You might like
How I reverse-engineered an Android app, bypassed custom encryption layer, achieved server-side RCE, and earned a $5000 bounty. read the full story here (TLDR; but worth reading) blog.voorivex.team/from-an-androi…
why are most SPA web apps vulnerable to DOM XSS? I've found MANY bugs in Oauth when custom implementation gets involved, many ATO and DOM XSS. never overlook custom OAuth setups, like what? storing DATA in state parameter, happy hunting :]
![YShahinzadeh's tweet image. why are most SPA web apps vulnerable to DOM XSS? I've found MANY bugs in Oauth when custom implementation gets involved, many ATO and DOM XSS. never overlook custom OAuth setups, like what? storing DATA in state parameter, happy hunting :]](https://pbs.twimg.com/media/G4rr61XXUAANIXf.jpg)
This one was easy: searched JS files → revealing endpoints → JSON HTTP request → exposed PII. Tip: account for lazy-loading. many hunters miss endpoints. Method: click to trigger lazy-loaded JS, then search again for endpoints. Happy hunting :]
![YShahinzadeh's tweet image. This one was easy: searched JS files → revealing endpoints → JSON HTTP request → exposed PII. Tip: account for lazy-loading. many hunters miss endpoints. Method: click to trigger lazy-loaded JS, then search again for endpoints. Happy hunting :]](https://pbs.twimg.com/media/G4SM64xXQAAhU47.png)
I haven’t fully returned to BB since my H1 acc was suddenly closed, but this week I tried to start working again. I spent some time on BC and found an XSS and an IDOR, the XSS was easy with a simple payload :]
![YShahinzadeh's tweet image. I haven’t fully returned to BB since my H1 acc was suddenly closed, but this week I tried to start working again. I spent some time on BC and found an XSS and an IDOR, the XSS was easy with a simple payload :]](https://pbs.twimg.com/media/G4Hu2cNXsAAG0Er.jpg)
If a CSPT bug can't be exploited on the same origin, you can pivot it to another one. Cloudflare Image Transform can act as a cross‑origin gadget to reach more sensitive endpoints on different origins - you can read more about it here ;) blog.voorivex.team/cloudflare-ima…
20 days ago I found a uXSS and reported, it got triaged now, I'll publish a blog post after fix and vendor permission, it's my first bug that I'm not happy with due to recent H1 situation 🖤
Due to the repeated screw-ups and zero transparency around bans by @Hacker0x01, I’ve chosen to leave with dignity. My account is now fully deactivated and to be removed. If you need my services, I’m still available at @Bugcrowd @intigriti @immunefi @HackenProof @StandoffBB
I’ve been hunting on H1 for almost 3 years, ranked #18 in 2025, have always tried to contribute positively to the hacker community. I’ve earned around $500k in bounties and was on the road to $1M. Yet I don’t even have HSM, and I feel I haven’t been recognized as I should 1/4
Really disappointed to see @Hacker0x01 do this. I also had a similar interaction with h1 about a month ago where they questioned my nationality and place of residence after 10+ on the platform.
@Hacker0x01 is now banning people without explanation or providing how the terms and conditions were violated. While other platforms are advancing, H1 revolutionary new vision is to track hackers on social media, make assumptions and ban them without a real proof.
Bit late but this is a nice challenge, worth trying if you haven't already :D Otherwise, my solution is below, it's a really fun technique that makes me re-evaluate all the .source checks I've seen before...
I love engaging with programs being professional and communicating in a well-mannered way, especially when assessing severity, worked on a private program recently and reported 3 High bugs that earned +12k, the bugs were found reading JavaScript codes
poking around with @AmirMSafari on a public program, no WAF bypass, no special payload 3x Dom XSS: javascript:alert(origin) CSPT + parameter pollution: critical CSRF HTMLi: leaking URL equipped with token Tip: read JS files curiously, do not rush for bug, enjoy the process :]
![YShahinzadeh's tweet image. poking around with @AmirMSafari on a public program, no WAF bypass, no special payload
3x Dom XSS: javascript:alert(origin)
CSPT + parameter pollution: critical CSRF
HTMLi: leaking URL equipped with token
Tip: read JS files curiously, do not rush for bug, enjoy the process :]](https://pbs.twimg.com/media/GzMgP_8W8AAttHk.png)
after a long time, I decided to write a blog post about one of the old bugs I found in an Android app, which finally led me to achieve 0-Click Mass Account TakeOver it's now published, you can read it here : blog.voorivex.team/0-click-mass-a…
United States Trends
- 1. St. John 4,387 posts
- 2. Texas Tech 8,867 posts
- 3. Obamacare 166K posts
- 4. Elyiss Williams N/A
- 5. Sunderland 70.5K posts
- 6. #iufb N/A
- 7. Shapen N/A
- 8. #SaturdayVibes 5,586 posts
- 9. Mississippi State 3,500 posts
- 10. Aden Holloway N/A
- 11. Gameday 31.1K posts
- 12. #Caturday 5,607 posts
- 13. #sjubb N/A
- 14. Fernando Mendoza N/A
- 15. #BYUFOOTBALL N/A
- 16. Philon N/A
- 17. Insurance 215K posts
- 18. Jack Kelly N/A
- 19. Xhaka 6,114 posts
- 20. Beaver Stadium N/A
You might like
-
mohammed eldeeb
@malcolmx0x -
Amirabbas Ataei
@ImAyrix -
Sadra
@MrMSA16 -
Mohammad Nikouei
@NikoueiMohammad -
Lu3ky13 ⚡️⚡️
@lu3ky13 -
یاشو
@voorivex -
AmirMohammad Safari
@AmirMSafari -
A.fahimi
@af4himi -
Abbas Heybati
@abbas_heybati -
MorningStar
@0xMstar -
Sep
@bubanisepehr -
LIL NIX
@thelilnix -
Patrik Fehrenbach
@ITSecurityguard -
Arman
@m7arm4n_ -
Esmaeil Rahimian
@H_Mosafer
Something went wrong.
Something went wrong.