Exercise #1: People say they can't find IDORs. I say, the best IDORs are found via good reconnaissance, followed by manual testing. Reconnaissance is work. Manual testing is work. Work = Money (well, usually) Part #1: T-mobile is a public bug bounty program on Bugcrowd.…
🚨 Cache poisoning -> JS redirection -> site-wide Stored XSS A 301 redirect trusted X-Forwarded-Host allowed main.js to be cached pointing at attacker.com. Result: malicious JS executed across the main site + 21 subdomains. Impact: session hijack, account takeover,…
Everyone hunts for common bugs… but the real rewards often hide in the underrated ones. I’ve made a YouTube playlist — “Underrated Vulnerabilities” showing how to find impactful bugs most hackers miss. Practical. Real. Eye-opening. Watch here: youtube.com/watch?v=GZ5yaQ…
IDA Reverse Engineering Step-by-Step Into Reverse Engineering: EXE Patreon Unlocked ❤️
Quick tip : ⏩🤍 If you're searching for IDs for IDOR bugs, try using Google dorking — for "example.com : inurl:ba_token " For more ways to find IDs, read this informative write-up by h4x0r_dz: medium.com/@h4x0r_dz/payp… #BugBounty #bugbountytips
Post 1/30 : CVE-2025-29927 How to find Vulnerable Assets for it! Steps; 1. Get all domains and IPS Domains >> Subfinder -dL list-of-domain.txt -o subdomains.txt IPs >> shodan search "ssl:'domain.tld'" --fields ip_str --limit 1000 >> ips.txt 2. find their open ports using…
20+ bugs are duplicate/known in a single morning, wah what a beautiful day 🤌🌚 #bugbounty #hunting
Post 2/30: Email Leaks from waybackurls cat waybackurls \ | grep -Eoi '[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}' \ | tr '[:upper:]' '[:lower:]' \ | grep -vE '\.(png|jpg|jpeg|svg|gif)$' \ | grep -vE…
![h4x0r_fr34k's tweet image. Post 2/30: Email Leaks from waybackurls
cat waybackurls \
| grep -Eoi '[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}' \
| tr '[:upper:]' '[:lower:]' \
| grep -vE '\.(png|jpg|jpeg|svg|gif)$' \
| grep -vE…](https://pbs.twimg.com/media/G3q5h9iWcAA7NcA.jpg)
![h4x0r_fr34k's tweet image. Post 2/30: Email Leaks from waybackurls
cat waybackurls \
| grep -Eoi '[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}' \
| tr '[:upper:]' '[:lower:]' \
| grep -vE '\.(png|jpg|jpeg|svg|gif)$' \
| grep -vE…](https://pbs.twimg.com/media/G3q5h9gWIAA8vkq.jpg)
I always used AuthMatrix and Autorize in BurpSuite... but felt like I needed more. I now have more. AuthFlow (BApp extension) is close to coming out of beta... and already finding bugs. It will be released soon...
bugbounty tip: [easy to find critical bugs, follow this method] 1. find a api sensitive endpoint (must be leak sensitive info) 2. look headers "Cache-Control, CF-Cache-Status, Via, X-Cache, ETag, Age" confirm they store cache or not. (if stored try web cache deception) 3.…
![darkshadow2bd's tweet image. bugbounty tip:
[easy to find critical bugs, follow this method]
1. find a api sensitive endpoint (must be leak sensitive info)
2. look headers "Cache-Control, CF-Cache-Status, Via, X-Cache, ETag, Age" confirm they store cache or not. (if stored try web cache deception)
3.…](https://pbs.twimg.com/media/G3hY4znWAAAj6jM.jpg)
The recording of "HTTP/1.1 must die: the desync endgame" has now landed on YouTube. Enjoy! youtube.com/watch?v=zr5y6B…
youtube.com
YouTube
RomHack 2025 - James “albinowax” Kettle - HTTP/1.1 Must Die! The...
FINALLY! I overcame the procrastination wall and published my full breakdown on Dependency Confusion. This post covers my strategy for turning existing research into a 24/7 automated engine. Check out here: sl4x0.medium.com/turning-depend… #bugbountytips #supplychains
Here y’all go as promised: Title : Recon for Ethical Hacking Penetration Testing & Bug Bounty Link: mega.nz/folder/Mxtx0J7a Decryption key: Lh4sxKgLqAJZyaA0DYRQ-A Make sure you are following me on tiktok, I’ll be dropping hot resources there too ! Tiktok:…
From knowing nothing about how open source works to got $10,000 bounties. This is the first time I'm sharing my whole open source PR's. I hope you guys can learn from them. open-source-contributions.notion.site/Contributions-…
Where do you see yourself in the next 4 years? Me 🤌💕
Finally Here’s a new recon guide that will help you find bugs. I’ve included some private scripts and techniques I use. if even one person lands a bounty from this, I’ll consider the effort worth it. infosecwriteups.com/my-5-minute-wo…
IDOR 403 bypass techniques (*id parameter payloads) New live hunting video with a reported bug is out too! youtu.be/Xy4nmc2PhJ0 #bugbounty
🚨 New Writeup Alert! 🚨 "2FA Bypass via Request Handling Flaw" by TSxNINJA is now live on IW! Check it out here: infosecwriteups.com/e4cf21bb4c55 #bugbounty #hacking #infosec #2fa #redteam
United States Trends
- 1. #BUNCHITA 1,307 posts
- 2. #SmackDown 42.7K posts
- 3. Tulane 3,649 posts
- 4. Aaron Gordon 2,371 posts
- 5. Giulia 14K posts
- 6. Supreme Court 181K posts
- 7. Russ 12.9K posts
- 8. #OPLive 2,218 posts
- 9. Connor Bedard 2,216 posts
- 10. #TheLastDriveIn 3,181 posts
- 11. #BostonBlue 4,184 posts
- 12. Podz 2,568 posts
- 13. Caleb Wilson 5,408 posts
- 14. Northwestern 4,834 posts
- 15. Scott Frost N/A
- 16. Rockets 20.1K posts
- 17. Memphis 15.7K posts
- 18. Frankenstein 72.6K posts
- 19. Zach Lavine N/A
- 20. Isaiah Hartenstein N/A
Something went wrong.
Something went wrong.