tag:blogger.com,1999:blog-2595502479307004038Wed, 11 Feb 2026 08:14:19 +0000advisoriestoolstrainingspaperstalent-highlightsupdatesinterviewsmiscsecuritypresentationsexploitsUpdates about YGN Ethical Hacker Group's Activitieshttp://bl0g.yehg.net/noreply@blogger.com (Unknown)Blogger255125tag:blogger.com,1999:blog-2595502479307004038.post-2363257017956732230Sun, 02 Apr 2023 13:16:00 +00002023-04-02T06:16:57.368-07:00interviewstalent-highlights1. ညီရဲ့ အကြောင်းလေး ပြောပါဦး။ကျွန်တော်သူရပါ။ ကျွန်တော် Cybersecurity ပိုင်းကို ၂၀၁၀ လောက်တုန်းက စဝင်ခဲ့ပါတယ်။ 2010 လောက်တုန်းက Network Security နဲ့ Microsoft AD Security ပိုင်းကို အဓိကထားလုပ်ခဲ့ပါတယ်။ 2015 မှာ မြန်မာကနေ ပထမဆုံး နိုင်ငံတော်က စီစဉ်ပေးတဲ့ CTF ကို Indonesia မှာသွားပြိုင်ခဲ့ပါတယ်။ ကျွန်တော် Telecom လောကမှာ Security ပိုင်းနဲ့ ၅ နှစ်လောက်လုပ်ခဲ့ပါတယ်။ Company အမျိုးမျိုးမှာ Position http://bl0g.yehg.net/2023/04/interview-with-cyber-security-talent.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-1762828046398900152Wed, 15 Sep 2021 14:09:00 +00002021-09-15T07:09:51.617-07:00 IntroductionHello guys, I would like to write a review about OSEP course and exam that I purchased in July 2021. During that time, my mind was feeling unwell and so I decided to take a course from Offsensive Security after I passed OSWE exam. Course and lab reviewI subscribed OSEP for 3 months lab access because I am not very familiar with the course contents. You can download course http://bl0g.yehg.net/2021/09/osep-course-and-exam-review.htmlnoreply@blogger.com (kmt)tag:blogger.com,1999:blog-2595502479307004038.post-3063945199872603239Wed, 19 May 2021 17:40:00 +00002021-05-20T09:42:51.554-07:00talent-highlights  1. ညီရဲ့ အကြောင်းလေး ပြောပါဦး။ကျွန်တော်နာမည်အရင်းက မင်းကိုကိုပါ။ ဒီ Computer နယ်ပယ်ထဲစဝင်တုန်းက cyberoot ဆိုတဲ့ nickname ကြောင့်အများကတော့ KoRoot လို့ခေါ်ကြပါတယ်။ Computer ကျောင်းပြီးပြီး ၂ နှစ်ကျော်မှ Computer နယ်ပယ်ထဲသေချာဝင်ဖြစ်ပါတယ်။ မှတ်မှတ်ရရတော့ အသက် ၂၅ (2012)ကစပြီး web developing စပြီးလေ့လာဖြစ်တယ် အဲလိုကနေပဲ security အပိုင်းဆက်ပြီးလေ့လာဖြစ်ပါတယ်။ 2019 လောက်ကစပြီး web http://bl0g.yehg.net/2021/05/interview-with-cyber-security-talent.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-3920850874848152248Mon, 21 Dec 2020 12:48:00 +00002020-12-21T04:48:37.473-08:00talent-highlightsThe year of 2020 has proven the booming of Cybersecurity/ Ethical Hacking/ Bounty Hunting young talents in Myanmar.  YEHG is wholeheartedly proud to feature an awesome young cybersecurity talent, Hein Thant Zin.______________________________ > A little bit about yourselfJust another guy who’d love to find some random loopholes in Web Application and REST API. > What made you http://bl0g.yehg.net/2020/12/interview-with-cyber-security-talent_21.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-1581140271530427126Mon, 21 Dec 2020 05:02:00 +00002020-12-20T21:02:52.034-08:00talent-highlightsCybersecurity/ Ethical Hacking/ Bounty Hunting have been capturing the hearts of young talents in Myanmar.  YEHG is wholeheartedly proud to feature a  cybersecurity talent, Chan Nyein Wai.______________________________    1. A little bit about yourselfI am the one who interested about cyber security and technology.I like helping people , company and want  to http://bl0g.yehg.net/2020/12/interview-with-cyber-security-talent_8.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-2274173713384357935Mon, 21 Dec 2020 02:02:00 +00002020-12-20T18:03:23.106-08:00talent-highlights Cybersecurity/ Ethical Hacking/ Bounty Hunting have been capturing the hearts of young talents in Myanmar.  Today, YEHG is wholeheartedly proud to feature a  cybersecurity talent, Nay Myat Min.