Tal vez te guste
High Signal #01: postMessage, pre-auth RCE, and Gemini hacks newsletter.bugbountydaily.com/p/high-signal-…
I had put bug bounty aside for a while due to personal reasons. I came back a week ago and reported 8 bugs with critical and high severities, earning over 20k in bounties. The motivation is back 🫡. I recommend read JavaScript, and use @jsmonsh very good service for bb btw
Unfortunately, your AI is wrong here: "It requires a separate vulnerability that allows an attacker to poison the page cache" Here's my blog describing how to exploit it: rcesecurity.com/2025/11/exploi…
The blog.mantrainfosec.com/blog/18/prepar… post by @xoreipeip shows how prepared statements can be exploited in NodeJS using mysql and mysql2 packages leading to SQLi! 🪄 So use of prepared statement might not be the ultimate solution here 🥵 as a side note, @xoreipeip later found this…
When doing recon, if you have a file with a bunch of URLs, you can use @xnl_h4ck3r's urless tool to declutter and reduce the amount of noise in the results. Check it out here 👇 github.com/xnl-h4ck3r/url…
Sharing the report from a 3-week solo audit: • 16 High • 6 Medium • 4 Low • 16 Info Large codebase using the Diamond Proxy pattern and integrating with Uniswap. Report 👇 github.com/gkrastenov/aud…
I have created and uploaded the videos for the Prototype Pollution labs. There are also write-ups. Check out the links. @PortSwigger @WebSecAcademy Write-Ups: sommercode.gitbook.io/web-security-a… Playlist: youtube.com/playlist?list=…
I'm reading this article from @zhero___ quite late looking at the release date, but it's a goldmine if you want to start or understand bug hunting zhero-web-sec.github.io/thoughts/bugbo…
Things you must read to slowly step up your client-side game AuxClickjacking by @rafabyte_: blog.bugport.net/auxclickjacking
H2H video with @ThisIsDK999 live here in 17 hours > Made $100K+ in bug bounties before 25 > Started hacking in cyber cafes, no formal training > Focused on Adobe Experience Manager, rich niche > Collaboration prevents burnout > Recon + automation = efficiency > Bug bounties…
youtube.com
YouTube
How This 22 Year Old Made $100,000 Hacking Companies ! | Hacker...
It's impossible not to add all @ctbbpodcast research to bb.vitorfalcao.com. I may automate it to automatically add them using RSS (if they have it)
I'm creating an AI Red Team course based on the few AI Security jobs openings descriptions I've seen. I'm also writing X Articles that may be of interest. github.com/Vect0rdecay/ai…
Static analysis for Android apps based on the OWASP MASVS framework 🌟 - github.com/Cyber-Buddy/AP… #infosec #cybersec #bugbountytips
In short - bug bounties are a fast track to entrepreneurship :)
Seem like one common path In bounties are. Realize bounties exist, do bounties, find bugs, share wins n writeups, level up, do talks, do lhe’s, burn out, build solution, if good enough, get acquired, have job, do bounties for fun and profit.
Todays thinking moment: Imagine you rely on automation. You ask automation (tool) for subdomains. It gives you 2000 subdomains. You start working. You run into a buddy who has 6000 subdomains for same target. You are confused. Buddy tells you "oh, your automation (tool) will…
United States Tendencias
- 1. Mamdani 135K posts
- 2. Ukraine 536K posts
- 3. #KayJewelers N/A
- 4. #Veloragpt N/A
- 5. Putin 182K posts
- 6. #pilotstwtselfieday 1,074 posts
- 7. Geraldo 2,701 posts
- 8. DON'T TRADE ON MARGIN N/A
- 9. #FursuitFriday 13.9K posts
- 10. Anthony Joshua 4,859 posts
- 11. Le Cowboy N/A
- 12. Start Cade N/A
- 13. Zelensky 117K posts
- 14. NOTAM 5,428 posts
- 15. #TrumpCrushesYourDreams 6,736 posts
- 16. Chris DeMarco 1,032 posts
- 17. Happy Thanksgiving 3,643 posts
- 18. NATO 68.3K posts
- 19. Kenyon 2,280 posts
- 20. UNLAWFUL 149K posts
Tal vez te guste
-
Japz (h4nt3rx) 🕷️🏴☠️
@japzdivino -
Samuel
@saamux -
xer0dayz
@xer0dayz -
Aditya Gujar
@fyoorer -
pwnmachine 👾
@princechaddha -
Sébastien Morin
@SebMorin1 -
gujjuboy10x00
@vis_hacker -
Ashar Javed
@soaj1664ashar -
Karel Origin
@Karel_Origin -
Tabahi
@_tabahi -
Ian Bouchard
@Corb3nik -
@v!b$123!
@vibs123i -
SecuNinja support 🇺🇦 🌌 @secuninja.bsky.social
@secuninja -
Splint3r7
@Splint3r7 -
Arbaz Hussain
@ArbazKiraak
Something went wrong.
Something went wrong.