-
My First Writeup on Reflect XSS https://link.medium.com/xf8MO7LiD3
#bugbounty#writeups#XSS -
Some
#bugbounty hunters made over €50.000 in bug bounties with this simple trick.
Thanks for the #BugBountyTip,@rez0__!pic.twitter.com/z9sPFJTNqV
Prikaži ovu nit -
#OSINT: theHarvester:https://github.com/laramies/theHarvester … Recon-ng:https://bitbucket.org/LaNMaSteR53/recon-ng … FOCA:https://github.com/ElevenPaths/FOCA … Discover:https://github.com/leebaird/discover … Spiderfoot:http://www.spiderfoot.net/ Sn1per:https://github.com/1N3/Sn1per SimplyEmail:https://github.com/SimplySecurity/SimplyEmail …#bugbountytips#redteam#BugBounty -
I earned 2x$350 for my 2 submissions on
@bugcrowd https://bugcrowd.com/luffydragneel . Both were stored XSS with a simple payload "><img src=x onerror=alert(1)>.#ItTakesACrowd#bugbountyPrikaži ovu nit -
#day49#bugbounty#learning My day ends at midnight 03:00am Busy making my tool after coming from the office Finally, it's done Just give a list of url's and this tool will do some enum. -Content-Lenght -Status_code -Dom-XXS -Forms -Title DAY ENDS :)
https://github.com/TROUBLE-1/codeza …pic.twitter.com/vSuQPMO8w0
Prikaži ovu nit -
Akamai WAF Bypass, worked on a recent
#bugbounty program#xss <x onauxclick=a=alert,a(domain)>click -
WooT! There is always a way. New
#bugbounty#pentest short write up! Chain the bugs till you get what you want.#bugbountytip#bugbountytips#hacking Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:)
pic.twitter.com/nlAv4pMPhx
Prikaži ovu nit -
Learn to test the embedded or IoT devices, firmware analysis, fuzzing and much more in this hands-on training by Kaustubh
@s3curityb3ast Register here: https://bit.ly/3b8Tu3G#iot#hardware#hacking#infosec#cybersecurity#embedded#exploitation#owaspseasides#bugbounty pic.twitter.com/pW0rXe5oYk
-
Data extraction bug in Facebook. Sorry, no write-up for this one for the current time!
#BugBounty pic.twitter.com/EX4tXLPH2J
-
A source code analyzer built for surfacing features https://github.com/microsoft/ApplicationInspector … Burp Bounty(a quick and simple way, to improve the active and passive scanner) https://github.com/wagiro/BurpBounty … Sublert is a security and reconnaissance tool https://github.com/yassineaboukir/sublert …
#bugbounty,#bugbountytips -
Just released a quick tool, wordlistgen, I put together for taking a list of URLs/paths from stdin and parsing components (subdomains, paths, query strings & values) to easily/quickly make contextual content discovery wordlists for
#bugbounty https://github.com/ameenmaali/wordlistgen …Prikaži ovu nit -
Facebook rewarded me with a bounty of $30000 for SSRF on prod server (Internal Access
).
#BugBounty#Facebookpic.twitter.com/ueQ8xTsB6y
-
Password reset flaw https://link.medium.com/OVvYaKLng3 https://link.medium.com/HZpTPtR2F3 https://link.medium.com/bpYhuYR2F3 https://link.medium.com/5PnwoRS2F3 https://link.medium.com/A67jqlT2F3 https://thezerohack.com/hack-instagram-again … https://ninadmathpati.com/how-i-was-able-to-earn-1000-with-just-10-minutes-of-bug-bounty … https://link.medium.com/MgdJoyY2F3 https://link.medium.com/iRVWjs02F3 https://link.medium.com/roeUih12F3
#bugbounty -
Directory Listings --> JS files --> Hidden Endpoints --> Endpoints contains hidden parameters --> Playing with, got Server Errors --> Found Apache Solr version 6.0.0 --> Found Vulnerable --> Public POC --> Got RCE :)
#bugbounty -
We are going public with our some of the products in our
#bugbounty program@Hacker0x01. ~10 services will go from private -> public. This will be done gradually over the next two months. The program is now online at https://hackerone.com/visma Happy hacking!#togetherwehitharderpic.twitter.com/qUMA1RoTHaPrikaži ovu nit -
Today, we are launching
#BugBusiness, a series of interviews with#BugBounty hunters. In our first edition, we are discussing logic flaws and@securitytxt with@EdOverflow !
Who would you like to see interviewed next? Leave a comment!
http://go.intigriti.com/bugbusiness-1 -
In Jan,
@Zomato program on@Hacker0x01: - Received 2 valid reports compared to 5 in Dec - Awarded $5,300 worth of bounties compared to $1,950 in Dec - 48 hackers participated, compared to 56 in Dec - Had 3 hrs avg first response time https://hackerone.com/zomato#bugbounty#infosec -
Have you guys checked our brand new website “http://mobexler.com ”? I think it’s super cool :-) Thanks to
@BeingSheerazAli and@0ddhawk for their hard work :-)#MobileSecurity#security#bugbounty pic.twitter.com/Mu27sJnHa9
-
Do you have a big file w/ URLs w/ many of them being default pages, wildcards etc? Use
@TomNomNom's get-title hack to grep out common titles: cat urls.txt | get-title -c 300 > titles.txt cat titles.txt | grep -v "PATTERN" | awk -F '[()]' '{print $2}'#bugtbountytip#bugbounty
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.