Are you over 18 and want to see adult content?
More Annotations
A complete backup of https://xn--789-1kl1enag3hb9fba7yzb6h.com
Are you over 18 and want to see adult content?
A complete backup of https://shipinspection.eu
Are you over 18 and want to see adult content?
A complete backup of https://frieslandhollandwebshop.nl
Are you over 18 and want to see adult content?
A complete backup of https://replicawatchesuks.co.uk
Are you over 18 and want to see adult content?
A complete backup of https://parkcitymag.com
Are you over 18 and want to see adult content?
A complete backup of https://themeregion.com
Are you over 18 and want to see adult content?
A complete backup of https://imapbuilder.com
Are you over 18 and want to see adult content?
A complete backup of https://bartletthospital.org
Are you over 18 and want to see adult content?
A complete backup of https://jampo.com.ua
Are you over 18 and want to see adult content?
A complete backup of https://dowjonesnewsfund.org
Are you over 18 and want to see adult content?
A complete backup of https://concordesst.com
Are you over 18 and want to see adult content?
A complete backup of https://horizononline.com
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of footeducation.com
Are you over 18 and want to see adult content?
A complete backup of cleananddelicious.com
Are you over 18 and want to see adult content?
A complete backup of benchmarklitigation.com
Are you over 18 and want to see adult content?
A complete backup of guitarhabits.com
Are you over 18 and want to see adult content?
Text
JOHN J HACKING
John Jackson is a cybersecurity professional, senior application security engineer, author, hacking advocate, security researcher, bug bounty hunter, and the founder of the Hacking Group Sakura Samurai 桜の侍, a security research group dedicated to ethical research.JOHN J HACKING
CVE-2020-27388: YOURLS 1.5 - 1.7.10, Multiple Stored Cross Site Scripting (XSS) Vulnerabilities in Admin PanelJOHN J HACKING
The portfolio and blog of the Application Security Engineer & Hacker, John Jackson. General content includes motivational writing, cheat sheets, tool write-ups, etc. THE ULTIMATE OSCP PREPARATION GUIDE, 2021 The Ultimate OSCP Preparation Guide, 2021. An organized guide to highlight some of the smartest techniques and resources for your OSCP journey. Updated with JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
Hidden Eye. Creator: DarkSecDevelopers. HiddenEye is an extremely effective Social Engineering tool that can be used to gather users credentials, and other miscellaneous information. JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
John Jackson is a cybersecurity professional, senior application security engineer, author, hacking advocate, security researcher, bug bounty hunter, and the founder of the Hacking Group Sakura Samurai 桜の侍, a security research group dedicated to ethical research.JOHN J HACKING
CVE-2020-27388: YOURLS 1.5 - 1.7.10, Multiple Stored Cross Site Scripting (XSS) Vulnerabilities in Admin PanelJOHN J HACKING
The portfolio and blog of the Application Security Engineer & Hacker, John Jackson. General content includes motivational writing, cheat sheets, tool write-ups, etc. THE ULTIMATE OSCP PREPARATION GUIDE, 2021 The Ultimate OSCP Preparation Guide, 2021. An organized guide to highlight some of the smartest techniques and resources for your OSCP journey. Updated with JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
Hidden Eye. Creator: DarkSecDevelopers. HiddenEye is an extremely effective Social Engineering tool that can be used to gather users credentials, and other miscellaneous information. JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
CVE-2020-27388: YOURLS 1.5 - 1.7.10, Multiple Stored Cross Site Scripting (XSS) Vulnerabilities in Admin PanelJOHN J HACKING
The portfolio and blog of the Application Security Engineer & Hacker, John Jackson. General content includes motivational writing, cheat sheets, tool write-ups, etc.JOHN J HACKING
Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP Plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.JOHN J HACKING
FireRTC: Call Spoofing. FireRTC is a tool that can be used to spoof any phone number, and dial out to the designated phone number. Published on Aug 09, 2020JOHN J HACKING
Hidden Eye. Creator: DarkSecDevelopers. HiddenEye is an extremely effective Social Engineering tool that can be used to gather users credentials, and other miscellaneous information.JOHN J HACKING
Currently in process of writing a book for Wiley. Stay tuned!JOHN J HACKING
John never thought he would have a career sitting at a computer, let alone in cybersecurity. We walk through John's journey from being a Petroleum Engineer in the United States Marine Corps to eventually working in application security, penetration testing, security research and bug bounties.JOHN J HACKING
United Nations data breach exposed over 100k UNEP staff records. John worked with his team, Sakura Samurai to find and report a Data Breachof the UNEP.
