Potrebbero piacerti
High Signal #01: postMessage, pre-auth RCE, and Gemini hacks newsletter.bugbountydaily.com/p/high-signal-…
I had put bug bounty aside for a while due to personal reasons. I came back a week ago and reported 8 bugs with critical and high severities, earning over 20k in bounties. The motivation is back 🫡. I recommend read JavaScript, and use @jsmonsh very good service for bb btw
Unfortunately, your AI is wrong here: "It requires a separate vulnerability that allows an attacker to poison the page cache" Here's my blog describing how to exploit it: rcesecurity.com/2025/11/exploi…
The blog.mantrainfosec.com/blog/18/prepar… post by @xoreipeip shows how prepared statements can be exploited in NodeJS using mysql and mysql2 packages leading to SQLi! 🪄 So use of prepared statement might not be the ultimate solution here 🥵 as a side note, @xoreipeip later found this…
When doing recon, if you have a file with a bunch of URLs, you can use @xnl_h4ck3r's urless tool to declutter and reduce the amount of noise in the results. Check it out here 👇 github.com/xnl-h4ck3r/url…
Sharing the report from a 3-week solo audit: • 16 High • 6 Medium • 4 Low • 16 Info Large codebase using the Diamond Proxy pattern and integrating with Uniswap. Report 👇 github.com/gkrastenov/aud…
I have created and uploaded the videos for the Prototype Pollution labs. There are also write-ups. Check out the links. @PortSwigger @WebSecAcademy Write-Ups: sommercode.gitbook.io/web-security-a… Playlist: youtube.com/playlist?list=…
I'm reading this article from @zhero___ quite late looking at the release date, but it's a goldmine if you want to start or understand bug hunting zhero-web-sec.github.io/thoughts/bugbo…
Things you must read to slowly step up your client-side game AuxClickjacking by @rafabyte_: blog.bugport.net/auxclickjacking
H2H video with @ThisIsDK999 live here in 17 hours > Made $100K+ in bug bounties before 25 > Started hacking in cyber cafes, no formal training > Focused on Adobe Experience Manager, rich niche > Collaboration prevents burnout > Recon + automation = efficiency > Bug bounties…
youtube.com
YouTube
How This 22 Year Old Made $100,000 Hacking Companies ! | Hacker...
It's impossible not to add all @ctbbpodcast research to bb.vitorfalcao.com. I may automate it to automatically add them using RSS (if they have it)
I'm creating an AI Red Team course based on the few AI Security jobs openings descriptions I've seen. I'm also writing X Articles that may be of interest. github.com/Vect0rdecay/ai…
Static analysis for Android apps based on the OWASP MASVS framework 🌟 - github.com/Cyber-Buddy/AP… #infosec #cybersec #bugbountytips
In short - bug bounties are a fast track to entrepreneurship :)
Seem like one common path In bounties are. Realize bounties exist, do bounties, find bugs, share wins n writeups, level up, do talks, do lhe’s, burn out, build solution, if good enough, get acquired, have job, do bounties for fun and profit.
Todays thinking moment: Imagine you rely on automation. You ask automation (tool) for subdomains. It gives you 2000 subdomains. You start working. You run into a buddy who has 6000 subdomains for same target. You are confused. Buddy tells you "oh, your automation (tool) will…
United States Tendenze
- 1. Caleb Love 2,690 posts
- 2. Mamdani 457K posts
- 3. Sengun 8,596 posts
- 4. Marjorie Taylor Greene 68.8K posts
- 5. Reed Sheppard 3,748 posts
- 6. Norvell 3,520 posts
- 7. Suns 19.8K posts
- 8. Collin Gillespie 3,871 posts
- 9. Lando 45.6K posts
- 10. #SmackDown 46.3K posts
- 11. Morgan Geekie N/A
- 12. UNLV 2,194 posts
- 13. Rockets 16.7K posts
- 14. Blazers 3,925 posts
- 15. Florida State 10.8K posts
- 16. Kerr 4,960 posts
- 17. Wolves 16.6K posts
- 18. #LasVegasGP 70.5K posts
- 19. The View 97.3K posts
- 20. Finch 2,798 posts
Potrebbero piacerti
-
Japz (h4nt3rx) 🕷️🏴☠️
@japzdivino -
Samuel
@saamux -
xer0dayz
@xer0dayz -
Aditya Gujar
@fyoorer -
pwnmachine 👾
@princechaddha -
Sébastien Morin
@SebMorin1 -
gujjuboy10x00
@vis_hacker -
Ashar Javed
@soaj1664ashar -
Karel Origin
@Karel_Origin -
Tabahi
@_tabahi -
Ian Bouchard
@Corb3nik -
@v!b$123!
@vibs123i -
SecuNinja support 🇺🇦 🌌 @secuninja.bsky.social
@secuninja -
Splint3r7
@Splint3r7 -
Arbaz Hussain
@ArbazKiraak
Something went wrong.
Something went wrong.