 
                            Ali Zain Zahid
@programmer__boy
Bug Bounty Hunter, OSCP ,OSEP,ECPPTv2 Certified ,Software Engineer,Penetration Tetser
Was dir gefallen könnte
By the grace of Allah Almighty i Got #OSEP certified Thank you @offsectraining for providing such an Intense Training. Learnt alot and will definitely recommend this Certification
 
                                            🛡️ 𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐄𝐧𝐠𝐢𝐧𝐞𝐞𝐫'𝐬 𝐆𝐮𝐢𝐝𝐞 𝐭𝐨 𝐌𝐂𝐏 If you need to learn how to test & secure MCPs in your org in a hurry... Get up to speed in 10min + a free MCP security cheatsheet of exactly what to look for.
 
                                            DarkGPT Link : …w2rxtdwz7y6b5u4jhlck3xdhmepvhid.onion
 
                                            ☄️Photon - Fast web crawler for osint and recon 🚀github.com/s0md3v/Photon
 
                                            𝗖𝗶𝗽𝗵𝗲𝘆 🕵🏽♂️ ⚡ Descifra automáticamente cifrados sin conocer la clave o el algoritmo, decodifica codificaciones y rompe hashes. Ideal para #CTFs ⚡ 🔗 github.com/bee-san/Ciphey
 
                                            Stop using basic XSS payloads. @RenwaX23 compiled the nastiest collection of parentheses-free XSS eval.apply${[alert\\x2823\\x29]} `Reflect.apply.call`${alert}${undefined}${}`[11] `throw onerror=eval,SyntaxError`alert\\x2823\\x29 Check it out: github.com/RenwaX23/XSS-P…
Automates SQL injection testing using SQLMap with AI-powered decision making.⚙️ - github.com/0xSojalSec/sql… #infosec #cybersec #bugbountytips
 
                                            HexStrike AI: The World's Most Advanced AI-Powered Penetration Testing Framework with Autonomous Agents, Intelligent Decision Engine, and 150+ Security Tools. GitHub: github.com/0x4m4/hexstrik…
 
                                             
                                            scan4all: Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty GitHub: github.com/GhostTroops/sc…
 
                                            GitHub - pr0v3rbs/CVE-2025-32463_chwoot: sudo Local Privilege Escalation CVE-2025-32463 - github.com/pr0v3rbs/CVE-2…
Here are the slides from my @TumpiConIT talk: Teaching LLMs how to XSS - An introduction to fine-tuning and reinforcement learning (using your own GPU) docs.google.com/presentation/d…
You keep asking about realistic usage of Burp Suite, and I like it. Let's dig through old, but still relevant, blog posts... ⤵️
Congrats! PoC usually: 1️⃣ Find target email, create email with punycode version 2️⃣ Reset password with unicoded version 3️⃣ Find reset password link in attacker's creates email adress
Account takeover due to unicode normalization issue. - Victim account: [email protected] - Attacker account: ynoⓞ[email protected] Due to no validation send to the email and some unicode issues , this leads to account takeover. Thanks @HusseiN98D for the idea. #bugbountytips
 
                                                                            If you never used the Piper extension, I recommend to watch the 4-minute demo I gave last year during my talk at @NorthSec_io 🛠️ youtube.com/watch?v=N7BN--…
youtube.com
YouTube
NSEC2023 - Burp Suite Pro tips and tricks, the sequel
Basically allows you to execute **any** tool/command on **any** part of an HTTP request/réponse. It can pipe tools together as well as automatically execute pipelines. You can even launch GUI tools such as meld for easy diffing @Agarri_FR mentioned it a while ago and it's awesome
AdaptixC2 v0.5 is out github.com/Adaptix-Framew… * Windows "gopher" agent * Fast socks5 tunnels via "gopher" agent * Remote Terminal * Client side tunnels More details in the changelog: adaptix-framework.gitbook.io/adaptix-framew…
 
                                            Just released WPProbe v0.6.0! It now includes a bruteforce mode and a hybrid scan (REST endpoints + bruteforce). Check it out: github.com/Chocapikk/wppr… (Thanks @ibrahimsql for the PR)
 
                                            Built a Burp Suite extension to run SQLmap directly from the GUI. No more saving HTTP requests + jumping to terminal. Just: – Mark param with * – Right-click → Send to SQLmap – Pick options → Run Linux-only for now. Windows support coming soon. Full write-up:…
 
                                            IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX - @wiz_io wiz.io/blog/ingress-n…
GoExec 是用于在 Windows 设备上实现远程执行方法的新尝试。GoExec 实现了许多尚未广泛应用的执行方法,并整体上提供了显著的操作安全性(OPSEC)改进。 github.com/FalconOpsLLC/g…
collect emails, usernames from commit history of repos of an org from GitHub for more personalized targeting of employees ghintel.secrets.ninja
 
                                            Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Recon cyberw1ng.medium.com/part-2-advance… #bugbounty #bugbountytips #bugbountytip
United States Trends
- 1. Falcons 30.3K posts
- 2. Eagles 82.4K posts
- 3. Skattebo 33.6K posts
- 4. Andy Dalton 7,344 posts
- 5. 49ers 25.7K posts
- 6. Drake Maye 7,505 posts
- 7. James Cook 4,660 posts
- 8. Myles Garrett 3,222 posts
- 9. Dillon Gabriel 3,078 posts
- 10. Raheem 5,398 posts
- 11. #Browns 3,234 posts
- 12. Josh Allen 6,127 posts
- 13. Bears 55.5K posts
- 14. Niners 3,385 posts
- 15. #NYGiants 4,826 posts
- 16. Saquon 14.1K posts
- 17. Bills 119K posts
- 18. #DawgPound 2,463 posts
- 19. Jennings 19K posts
- 20. Ravens 37.5K posts
Was dir gefallen könnte
- 
                                                
                                                     Gotcha1G Gotcha1G
 @Gotcha1G
- 
                                                
                                                     Abdelrhman Allam 🇵🇸 Abdelrhman Allam 🇵🇸
 @sl4x0
- 
                                                
                                                     mhmd berro (badcracker) mhmd berro (badcracker)
 @badcrack3r
- 
                                                
                                                     Roberto Nunes Roberto Nunes
 @0x_Akoko
- 
                                                
                                                     Ali Mansour Ali Mansour
 @mrxhunter1337
- 
                                                
                                                     Hossam A. Mesbah 🇵🇸 Hossam A. Mesbah 🇵🇸
 @m359ah
- 
                                                
                                                     Karim Habeeb Karim Habeeb
 @NoRed0x
- 
                                                
                                                     Hazem Hazem
 @H4cktus
- 
                                                
                                                     Chevy Phillip Chevy Phillip
 @chevyphillip
- 
                                                
                                                     bsysop bsysop
 @bsysop
- 
                                                
                                                     Gavin K Gavin K
 @atomiczsec
- 
                                                
                                                     Medusa Medusa
 @medusa_0xf
- 
                                                
                                                     Rohan Rohan
 @_Base_64
- 
                                                
                                                     Leonidas D. Ace (Md Rafi Ahamed) 🇧🇩 Leonidas D. Ace (Md Rafi Ahamed) 🇧🇩
 @L3onid1s
- 
                                                
                                                     Pramod Yadav Pramod Yadav
 @cyberindia3
Something went wrong.
Something went wrong.
 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
                                                 
             
             
             
             
             
             
             
             
             
             
                             
                             
             
             
             
             
             
             
             
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                