sergeybelove.ru
@sergeybeloveMy name is Sergey Belov and I do security. Email: sergeybelove at gmail dot com.
http://www.sergeybelove.ru/
My name is Sergey Belov and I do security. Email: sergeybelove at gmail dot com.
http://www.sergeybelove.ru/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Saturday
LOAD TIME
0.2 seconds
PAGES IN
THIS WEBSITE
3
SSL
EXTERNAL LINKS
41
SITE IP
104.28.13.101
LOAD TIME
0.188 sec
SCORE
6.2
@sergeybelove | sergeybelove.ru Reviews
https://sergeybelove.ru
My name is Sergey Belov and I do security. Email: sergeybelove at gmail dot com.
@sergeybelove - blog about web security
Pritunl – changing self-signed SSL certificate to Lets Encrypt. Imagine that you already have some valid SSL certificate (e.g. from Lets Encrypt with auto-renew, check https:/ www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04. And want to use it for your Pritun’s web panel. Just open main app.py file. Mcedit /usr/lib/pritunl/lib/python2.7/site-packages/pritunl/app.py. Find next strings (lines number 146-149). And replace them (or just comment with #) with.
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx.
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx.
@sergeybelove
http://www.sergeybelove.ru/pwn-stuff
Some of my tools and tricks for web/network pentesting. Info about you for debug purposes. IP (REMOTE ADDR) 23.21.86.101 # User agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10 10 1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36. DNS proxy for Penetration Testers. You can set any record to any value, e.g. A - to XSS payload. Also very useful for dns tunneling detection. Multi-threaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks.
@sergeybelove
http://www.sergeybelove.ru/public-stuff
1 - Hacking videos:. ScreenCast] CodeFest 2014 - pentesting client/server API (sha1 padding and xxe demo) [watch]. Public talk] CodeFest 2014 - pentesting client/server API [watch]. ScreenCast] WordPress - From XSS to RCE. Google service (Waze) [watch]. ScreenCast] Any.DO 0day exploitaion with mosquito tool (gmail 2-steps auth acc hijacking). CTF] DEFCON 20 Documentary Full Version (we are on 02:08 :D) [watch]. ScreenCast] DroidSheep ARP-spoof demo and Fing routerpwn.com d-link dir 320 hacking [watch].
@sergeybelove
http://www.sergeybelove.ru/one-button-scan
Online scanner for security holes. Please test responsibly. All tests details are logged. Do not test against websites that you do not have permission to test against. All data is archived in case of abuse. Domain name or IP address. Total domains / IP addresses were checked: 12301. Total scans - 14143, for last 24 hours - 18.
TOTAL PAGES IN THIS WEBSITE
3
Архивы Разное - Взрывной блог
https://bo0om.ru/raznoe
Vulners — хакерский поисковик. О том, почему я съехал с виртуального хостинга. Уязвимость в Linkedin. Этичный хакер или злоумышленник? Массовый взлом telegram на PHDays. VK — история одного взлома. Чтение файлов vk с помощью ленты новостей. Глядь, какой крутой поисковик. Еще одна spoofing-атака на браузеры. Порно на ZeroNights 2015. Подмена аргументов при шаре в соцсети. К записи О том, почему я съехал с виртуального хостинга. К записи О том, почему я съехал с виртуального хостинга. Эй, сюда иди.
tricks Archives - @sergeybelove
https://blog.sergeybelove.ru/category/tricks
Pritunl – changing self-signed SSL certificate to Lets Encrypt. Imagine that you already have some valid SSL certificate (e.g. from Lets Encrypt with auto-renew, check https:/ www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04. And want to use it for your Pritun’s web panel. Just open main app.py file. Mcedit /usr/lib/pritunl/lib/python2.7/site-packages/pritunl/app.py. Find next strings (lines number 146-149). And replace them (or just comment with #) with.
Frontend in(security) - @sergeybelove
https://blog.sergeybelove.ru/2016/02/frontend-insecurity
Slides from my talk at OWASP Poland about different attacks to modern frontend. OWASP EEE (Krakow) – It's only about frontend. Text – click. Huge thanks to Mario. For help while preparing this presentation. February 28th, 2016. Posted In: Public talks.
Remote command execution on the client side via jsonp - @sergeybelove
https://blog.sergeybelove.ru/2015/01/remote-command-execution-on-the-client-side-via-jsonp
Remote command execution on the client side via jsonp. Today I want to reborn my blog and share a little and very simple (and new? Trick – how to get RCE on the client side via jsonp in IE (any verison). This technique looks like on “reflected file download” from last BlackHat. Request sent via a script tag - script src="https:/ status.github.com/api/status.json? Data received as an execution of the predefined function. - script function apiStatus(data) { console.log(data.status); } /script. In case when...
Let us see the Impact! - @sergeybelove
https://blog.sergeybelove.ru/2014/12/let-us-see-the-impact
Let us see the Impact! The vulnerability lies in its presence in the records of the domains’ subdomains, which contain addresses belonging to the local network. Let’s suppose that when searching subdomains, we’ve found something like local.target.com, which points to 127.0.0.1 address (or simply to an IP from the local network). Img src = http:/ local.target.com:10024/. Once the victim opens the mail and downloads an image from *. Http:/ local.target.com:631/jobs/? One may transmit XSS and receive cookies.
Hamachi on raspberry pi - bash no such file or directory
https://blog.sergeybelove.ru/2015/11/hamachi-on-raspberry-pi-bash-no-such-file-or-directory
Hamachi on raspberry pi – bash no such file or directory. If you have following error after installing hamachi on raspberry pi. Bash: /usr/bin/hamachi: No such file or directory. Ln -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3. November 15th, 2015.