______________________________ 1. A little bit about yourselfI am Nay Myat Min, a master’s student of Cyber Security at Mahidol University. I am currently working as an assistant http://bl0g.yehg.net/2020/12/interview-with-cyber-security-talent_89.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-5109365952705502903Sun, 20 Dec 2020 15:19:00 +00002020-12-20T18:11:09.685-08:00talent-highlightsCybersecurity/ Ethical Hacking/ Bounty Hunting have been capturing the hearts of young talents in Myanmar.  Today, YEHG is wholeheartedly proud to feature a  cybersecurity talent, Nay Min Htet. ______________________________ 1. A little bit about yourselfMy name is Nay Min Htet, and I am working as a Cyber Security Specialist. I love exploring systems to gain a better http://bl0g.yehg.net/2020/12/interview-with-cyber-security-talent_20.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-8715259861525562285Thu, 17 Dec 2020 15:03:00 +00002020-12-20T18:04:09.518-08:00talent-highlightsCybersecurity/ Ethical Hacking/ Bounty Hunting have been capturing the hearts of young talents in Myanmar.  This time, YEHG is wholeheartedly proud to feature a youngest known-to-date 17-year old cybersecurity talent, Kaung Myat Min. ______________________________   1. A little bit about yourself. I am just somebody who enjoys developing things and then breaking http://bl0g.yehg.net/2020/12/interview-with-cyber-security-talent_17.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-3713506370002251300Sun, 13 Dec 2020 07:04:00 +00002020-12-20T18:04:19.807-08:00talent-highlights  Cybersecurity/ Ethical Hacking/ Bounty Hunting have been capturing the hearts of young talents in Myanmar.  This month, YEHG is wholeheartedly proud to feature a young cybersecurity talent, Hein Htet Aung. _______________________________________  1) A little bit about yourselfI'm Hein Htet Aung, 22 years old and currently working as Associate Security Specialist in Yomahttp://bl0g.yehg.net/2020/12/interview-with-cyber-security-talent.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-5224542910415351523Sat, 16 May 2020 10:45:00 +00002020-12-20T18:04:30.715-08:00interviewstalent-highlights 1) A little bit about yourself I am Kaung Htet Aung. I explore weirdness in systems to surface security bugs for living. 2) What made you become obsessed with Cyber Security? I regard hacking as an art and this is generally how it's portrayed by many others as well if you reminisce about the past. As such my curiosity has always been onto exploring the process to be well http://bl0g.yehg.net/2020/05/interview-with-cybersecurity-talent_16.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-6084837183421894537Sun, 10 May 2020 15:31:00 +00002020-05-10T08:31:55.382-07:00interviewstalent-highlights 1) A bit about yourself I am Steve Nyan Lin, currently working as a Security Consultant in Singapore, and have been staying here since my secondary schooling days. When I am not working, I like to play chess, watch football and listen to music. I currently hold a Bachelor in Engineering (Electrical and Electronic Engineering) from Nanyang Technological University.2) What made you obsessed http://bl0g.yehg.net/2020/05/interview-with-cybersecurity-talent_10.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-6104815129179578278Sat, 09 May 2020 05:15:00 +00002020-05-08T22:15:45.873-07:00interviewstalent-highlights   1) A little bit about yourself I am Aung Kyaw Phyo, graduated from University of Computer Studies, Yangon(UCSY). Currently, I am working as an Assoc Cyber Security Analyst in Kernellix.  2) What made you become obsessed with Cyber Security? I am interested in finding out the ways how can I intrude and bypass targets, learning how other guys find and exploit http://bl0g.yehg.net/2020/05/interview-with-cybersecurity-talent_8.