Md. Jakirul Alam
@Jakirpentest
Aspiring Ethical Hacker | Learning Cyber Scurity | Post Office Entrepreneur
Shodan is one of my favorite recon tools. It helps me find exposed servers, APIs, and misconfigs during bug bounty hunting. A must-have for any hacker. #Shodan #BugBounty #OSINT #Recon #InfoSec
As an ethical hacker, I’m currently working on a target where I’ve identified 15 live subdomains using Google Dorking and GitHub recon. Each subdomain was verified through tools like httpx and dnsx.
Recon on a live domain for a #BugBounty program — subdomain enum, DNS analysis & attack surface mapping. Meanwhile solving @TryHackMe rooms to sharpen my web exploitation & enum skills. Learn. Practice. Apply. #EthicalHacking #Infosec #CyberSecurity
Completed my first project on Fiverr as an ethical hacker and got a 5-star review Grateful for the trust Check out my profile fiverr.com/jakirpentest #EthicalHacking #BugBounty #CyberSecurity #Fiverr
Got my first Fiverr order last night as an ethical hacker. After months of learning and practice, this is a big step in my journey. Grateful and excited for what’s ahead #Fiverr #EthicalHacking #CyberSecurity #FirstOrder #BugBounty #Pentesting
Discovered a powerful subdomain enumeration tool called OneForAll Python-based, supports passive and active recon Also checks for subdomain takeover GitHub: github.com/zhzyker/OneFor… bugbounty recon subdomain oneforall infosec
rubid=3 causes 500 Internal Server Error on GET & HEAD requests, while other values return 200 OK. Indicates a backend bug and poor input validation. #BugBounty #WebSecurity #Pentesting
Found a login endpoint that throws 500 Internal Server Error when a long password is submitted. Repeated requests slow the server down to 3–4s response time. Possible DoS via input overload. #BugBounty #DoS #WebSecurity #OpenBugBounty
Found a Blind SSRF on a target via a URL-based image loader. Verified using collaborator server: /LoadImage.aspx?url=…ut2hspdd3aqwxbhgwinoec90y.oastify.com/test.jpg Unreported but a solid example of simple input leading to serious server-side risks #BlindSSRF #BugBounty #CyberSecurity
Found a reflected XSS via OpenBugBounty https://[hidden]/Print.asp?img="><script>alert(OPENBUGBOUNTY)</script> Reported via responsible disclosure #XSS #BugBounty #OpenBugBounty #CyberSecurity #InfoSec
![Jakirpentest's tweet image. Found a reflected XSS via OpenBugBounty
https://[hidden]/Print.asp?img="&gt;&lt;script&gt;alert(OPENBUGBOUNTY)&lt;/script&gt;
Reported via responsible disclosure
#XSS #BugBounty #OpenBugBounty #CyberSecurity #InfoSec](https://pbs.twimg.com/media/Gt1IdaPWAAAu3zW.jpg)
![Jakirpentest's tweet image. Found a reflected XSS via OpenBugBounty
https://[hidden]/Print.asp?img="&gt;&lt;script&gt;alert(OPENBUGBOUNTY)&lt;/script&gt;
Reported via responsible disclosure
#XSS #BugBounty #OpenBugBounty #CyberSecurity #InfoSec](https://pbs.twimg.com/media/Gt1IdbPW8AA23r8.jpg)
I have identified a rate limiting vulnerability while testing a domain on the OpenBugBounty platform The forgot password feature was accepting multiple reset requests without any proper rate limiting control
Learning through rejections at OpenBugBounty Some reports got rejected as duplicates or not reproducible Every try teaches me something new #BugBounty #CyberSecurity #InfoSec #LearningByDoing
Successfully reported multiple security vulnerabilities via OpenBugBounty.org. The reports have been accepted and are now visible. Following responsible disclosure policy, no technical details are shared. Grateful for the opportunity to contribute to a safer internet.
Discovered a DOM Based XSS vulnerability today The payload executes entirely on the client-side without any server-side reflection Identifying DOM XSS can be challenging, but proper analysis makes it possible
Alhamdulillah Found a SQL Injection vulnerability on a live domain during testing via OpenBugBounty. Target is out of scope, so couldn’t report it. Still, a great learning experience. #BugBounty #SQLi #CyberSecurity #JakirPentest #EthicalHacking
Discovered a phpinfo() info leak on a live domain via OpenBugBounty. Not submitted — out of scope per platform rules. Always check scope before reporting. [domain]net/alp/info.php #BugBounty #ResponsibleDisclosure #InfoSec
![Jakirpentest's tweet image. Discovered a phpinfo() info leak on a live domain via OpenBugBounty. Not submitted — out of scope per platform rules.
Always check scope before reporting.
[domain]net/alp/info.php
#BugBounty #ResponsibleDisclosure #InfoSec](https://pbs.twimg.com/media/GsDkxaLaUAMKG_-.jpg)
![Jakirpentest's tweet image. Discovered a phpinfo() info leak on a live domain via OpenBugBounty. Not submitted — out of scope per platform rules.
Always check scope before reporting.
[domain]net/alp/info.php
#BugBounty #ResponsibleDisclosure #InfoSec](https://pbs.twimg.com/media/GsDkxaNaUAUtNs6.jpg)
Hello everyone, I’m Md Jakirul Alam, an Ethical Hacker and Security Enthusiast from Bangladesh. Starting my journey in cybersecurity and ethical hacking. Excited to learn and contribute. #cybersecurity #infosec
"Exploring the world of Ethical Hacking and learning something new every day! 💻🔐 Cybersecurity is both exciting and challenging, and I'm loving the journey so far. 🚀 What's your favorite cybersecurity tip or tool? #EthicalHacking #CyberSecurity #LearnToHack"
United States Trends
- 1. #lip_bomb_RESCENE N/A
- 2. Ravens 58.4K posts
- 3. Lamar 46.5K posts
- 4. #heatedrivalry 14.9K posts
- 5. ilya 16.9K posts
- 6. shane 20.3K posts
- 7. #River 3,247 posts
- 8. Joe Burrow 21K posts
- 9. hudson 11.9K posts
- 10. Connor 15.2K posts
- 11. Zay Flowers 4,190 posts
- 12. #WhoDey 4,155 posts
- 13. Chiefs 109K posts
- 14. #hrspoilers 2,958 posts
- 15. BNB Chain 8,083 posts
- 16. Sarah Beckstrom 221K posts
- 17. scott hunter N/A
- 18. Derrick Henry 4,473 posts
- 19. Third World Countries 27.1K posts
- 20. AFC North 2,367 posts
Something went wrong.
Something went wrong.