Nikhil Kumar
@socalledhacker
CEH V12 || Penetration Tester || Bug Hunter
Check this out. I know this is not perfect but i will try my best in future. This script scan whole cloud based infra.. and grep subdomains from ssl crt . This script use CloudRecon tool by @G0LDEN_infosec . github.com/s0calledhacker…
2FA bypass: 1. 2FA activated on main domain 2. Found subdomain : embed.<target>.com 3. Logged in to subdomain with same creds 4. After login to subdomain option to redirect to main domain. 5. Full access to main domain without entering 2FA #bugbountytips #BugBounty #2fabypass
How Ethical Hackers ACTUALLY Use ChatGPT With Real Examples 👉🏼 youtu.be/0lq-CokNjSI
OAuth Client Confusion is an easy-to-overlook vulnerability that can lead to account takeovers. If an app doesn’t verify that an Access Token was generated for its specific Client ID, an attacker can hijack accounts. Here’s how it works:
🔥 XSS Filter Bypass Cheatsheet 🔥 🚀 Basic Payloads: 🟢 <script>prompt(1)</script> 🟢 "><script>prompt(1)</script> 🟢 <img src=x onerror=prompt(1)> 🟢 <svg/onload=prompt(1)> 🟢 <body onload=prompt(1)> 🟢 <iframe src="javascript:prompt(1)"></iframe> 🟢 <a…
How the NSA (Equation Group) allegedly hacked into China's Polytechnical University 👀 I analysed intelligence reports from Chinese cyber firms (360, Pangu, CVERC) to aggregate TTPs attributed to Equation Group. 🔗inversecos.com/2025/02/an-ins…
🚨Alert🚨 CVE-2024-49113 : Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability 🔥PoC :github.com/SafeBreach-Lab… 📊 302.9m+ Services are found on hunter.how yearly. 🔗Hunter Link: hunter.how/list?searchVal… 👇Query HUNTER…
All my current bug bounty knowledge is gone. Here's how I get it back and make $100k in the first year: First, I've got to learn the basics. For this, I will make sure I understand at a high level how the components I'm working with function. I'll need to understand...
⚡Nice Resource to learn OTP Bypass for Bug Hunting ✅kathan19.gitbook.io/howtohunt/auth… #bugbounty #bugbountytips
Read “Google Dorks – Web Ninja Style“ by Angry Oval Egg on Medium: medium.com/@angryovalegg/… #bugbountytips #bugbounty #hacking #bughunting
Bug Bounty Tips💰: Easy $2000 bounty via enabled "PUT" method! Here’s the nuclei template I used to identify this vulnerability: 🔗 github.com/projectdiscove… The key question: If it’s a public nuclei template, why wasn’t it flagged as a duplicate, and how come no one else found…
Read “Business Logic Errors - A New Look“ by Jerry Shah (Jerry) on Medium: shahjerry33.medium.com/business-logic… #bugbounty #bugbountytips #hacking #infosec #bounty
Read “500$ Secrets: Uncovering Critical Vulnerabilities with Advanced JavaScript Analysis“ by hackersatty on Medium: hackersatty.medium.com/500-secrets-un… #bugbounty #infosec #bughunting
Read “[$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Application“ by Ahmed Fadel on Medium: medium.com/@ahmedfadel616… #BugBounty #bugbountytips #cybersecurity #infosec #hacking #security
Read “Easy SQLI in just 30 minutes“ by Muhammed Mubarak on Medium: medium.com/@mohammed01550… #bugbounty #bugbountytips
Read “How I Found My First Bug Using Shodan“ by Bochixx on Medium: medium.com/@bughunt.bochi… #bugbountytips #bugbounty #infosec #cybersecurity #hacking
Read bug bounty articles:- nexguardians.com #bugbounty #cybersecurity #infosec #hacking #bugbountytips #bug #bughunting #security
Read “File Upload Bypass (Nginx + PHP)“ by Arijit Dirghangi on Medium: medium.com/@arijitdirghan… #bugbountytips #bughunting #bugbounty #infosec #cybersecurity
Read “Username restrictions bypass on Hackerone program“ by bugbounty_learners on Medium: medium.com/@bugbounty_lea… #bugbountytips #bugbounty #bugbountytip #bughunting #reward #security
Read “Account Take Over | P1 — Critical“ by Irsyad Muhammad Fawwaz on Medium: irsyadsec.medium.com/account-take-o… #bugbounty #bugbountytips #infosec #bugbountytip #infosec #cybersecurity #hacking #bug #reward
Read “P4 bug’s and their POC steps | Part 9“ by socalledhacker on Medium: osintteam.blog/p4-bugs-and-th… #bugbounty #bugbountytips #cybersecurity #infosec
![hunter0x7's profile picture. [Hacker + lover of bash] I Don't know how to hack but i know how to pwnd!](https://pbs.twimg.com/profile_images/1176789748322643968/bEReriMR.jpg)
United States Trends
- 1. #LingOrm1st_ImpactFANCON 273K posts
- 2. #BUNCHITA 1,467 posts
- 3. Frankenstein 81.5K posts
- 4. Tulane 4,450 posts
- 5. Giulia 15.4K posts
- 6. taylor york 8,762 posts
- 7. #KirbyAirRiders 1,874 posts
- 8. #SmackDown 47.7K posts
- 9. Supreme Court 182K posts
- 10. Aaron Gordon 4,931 posts
- 11. #TheLastDriveIn 4,016 posts
- 12. Pluribus 31.1K posts
- 13. Brown Jackson 5,648 posts
- 14. Justice Jackson 6,040 posts
- 15. Connor Bedard 3,188 posts
- 16. Gozyuger 2,165 posts
- 17. Russ 14.2K posts
- 18. Tatis 2,224 posts
- 19. Guillermo del Toro 25.8K posts
- 20. Northwestern 5,127 posts
Something went wrong.
Something went wrong.