Lyft. UCLA/IIIT-HYD Alumnus.
Mitja Kolsek @mkolsek
4K Followers 767 Following CEO of ACROS Security; Co-founder of 0patch (https://t.co/XQ9EYMnQYX) Bluesky: https://t.co/HhsFBafHK0 Mastodon: @[email protected]
Stacey Egerton Davis @StaceyEgertonDa
85 Followers 418 Following
Manish Kishan Tanwar @IndiShell1046
2K Followers 535 Following SQL Injection fan Develop vulnerable labs and web shells in spare time https://t.co/K2kSnZjLDO
Manuel Simoni @msimoni
5K Followers 2K Following geek of programming languages, operating systems, and hypermedia platforms
Yechiel @yechiel_www
236 Followers 1K Following Security engineer, Quite openly Jewish. Yechiel 👨💻🪲♟️🇬🇧🇺🇸🇮🇱
Mauricio Matias C. @cr0wg4n
75 Followers 226 Following “Be a maker” 🌐 Software Developer ✨ OSH/FLOSS lover and contributor
Scotty @scooteroos
18 Followers 2K Following
Scott Edwards @ScottEd91901997
1 Followers 112 Following
Vladimir Dzhuvinov �... @dzhuvi
536 Followers 325 Following Identity, OAuth and OpenID Connect. CEO & architect @connect2id . Tweets in EN and occasionally BG
safuan @safu4n
46 Followers 420 Following
Kevin W. Wall @KevinWWall
266 Followers 367 Following A TL;DR AppSec / developer guy, trying to learn to be succinct. Also, knows how to exit vim. Tweets are my own.
Jyothsna Lekkala @JyothsnaLekkala
86 Followers 1K Following Full stack engineer , enjoy working in security, privacy space. Firmware, cloud technologies, (I)IOT Love working on anything remotely related to crypto
P@tch3d @P4tch3dSYSt3m
17 Followers 202 Following
Rahul @rahulkadavil_
138 Followers 934 Following ⚽📷💻 Penetration Tester , https://t.co/Y3mgM9942q, https://t.co/PEP8hIluVa
Dishita Yadav @YadavDishita
7 Followers 161 Following
Per Gårdebrink @pergardebrink
74 Followers 774 Following
Karol Piątek @karolpiateknet
7 Followers 62 Following Senior iOS developer with mobile security experience
2024=2023+1 (e/acc) @commondoubts
258 Followers 2K Following God – A tradition rooted in hope. Lottery – A tradition of hope, tempered by reality. Sharing a story does not imply agreement. All claims remain alleged.
Marek Kapelinski @mkapelin
882 Followers 4K Following SysOps Principal Architect, TPM. Fan of IT and good engineering #RemoteWork Likes gardening, golf, and economics Plays with AI on #FutureOfWork #GreenEnergy
Türkeli Yazılım @turkeliyazilim
5 Followers 189 Following
ForceRemote @ForceRemote
67 Followers 3K Following Remote Work and distributed teams experts, industry veterans - https://t.co/dbhyjXrytQ
Randeep Bahia @RBahia86
40 Followers 442 Following #DFIR, #SOC, #IncidentResponse teams - Are you ready for something new? Ask me about Enterprise Forensics.
Eduardo Peris @eduardoperis
8K Followers 9K Following Ingeniero Informático || Doctorando @La_UPM || Decano @cpgiiaragon || Diputado 2011-19 @cortes_aragon
CryptoT @___v3n0m
5 Followers 225 Following
Tejas Puramwar @PuramwarTejas
1 Followers 48 Following
OffSec_St*ve @0ffsec_st0ve
2 Followers 76 Following
Alicia @minialicia22
87 Followers 2K Following
Taiyaba Qureshi🌙 @MashazQureshi
310 Followers 358 Following #Proudmuslimah #Indian #Hijabi #CyberSecurity #AI #InfoSec #CyberWarrior #SavePhilistine #FreeSyria #SaveKashmir #SaveHumanity
Daniel Votipka @drvotipka
496 Followers 229 Following @TuftsCS professor. @umdcs Alum. Member of @CollegeParkMC2 lab. Interested in usable security and software vulnerability discovery.
Sandro Bachmann @SandroBachmann
81 Followers 585 Following
Enrique Serrano Apari... @EnriqueITE
5K Followers 1K Following Founder & CEO at @hackrocks_ | @BIEspana 23 under 35 | International Speaker | Entrepreneur | IT Engineer | InfoSec | @LosInvestigadrs · @MundoHackerTV
Lewis Ardern @LewisArdern
2K Followers 635 Following Security Researcher @Semgrep & Host of @SecuriTnC. Application Security is my 🍞 & 🧈.
Grant 🌱🏴�... @Hexploitable
1K Followers 1K Following Specifically focused on security engineering & research. Extensive background in AppSec, mobile reverse engineering, and RASP
Paco Hope @pacohope
2K Followers 1K Following follow me on https://t.co/SGEHX2mL7v #Security / #Privacy / #Cloud / Music / Cigars • Opinions are my own
Charlie Kirk @charliekirk11
6.2M Followers 182K Following Founder & CEO: @TPUSA + @TPAction • Host: The Charlie Kirk Show • Click the link below to subscribe 🇺🇸
Lex Fridman @lexfridman
5.0M Followers 685 Following Host of Lex Fridman Podcast. Interested in robots and humans.
Kaizen D. Asiedu @thatsKAIZEN
805K Followers 582 Following Clear Thinker. Harvard ‘12, Emmy Winner. Oops, made ya think 🧠
Church E20 @ChurchE20
126 Followers 362 Following A Church Plant in E20, London. We meet regularly on Wednesday evenings to eat, chat, read the Bible, worship and pray together.
