You might like
🚨 I convinced my team to do one last giveaway! Options: hhub.io/eu2wxGj 🏆 Full Access: $199 💻 Lifetime Course: $39 (includes updates) 🎯 1-Month trial (no updates): $19 TWO WINNERS (1 each): - Full cert bundle - Lifetime access Enter: ↪️ RT + Reply with 🎯
🚀Bug Bounty Tips: Act quickly to report issues related to CVE-2020-27838, as many vulnerable instances are still out there. I've identified over 100+ instances vulnerable to CVE-2020-27838 so far. A flaw was found in Keycloak in versions prior to 13.0.0. The client registration…
An automation tool for enumerating subdomains, filtering out XSS, SQLI, Open Redirect, LFI, SSRF, and RCE parameters, and scanning for vulnerabilities. github.com/h4r5h1t/webcop…
🌟Subdominator🌟 is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. 📥github.com/sanjai-AK47/Su… #bugbountytip #bugbountytips #ethicalhacking #CyberSecurity #Pentesting #sqli #xss #CyberSecurityAwareness #bugbounty #GitHub #offsec
📍Scanning APK file for URIs, endpoints & secrets. أداة لتحليل ملفات apk 🖇️github.com/dwisiswant0/ap…
THREAD How did I find 2 DOM XSS by hacking Swagger-UI? 1-Do a subdomain enum to find subs that use Swagger Ui 2-Get the live subs 3-Run Nuclei in all the live subs using the (-tags swagger) 4-Find Swagger Ui endpoints #BugBounty #bugbountytip #bugbountytips #Cybersecurity
Thanks to Allah always and forever ♥️ First Triage in 2024, HTML Injection on Login Page #Tips :- 1- site:*[.]redacted[.]com login.php 2- arjun -u .../login.php -> parameters with body length reflection (username) 3- Test for :- SQLi, LFI, XSS, HTML inj,..etc #bugbountytips
![wadgamaraldeen's tweet image. Thanks to Allah always and forever ♥️
First Triage in 2024, HTML Injection on Login Page
#Tips :-
1- site:*[.]redacted[.]com login.php
2- arjun -u .../login.php -> parameters with body length reflection (username)
3- Test for :- SQLi, LFI, XSS, HTML inj,..etc
#bugbountytips](https://pbs.twimg.com/media/GDk1lATXIAINsSh.jpg)
- Simple tip for port scan 1) after enumerat your subdomains save in subs.txt 2) run this command "cat subs.txt | dnsx -a -ro | naabu -silent -top-ports 1000 -exclude-ports 80,443,21,22,25 -o ports.txt" #bugbountytips #bugbounty #infosec #cybersec
شكرًا لعبدالرحمن ذكي، لخص فيديو الرود ماب ف تكست ❤️ للي مش حيقدر يتفرج عالفيديو او معندهوش وقت، دقيقه اقرا الاتي: ——————————— 1. html | elzero.org 2. css ازاي تعمل تزيين بس كدا وخلاص | 3. js | 4. php |…
الى من يهمه الامر، نزلت فيديو جديد للي بيدور على رود ماب ومستنيها مخصوص عشان يبدأ 🥹 youtu.be/ea-VT5mOknc?si… #cyberbugs #roadmap
🔖Penetration Testing, Beginner To Expert! Massive Web Application Penetration Testing & Bug Bounty Notes📚 github: github.com/xalgord/Massiv… #web #pentest
I'm thrilled to introduce Recon88r, a Python script designed to streamline and automate the reconnaissance process # Features: Subdomain Enumeration Live Results in Discord Perform XSS scans JS Exposures Port scanning Full nuclei scanning Panels #bugbounty t.ly/FfmSP
"Don't ignore 403 subdomains" Try to bypass or fuzz more. Also, always check Symfony targets for these directories: /_profiler. You might find phpinfo containing Symfony secrets, which can lead to RCE. Great tip by @GodfatherOrwa! ❤️❤️ #BugBounty #SecurityTips
