Rezultati pretraživanja
  1. 1. velj

    Yay, I was awarded a $6,000(x3) bounty on ! Would be impossible without my bounty mate . It's definitely P.S. New personal record by single payout.

  2. We are going public with our some of the products in our program . ~10 services will go from private -> public. This will be done gradually over the next two months. The program is now online at Happy hacking!

    Prikaži ovu nit
  3. 8. pro 2019.

    CSRF Account Takeover Advice: - Subdomain Enumeration - Map out attack surface / Spider - Right click on targets -> Engagement Tools -> Analyze Target - Look for password reset with no CSRF token - Reset Password and email generate PoC - Report - $$$

  4. 15. pro 2019.
  5. 24. sij

    Yay, I was awarded a $2000 bounty on ! For multiple vulnerabilities-ssrf- highest level of privilege escalation-admin account access.

  6. 28. sij

    Yay, I was awarded a $2,300 bounty on ! RCE + Blind SSRF

  7. 6. pro 2019.

    Transparency builds trust: a blog from yours truly about public disclosure, vulnerability, culture, trust, and hackers.

  8. 19. pro 2019.

    For those who are asking How I found my last SQL injection Here is a simple POC

    Prikaži ovu nit
  9. 11. sij

    Yay, I was awarded a $30,650 bounty on ! for Various reports

  10. 24. pro 2019.
  11. 23. pro 2019.

    New Write-up About a dom xss From a private project 500$ Merry Christmas to you all ! Thanks

  12. 28. sij

    Hacker tip: when you’re looking for IDORs in a model that references another model, try storing IDs that don’t exists yet. I’ve seen a number of times now that, because the model can’t be found, the system will save the ID. (1/2)

    Prikaži ovu nit
  13. 2. velj
  14. 2. velj

    Request has a 64 chars long csrf token in the header and same in the cookie. I can use any random string of 64 chars but they should have same value in both places. Any ideas how I can possibly exploit this csrf for another user?

  15. 2. velj

    In January, I submitted 28 vulnerabilities to 6 programs on .

  16. 1. velj

    In January I submitted 3 vulnerabilities to 2 programs which turned out to be duplicate. I learnt: do your own research and find unique vulnerabilities. Understand the target and pinch the critical nerves.

  17. 1. velj
  18. 31. sij

    Yay, I was awarded a $250 bounty on ! The infamous $250 only tweet lol say what you want about i love the company. rhhttps://hackerone.com/dondata

  19. 31. sij
  20. 28. sij

    8 duplicates on a row, I guess it's safe to call me the King of Duplicate reports 😅

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.