21 0day XSS on Yahoo - still unfixed after 2 years! (updated) - @sergeybelove
https://blog.sergeybelove.ru/2016/02/21-0day-xss-on-yahoo-after-1-year
21 0day XSS on Yahoo – still unfixed after 2 years! Seems it’s time to disclose 21 zero day XSS on Yahoo. I do not break any rules, any laws of any country (I hope lol) posting this to public (Yahoo officially said that they need only 90 days to rollout fix for any vuln, please visit https:/ hackerone.com/yahoo. 8211; Yahoo’s bugbounty rules). This vuln affect 21 different Yahoo domains and not fixed for a one year. I reported this issue 9 months ago ( https:/ hackerone.com/reports/77385. Html, $matches)...
bugbounty Archives - @sergeybelove
https://blog.sergeybelove.ru/category/bugbounty
21 0day XSS on Yahoo – still unfixed after 2 years! Seems it’s time to disclose 21 zero day XSS on Yahoo. I do not break any rules, any laws of any country (I hope lol) posting this to public (Yahoo officially said that they need only 90 days to rollout fix for any vuln, please visit https:/ hackerone.com/yahoo. 8211; Yahoo’s bugbounty rules). This vuln affect 21 different Yahoo domains and not fixed for a one year. I reported this issue 9 months ago ( https:/ hackerone.com/reports/77385. Html, $matches)...
TOTAL LINKS TO THIS WEBSITE
41
Главная
Базыкин Сергей Юрьевич Учитель физической культуры, тренер-преподаватель (ДЗЮДО). МБОУ "Средняя общеобразовательная школа 5" г. Ивантеевки Московской области. 2017 « Базыкин Сергей Юрьевич. Копирование материалов сайта разрешено только с письменного согласия автора сайта.
sergeybelanov
Upgrade to paid account! Чемпионат Европы по керлингу 2014. Бронзовый матч (женщины). November 28th, 2014. Если бы Мюрхэд и ее команда так играли с начала турнира (или хотя бы с начала второго этапа) - расклад сил на этом первенстве мог бы быть иным - но спорт не терпит сослагательных наклонений. Что случилось - то произошло. Поздравим сборную Шотландии с пятой подряд медалью Европейских чемпионатов, и еще раз пожелаем нашей команде хорошей игры завтра утром. Как говорит Роджер Шмидт - здесь и сейчас.
Сергей Бельмесов | Кайт — путешествия по всему миру с Чемпионом России Сергеем Бельмесовым.
Кайт — путешествия по всему миру с Чемпионом России Сергеем Бельмесовым. Кайт — туры. Кайт — кемпы. Кайт Вейк Кемп в El-Gouna. Кайт Кемп в Черногории. Кайт — сафари. Кайт и Вейк оборудование. Доска ALRIDE Sergey Belmesov PRO. Кайт-сафари по островам Красного моря. С 5 по 12 сентября 2015. Kite safari safary egypt sergey belmesov 2014. Новогодний кайт-тур по Юго-Западной Австралии с Сергеем Бельмесовым. 25 Декабря 2014 — 9 Января 2015 года. Australia Perth kite kitesurfing expedition. Если вы НОВИЧОК, то ...
Sergey Belov
Friday, September 29, 2006. Posted by Vladimir Andreyev at 5:50 AM. It was the crowning moment of my creative life in Russia. It was the festival of The Holiday of Joy and Togetherness which occurred in Moscow in April 1992. The main participants in this Festival were our friends from America, the singer Kita Bouroff De Sesa and her husband, composer, pianist and conductor Gary De Sesa. View my complete profile.
Sergey Belov
Looking for a job. Sergey Belov, PhD. Phone (408) 306 4071 E-mail: sbelov70757@gmx.com. Expert in Software Development, Design and Architecture. Over 20 years experience in software design and architecture, development, programming, project management of real time multitask embedded control systems, information systems and Front End Web distributed GUI systems. Excellent ability to deliver on-time by establishing and maintaining software/engineering development process.
@sergeybelove
My name is Sergey Belov and I do security. Email: sergeybelove at gmail dot com.
photographer
Sergey Berezin
The page I call home. Saturday, February 21, 2015. Today I got bitten by my hamster who never bit anyone before in his entire life. I think it was a sign that I needed to upgrade my website. Fine, I got the message. I'm moving on to a new platform, with a new look, compatible with all the new gadgets that didn't even exist at the time I wrote my last entry. Maybe I'll even post something a little more often. Subscribe to: Posts (Atom). View my complete profile.
sergeyberezin.tranceformworld.com
Sergey Berezin's Home Page
We do not see things as they are. We see things as we are. ". Doors - The Movie. Apr 1, 2013:. Don't Forget The Staples! Got a new website! New thread: reviews of movies I've watched. Jul 31, 2010:. From TV Studio workshop in Russia. May 15, 2010:. 24 hour film race project. Don't Forget The Staples! A short comedy has screened at Scary Cow Festival in summer 2012, and is now available online. A movie I directed in Russia in summer 2011. I'm (re)starting to post on my video blog. In place of a disclaimer.
SERGEY BERLIN, tattoo artist / master of mental geometry
Сергей Безруков. Официальный сайт
Cергей Безруков вошел в Общественный совет при столичном управлении СК РФ. Сегодня 5 августа на заседании коллегии Главного следственного управления Следственного комитета РФ по Москве был избран новый состав Общественного совета. В Общественный совет избраны 10 человек, в том числе художественный руководитель Московского Губернского драматического театра Сергей Безруков, актер и режиссер Михаил Пореченков, автор и исполн. 171;Евгения Онегина в авторском проекте Юрия Башмета можно посмотреть он-лайн.
SOCIAL ENGAGEMENT