ak1t4  

@akita_zen

[ Bug Bounty Hunter - Zen Monk] "Beautiful things don't ask for attention".

Co-founder #bugbountyworld
Vrijeme pridruživanja: listopad 2013.

Tweetovi

Blokirali ste korisnika/cu @akita_zen

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @akita_zen

  1. Prikvačeni tweet
    24. ruj 2019.

    For those who doesn’t know, recently I just hit a €12000 💥💰 on ! Thanks for this fun interview 🗣 thanks to the amazing people working over this awesome platform 👏 🙌🔥

    Poništi
  2. proslijedio/la je Tweet
    3. velj

    Give a man an open redirect, and you feed him for a day. Teach a man to chain open redirects with other bugs, and you feed him for a lifetime.

    Poništi
  3. 1. velj

    I was wondering why this guy shine 💫so much? "beautiful people don't come out of nowhere" Totally recommended this interview, specially if you are struggling with mental/emotional issues This is amazing 👏🌈💕 Thank you!

    Poništi
  4. proslijedio/la je Tweet
    30. sij

    Some hunters made over €50.000 in bug bounties with this simple trick. 🤑 Thanks for the , !

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    31. sij

    , , and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover.

    Poništi
  6. proslijedio/la je Tweet
    30. sij

    I published another blog today. This is a story about an interesting SQL Injection I found. “A Not-So-Blind RCE with SQL Injection” by Prashant Kumar

    Poništi
  7. proslijedio/la je Tweet
    30. sij

    Stream #4 is up on Youtube! These segments I call "Tool Time" and go through some new-ish bounty/appsec tradecraft + tools. Enjoy!

    Poništi
  8. 30. sij

    Thanks !Special Achievement Awarded: “Surgeon” (max reward 💰 on a program)

    Poništi
  9. proslijedio/la je Tweet
    29. sij

    We all love Burp suite by , right? Want to send over all the ffuf job matches to Burp? Easy with -replay-proxy ffuf -u -w wordlist.txt -replay-proxy http://127.0.0.1:8080 If you ffuf on remote box, this totally works through ssh tunnels too!

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    27. pro 2019.

    Wrote and just released a simple tool wrapping one of my favorites, LinkFinder. “endpointdiff” will help to discover differences between old & new JS files to determine if any endpoints were removed/added.

    Poništi
  11. 30. sij
    Poništi
  12. 28. sij
    Poništi
  13. proslijedio/la je Tweet
    15. sij

    CVE-2020-5504 SQLI in phpMyAdmin: A malicious user could inject custom SQL in place of their own username when creating queries to this page fix:

    Poništi
  14. Poništi
  15. proslijedio/la je Tweet
    27. sij

    When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently: dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u <target>

    Poništi
  16. proslijedio/la je Tweet
    25. sij

    Digital Ocean Bucket Takeover:- format: bucketname[.]region[.]digitaloceanspaces[.]com In Console:- Create Space, type the bucket name, make it public :) How to find? site:github[.]com intext:digitaloceanspaces[.]com

    Poništi
  17. proslijedio/la je Tweet
    25. sij

    time: combine Arjun from with BurpIntuder to bruteforce parameter values. I once got "?debug" as a valid parameter and got "on" as a good value which disclosed juicy information helping me chain bugs to a P1. Final: "?debug=on" RT & L

    Poništi
  18. proslijedio/la je Tweet
    25. sij

    Espectacular como salio el "Buenos Aires Live Meetup" powered by más de 26 bugs reportados incluyendo varios critical, más de U$S 10000 en bounties, arriba los hackers argentinos!

    Poništi
  19. proslijedio/la je Tweet
    25. sij

    We are screaming congratulations to our SEVENTH million-dollar hacker! sprinted across the 7-figure payout mark, bringing in almost $300K in bounties over the last 90-days. You're incredible! Thank you for the work you do in security. Thank you for being you! ❤️🎇

    Poništi
  20. proslijedio/la je Tweet
    3. lis 2019.

    I just have write: “Subdomains Enumeration: what is, how to do it, monitoring automation using webhooks and centralizing your findings”. I hope you enjoy it.

    Poništi
  21. proslijedio/la je Tweet
    20. svi 2019.
    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·