JOHN J HACKING
P1: Critical - Discovering and Foiling a Threat Actor Disclaimers, Credits: Thank you to everyone who helped validate any part of theproject. It took a
JOHN J HACKING
Indian Government Breach, Massive Amount of Critical Vulnerabilities Executive Summary. Sakura Samurai knew that the Indian Government operated an RVDP (Responsible Vulnerability Disclosure Program).JOHN J HACKING
John Jackson is a cybersecurity professional, senior application security engineer, author, hacking advocate, security researcher, bug bounty hunter, and the founder of the Hacking Group Sakura Samurai 桜の侍, a security research group dedicated to ethical research.JOHN J HACKING
CVE-2020-27388: YOURLS 1.5 - 1.7.10, Multiple Stored Cross Site Scripting (XSS) Vulnerabilities in Admin PanelJOHN J HACKING
Feb 22, 2021. Cleartext Storage in a File or on Disk in Keybase Desktop Clients for Windows, macOS, and Linux allows attacker who can locally read user’s files obtain private pictures in the Cache and uploadtemps directories. Keybase Client fails to effectively clear cached pictures, even after deletion via normal methodology within theJOHN J HACKING
John Jackson is a cybersecurity professional, senior application security engineer, author, hacking advocate, security researcher, bug bounty hunter, and the founder of the Hacking Group Sakura Samurai 桜の侍, a security research group dedicated to ethical research. He is most known for multiple CVE and Enterprise Security Research THE ULTIMATE OSCP PREPARATION GUIDE, 2021 The Ultimate OSCP Preparation Guide, 2021. An organized guide to highlight some of the smartest techniques and resources for your OSCP journey. Updated with JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
Hidden Eye. Creator: DarkSecDevelopers. HiddenEye is an extremely effective Social Engineering tool that can be used to gather users credentials, and other miscellaneous information. JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
In the last six months, there was a news article about a threat actor that used spoofing to convince someone in the financial department to transfer funds to an external bank account. These stories keep popping up because employees are uneducated and can fall victim to Social Engineering attempts under the right circumstances.JOHN J HACKING
John Jackson is a cybersecurity professional, senior application security engineer, author, hacking advocate, security researcher, bug bounty hunter, and the founder of the Hacking Group Sakura Samurai 桜の侍, a security research group dedicated to ethical research.JOHN J HACKING
CVE-2020-27388: YOURLS 1.5 - 1.7.10, Multiple Stored Cross Site Scripting (XSS) Vulnerabilities in Admin PanelJOHN J HACKING
Feb 22, 2021. Cleartext Storage in a File or on Disk in Keybase Desktop Clients for Windows, macOS, and Linux allows attacker who can locally read user’s files obtain private pictures in the Cache and uploadtemps directories. Keybase Client fails to effectively clear cached pictures, even after deletion via normal methodology within theJOHN J HACKING
John Jackson is a cybersecurity professional, senior application security engineer, author, hacking advocate, security researcher, bug bounty hunter, and the founder of the Hacking Group Sakura Samurai 桜の侍, a security research group dedicated to ethical research. He is most known for multiple CVE and Enterprise Security Research THE ULTIMATE OSCP PREPARATION GUIDE, 2021 The Ultimate OSCP Preparation Guide, 2021. An organized guide to highlight some of the smartest techniques and resources for your OSCP journey. Updated with JOHN J HACKINGSEE MORE ON JOHNJHACKING.COM JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
Hidden Eye. Creator: DarkSecDevelopers. HiddenEye is an extremely effective Social Engineering tool that can be used to gather users credentials, and other miscellaneous information. JOHN J HACKINGSEE MORE ON JOHNJHACKING.COMJOHN J HACKING