Infected Mushroom @infected
97K Followers 10K Following Join the INFECTED Army https://t.co/Qgxl6FJEDu
Manish Kishan Tanwar @IndiShell1046
2K Followers 535 Following SQL Injection fan Develop vulnerable labs and web shells in spare time https://t.co/K2kSnZjLDO
Chobham PE Dept @ChobhamacadPE
894 Followers 283 Following Brought to you by the Harris Academy Chobham PE department. First school to open up Queen Elizabeth Olympic Park (YST EXCELLENCE IN PE 2014 WINNERS)
Matt Taibbi @mtaibbi
2.1M Followers 4K Following Author of INSANE CLOWN PRESIDENT, I CAN’T BREATHE, SPANKING THE DONKEY, and SMELLS LIKE DEAD ELEPHANTS
Dafydd Stuttard @DafyddStuttard
7K Followers 77 Following Founder and Chief Swig at @PortSwigger. Creator of @Burp_Suite and @WebSecAcademy. Author of The Web Application Hacker's Handbook.
Gareth Heyes \u2028 @garethheyes
38K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Mastering Burp Suite ... @MasteringBurp
16K Followers 0 Following Tips and tricks for Burp Suite Pro Managed by @Agarri_FR | Not affiliated with @Portswigger More free resources at https://t.co/MWqXmV66lr
Nicolas Grégoire @Agarri_FR
28K Followers 628 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
George K @gk0us
19 Followers 88 Following
Web Security Academy @WebSecAcademy
141K Followers 36 Following Free web security training from @PortSwigger
James Kettle @albinowax
83K Followers 102 Following Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
LiveOverflow 🔴 @LiveOverflow
160K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Daniel Votipka @drvotipka
496 Followers 229 Following @TuftsCS professor. @umdcs Alum. Member of @CollegeParkMC2 lab. Interested in usable security and software vulnerability discovery.
PortSwigger Research @PortSwiggerRes
120K Followers 7 Following Web security research from the team at @PortSwigger
Enrique Serrano Apari... @EnriqueITE
5K Followers 1K Following Founder & CEO at @hackrocks_ | @BIEspana 23 under 35 | International Speaker | Entrepreneur | IT Engineer | InfoSec | @LosInvestigadrs · @MundoHackerTV
Christian Folini @ChrFolini
3K Followers 983 Following Author of the #ModSecurity Handbook 2ed, forme OWASP @CoreRuleSet project co-lead and trainer. Program chair @SwissCyberStorm and board National Cyber Strategy
Burp Suite @Burp_Suite
138K Followers 14 Following Burp Suite is the leading software for web security testing.
PortSwigger @PortSwigger
106K Followers 23 Following We are a leading provider of software and learning on web security. We make @Burp_Suite and @WebSecAcademy.
Arvinder Singh @arvindersaini
27 Followers 99 Following Senior Security Consultant @Synopsys | Music | Hiking & Trekking | Outdoor Enthusiast
Dan Cornell @danielcornell
4K Followers 1K Following Entrepreneur, software developer, security professional, advisor, and investor. Slow ultra-marathoner, mediocre powerlifter @[email protected]
East Village London @EastVillageLDN
10K Followers 5K Following In Summer 2012 the world’s top athletes called us home. We're now the best connected London neighbourhood, with a great range of independent retailers! #MyE20
Isaiah Wellington-Lyn... @isaiahwelly
191 Followers 236 Following Anthropologist on a mission to tell stories about people (PhD @UniOfOxford), products/brands (@21cbrand) and problem-solving (founding faculty @weareLIS)
Sherif Mansour @kerbe... @Kerberosmansour
2K Followers 2K Following InfoSec Director @JustEatTakeaway | Ex-Chair of @OWASP | @OWASPlondon Leader with @securestep9 @ALL_Sec_Geek & @drgfragkos |🇪🇬🇨🇦🇬🇧| Uses @blockpartyapp_
Jonathan Marcil @jonathanmarcil
1K Followers 280 Following Application Security Specialist. Opinions, idiolect and tweets are my own and are subject to change upon new awareness.
Parsia Hakimian @CryptoGangsta
4K Followers 959 Following "Trust this man, he has a Power Glove." Appsec and Static Analysis @ MSFT. ^(🇮🇷|🇺🇸|🇨🇦)-ian$
Jeremy Long @ctxt
1K Followers 236 Following Builder, infosec, SCA and SAST enthusiast, blue team. Founder of OWASP dependency-check.
Kevin W. Wall @KevinWWall
266 Followers 367 Following A TL;DR AppSec / developer guy, trying to learn to be succinct. Also, knows how to exit vim. Tweets are my own.
Andrew van der Stock @vanderaj
8K Followers 6K Following Please come see me on Linked In. DMs not monitored.
Matt Tesauro @matt_tesauro
1K Followers 261 Following
August Detlefsen @codemagi
171 Followers 119 Following Software architect, senior security consultant and author focused on building a cooler, safer web.
OWASP AppSec Europe @AppSecEU
6K Followers 149 Following Premier Application Security Conference #OWASP #AppSecEu
Mathew Payne @GeekMasher
1K Followers 2K Following AppSec guy by day 😎 Rustacean by night 🦀. Linux user My own root shell 🐚, not my employers
Ian Spiro @RAPLPOSOW
196 Followers 378 Following Running Around Parking Lot Pants Off Shooting Out Windows
Stephen @BeefySteve
51 Followers 187 FollowingYou might like