Ghauri - An Advanced SQL Injection Automation Plugin-In By @SecurityFoster. 💫💫 Latest Acunetix VS Ghauri 🧐🧐 Coded By: @r0oth3x49 🎩 #Cybersecurity #automationtesting #BugBounty #bugbountytips
Some Shodan Dorks that might be useful in Bug Bounty. 1. org:"http://target. com" 2. http.status:"<status_code>" 3. product:"<Product_Name>" 4. port:<Port_Number> “Service_Message” 5. port:<Port_Number> “Service_Name” 6. http.component:"<Component_Name>" 7.…
This tool ( unisub ) , its one of the best option for you to bypass WAF's and filters .🙂 by @TomNomNom #bugbountytips #bugbounty #Hackingtime
Wanna know How I prevented a Mass Data Breach? Go Read: medium.com/@bxmbn/how-i-p… Wanna know How a Bank offer led to PII Leak? Go Read: medium.com/@bxmbn/i-recei… More writeups coming soon 🖤
1/7 Web Application Recon Tips 1 : Resolution # github.com/projectdiscove… cat subdomains/subdomains.txt | httpx -follow-redirects -random-agent -status-code -silent -retries 2 -title -web-server -tech-detect -location -no-color -o websites.txt #bugbountytips #BugBounty #Hacking
Ok, here is another #bugbountytip You can find this issue with “login with Google ” too, or any other Idp providers During the signup process, delete the email value from the scope 💣
🔐Secrets no one will share with you - Here's a technique that might grant you access to takeover other users' accounts using "Login with Facebook": Are you working on a target site that supports "Login with Facebook"? Disable email sharing during Facebook login and be ready…
To who asked about the vulnerability type, i wrote this writeup about it before period of time, enjoy reading it :- medium.com/@wadqamar10/ho…
بتوفيق من الله سبحانه و تعالى ♥️ One of my most notable achievements in 2023 is that I received my biggest Bounty and discovered security vulnerabilities in different companies, and if Allah willing, in 2024 I aim become a professional Security Researcher and get Security Certs
A less known CVE-2023-3793 - Weaver E-Cology SQL Injection. Nuclei Template Link Link: github.com/UltimateSec/ul… #BugBounty #SQLInjection
United States Trends
- 1. D’Angelo 356K posts
- 2. Young Republicans 29.5K posts
- 3. Charlie 685K posts
- 4. Erika Kirk 80K posts
- 5. Politico 220K posts
- 6. #AriZZona N/A
- 7. #PortfolioDay 23.4K posts
- 8. Jason Kelce 5,051 posts
- 9. Pentagon 112K posts
- 10. Presidential Medal of Freedom 96.5K posts
- 11. Harkey N/A
- 12. Burl Ives 1,062 posts
- 13. George Strait 5,444 posts
- 14. NHRA N/A
- 15. Milei 337K posts
- 16. All in the Family 20.3K posts
- 17. #LightningStrikes N/A
- 18. Big 12 N/A
- 19. Edith 2,689 posts
- 20. George Floyd 22.4K posts
You might like
-
JustinBmz
@Justin85563950 -
Mohamed Sayed (ret2flex) 🇵🇸
@FlEx0Geek -
mehrab opi🇧🇩
@mehrab_opi33500 -
katsec
@katsec23 -
Praveen Kumar
@Pax_Hiro -
Ahmad Asaad
@Asaad0x -
مَاِلِكيْ
@AhmedElmalky00 -
مُصْطفى | Kaiser
@hackieng -
Sabir Ali ⚡
@0xSabir -
🇵🇸Ayaa Hamed
@AyaaHam82030201 -
MrBotce🧙⛺
@DangerEnd3 -
Wajid Ahadpoor
@WajidAhadpoor -
Mohamed Fadul
@Mohameedmoniem
Something went wrong.
Something went wrong.