In the last six months, there was a news article about a threat actor that used spoofing to convince someone in the financial department to transfer funds to an external bank account. These stories keep popping up because employees are uneducated and can fall victim to Social Engineering attempts under the right circumstances.JOHN J HACKING
Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP Plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.JOHN J HACKING
In the last six months, there was a news article about a threat actor that used spoofing to convince someone in the financial department to transfer funds to an external bank account. These stories keep popping up because employees are uneducated and can fall victim to Social Engineering attempts under the right circumstances.JOHN J HACKING
Summary. While working on a Private Bug Bounty Program for Hackerone, Jackson and I found client-side laravel PHP debugging that allowed for the full takeover of a SQL Server, and account takeover of the Admin account for a Mail Marketing Application. Upon further inspection, there was more than meets the eye.JOHN J HACKING
Shortly after, Jackson Henry found a vulnerability that resulted in the exposure of 14,000+ user records. The records included a wide range of sensitive information, including full name, contact info, employee’s department, date of birth, etc. These exposed records along with other various SQL server dumps and Rob’s Police RecordExposure
JOHN J HACKING
Versions of npm private-ip including and prior to 1.0.5 are vulnerable to multiple Server Side Request Forgery (SSRF) bypasses. Implemented Regular Expression (RegEx) within the package fail to account for variations of localhost and other Private IP ranges. An attacker can obfuscate payloads, or utilize ranges outside of the block list to successfully execute SSRF bypass techniquesJOHN J HACKING
Jackson then ran the exploit, and observed successful command execution of basic commands. After a bit of enumeration, Jackson found a “backup” folder that contained a tar archive that contained a backup of application components, which would allow him to exfiltrate financial records. At this point, he stopped testing.JOHN J HACKING
The Squire Association is an Elite Club for “friends of Jack Daniel’s”. Anyone that has ever dreamed of being a Tennessee Squire knows how difficult - if not impossible it is to obtain membership without paying thousands of dollars (or knowing someone who can nominate you). Tonight, I give you an inside look of the SquireAssociation, and
JOHN J HACKING
During the research process Jackson Henry @JacksonHHax , Nick Sahler, John Jackson @johnjhacking and Aubrey Cottle @Kirtaner identified an endpoint that exposed Git Credentials. The credentials gave us the ability to download the Git Repositories, identifying a ton of user credentials and PII. In total, we identified over 100K+ privateemployee
JOHN J HACKING
A few months back I began having severe wrist pain, to the point where I didn’t even want to spend time hacking regularly. If anyone knows what I’m talking about, it’s painful - an electric shock and seconds later, a nearly intolerable typing experience. Friends of mine had recommended that I utilize compression gloves, and I anxiously* Home
* About
* Research
* Blog
* Home
* About
* Research
* Blog
JOHN "MR. HACKING" JACKSON*
*
*
*
*
Hack the Galaxy.
Find out more about meEXPERIENCE
SENIOR APPLICATION SECURITY ENGINEERShutterstock
December 2019 - Current CYBER SECURITY ENGINEER IIIStaples
November 2018 - December 2019PETROLEUM ENGINEER
United States Marine Corps July 2012 - January 2017CERTIFICATIONS
_Click the images below to view the proof_Offensive Security
Certified Professional Certified Ethical Hacker | Master Certified Penetration TestingEngineer
Certified Network DefenderSecurity+
A+
ITIL Foundation
Metasploit Pro CertifiedSpecialist
AppSpider Enterprise Certified Specialist2020 John Jackson
Details
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0