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-8764289526180787026Sun, 03 May 2020 11:32:00 +00002020-05-10T08:32:18.872-07:00interviewstalent-highlights 1) A bit about yourself Everyone call me Ethan. I am just one of the Cyber Security Enthusiastics like others. 2) What made you become obsessed with CyberSecurity? I have been interesting in Cyber Security (Defensive) since I was young. I only interested how to secure my systems and network even when everyone was talking about the programming. My interest was getting stronger when I http://bl0g.yehg.net/2020/05/interview-with-cybersecurity-talent.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-1610620465460701333Sun, 03 May 2020 04:14:00 +00002020-05-02T23:56:01.449-07:00interviewstalent-highlights This time, we reached out to Ko Sai Tin Htun Naing for sharing how he managed to get on to his long-desired security career. ------- My name is Sai Tin Htun Naing and formerly known as Infofreakz by the handle. I started my IT career in 2002 as a Web Designer. I then worked as a  Web Developer and  System Administrator. Currently, I’m working as a Penetration Tester. Over a http://bl0g.yehg.net/2020/05/story-of-penetration-tester-ko-sai-tin.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-5233858861147425285Mon, 20 Apr 2020 13:32:00 +00002020-12-20T07:45:49.523-08:00interviewstalent-highlights Cybersecurity Career Pathway: https://www.facebook.com/365902044065917/posts/515004779155642/?d=n  Pentester Career Path: https://www.facebook.com/watch/live/?v=1157846244630106&ref=watch_permalink  We're confident that this session will ignite the interests of many talents and emergence of next-generation Cyber Security professionals in Myanmar.  http://bl0g.yehg.net/2020/04/interview-with-ye-yint-min-thu-htut.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-8170535845342017922Mon, 12 Aug 2019 07:26:00 +00002021-02-10T21:51:48.172-08:00interviewstalent-highlights Cybersecurity/ Ethical Hacking/ Bounty Hunting have captured the hearts of young talents in Myanmar.  This month, YEHG is wholeheartedly proud to feature a young cybersecurity talent, Kyaw Min Thein.  _______________________________________ _______________________________________ 1) A bit about yourself. My name is Kyaw Min Thein. I'm current a final year student at http://bl0g.yehg.net/2018/12/interview-with-cybersecurity-talent.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-371309454191444298Tue, 30 Jul 2019 07:06:00 +00002019-07-30T00:06:28.985-07:00tools https://yehgdotnet.github.io/attack/obfuscator-using-env-vars.htm #redteam #mitreattack pic.twitter.com/tMjMhOPFpI — cybersecurity.wtf (@CyberSecWTF) July 30, 2019 http://bl0g.yehg.net/2019/07/obfuscator-using-windows-environment.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-8076750872039216848Fri, 26 Jul 2019 22:11:00 +00002019-07-26T15:21:16.602-07:00interviewstalent-highlights Cybersecurity/ Ethical Hacking/ Bounty Hunting have captured the hearts of young talents in Myanmar.  This month, YEHG is wholeheartedly proud to feature a young cybersecurity talent, Kyaw Sai Wynn Myat. _______________________________________  _______________________________________ 1) A bit about yourself. My name is Sai Wynn Myat aka sailay. I'm currently work at http://bl0g.yehg.net/2019/07/interview-with-cybersecurity-talent-sai.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-549641013830257139Sat, 15 Jun 2019 03:55:00 +00002020-04-27T05:36:57.398-07:00interviewstalent-highlights Cybersecurity/ Ethical Hacking/ Bounty Hunting have captured the hearts of young talents in Myanmar.  This month, YEHG is wholeheartedly proud to feature a young cybersecurity talent, Aye Hein Zayar.   _______________________________________ _______________________________________ 1) A bit about yourself - I am Aye Hein Zayar. Some called me Zayar and some http://bl0g.yehg.net/2019/06/interview-with-cybersecurity-talent-aye.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-6253989205813031779Sun, 02 Jun 2019 15:13:00 +00002019-06-10T06:38:24.463-07:00interviewstalent-highlights Cybersecurity/ Ethical Hacking/ Bounty Hunting have captured the hearts of young talents in Myanmar.  This month, YEHG is wholeheartedly proud to feature a young cybersecurity talent, Kyaw Thiha.  _______________________________________ _______________________________________ 1) A bit about yourself I am Kyaw Thiha , currently working as Cyber Security Consultant in http://bl0g.yehg.net/2019/06/interview-with-cybersecurity-talent.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-4631009458333744487Sun, 22 Apr 2018 07:32:00 +00002018-04-22T01:23:25.007-07:00 Testing non-English web apps is pretty straightforward which you can just use browser extension to translate what you see on screens. But that's not so straightforward for non-English mobile apps especially where no English support is available; in this case, pentesters have no choice but to translate each foreign keywords manually using browser navigating to translator web site..... http://bl0g.yehg.net/2018/04/burp-extension-bing-translator.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-8168333289681669741Mon, 26 Mar 2018 07:50:00 +00002018-12-29T23:12:18.589-08:00tools Quick and dirty wrapper as pyt doesn't support scanning directory from first look https://gist.github.com/yehgdotnet/074ab79528ccdac7653bb641beb3b7c5 # https://github.com/python-security/pyt - python secure code scanner @echo off IF %1.==. GOTO No1 IF %2.==. GOTO Missing_Argument set dir=%1 set type=%2 dir /s /b %dir% | find ".py" > source_listing.txt for /F "tokens=*" %%A in (http://bl0g.yehg.net/2018/03/pyt-wrapper.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-8580307045917049778Sat, 17 Mar 2018 03:04:00 +00002018-03-16T20:04:59.431-07:00 https://yehgdotnet.gitbooks.io/secure-php-codes/content/ This Gitbook serves as ready-to-use one-place reference for PHP secure codes that have been implemented in various sources/frameworks/articles on the web. Copyright and licensing belong to respective owners. If you like to implement them into your commercial products, make sure you check the source and its licensing terms for http://bl0g.yehg.net/2018/03/gitbook-released-secure-code-php.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-1191520995783434968Wed, 14 Feb 2018 03:49:00 +00002018-02-13T19:54:53.433-08:00tools # evilsocket-plugins Modified evilsocket's bettercap plugins minimally changed from existing ones written by the author Simone  'evilsocket' Margaritelli.    Credit goes to the author for creating such awesome easy moduler tool. https://github.com/yehgdotnet/evilsocket-plugins Instructions: 1. Git clone 2. Place it the orginal source folder http://bl0g.yehg.net/2018/02/evilsocket-plugins-replaceimage.htmlnoreply@blogger.com (Unknown)tag:blogger.com,1999:blog-2595502479307004038.post-3605867489551233660Fri, 29 Dec 2017 12:46:00 +00002017-12-29T04:46:12.342-08:00toolshttps://github.com/yehgdotnet/domxssbaker With potential DOM XSS findings from Burp Plugins, we end up reading complex JavaScript codes. At the end of the day, majority of DOM XSS come from location/href objects appended with # hag. This little script takes a list of URLs (which you can copy from Burp) and make a unique list and open your default browser every 15 seconds interval or interval http://bl0g.yehg.net/2017/12/dom-xss-baker.htmlnoreply@blogger.com (Unknown)