Hazem El-Sayed 🇵🇸
@zomasec
Bug Hunter | Offensive Security Engineer @DeepStrike_io
คุณอาจชื่นชอบ
Here is a write-up for how I got a Full Account takeover with a new hidden AWS Cognito Misconfiguration. Here is the link: shorturl.at/b5VbS #BugBounty #bugbountytips #bugbountytips
Sometimes when I work with teammates across multiple programs, Android app bug hunting becomes tedious and wastes time that could be spent finding web bugs. I built **apkX** to automate the repetitive startup steps, give a quick preview of an app’s internals, and let you test…
🎙️ Hunter Cust #3 – Hazem El-Sayed (zomasec) رحلته في السيكيورتي، ونصايح مهمة لأول شغل في مجال الـ Pentesting 👨💻 كلام واقعي، مصادر قوية، وتسويق لنفسك في السوق المصري 🇪🇬 📺 شاهد الحلقة: 🔗 youtu.be/Zyrez7QfxBQ 📌 شكراً @zomasec على الحوار الرايق والمفيد ❤️ #BugBounty
youtube.com
YouTube
Hunter Cust #3 – Hazem El-Sayed: Tips to Get Your First Job in...
I hope some one find this usefull 😁
Want to master client-side bugs? 😎 Check out this extensive GitHub repository with tens of different resources curated by @zomasec! 🔗 github.com/zomasec/client…
Use NextJS? Recon Tip by renniepak A quick way to find "all" paths for Next.js websites: DevTools->Console console.log(__BUILD_MANIFEST.sortedPages) javascript:console.log(__BUILD_MANIFEST.sortedPages.join('\n')); #infosec #cybersec #bugbountytips
With @Amr_MustafaAA we got this awesome bug 3> GET /api/nonsensitive/123%23non.svg The endpoint initially didn’t return sensitive data, but after being cached, it started exposing user PII. found on @yeswehack #BugBounty #bugbountytip #bugbountytips #Pentesting #websecurity
نفاق واضح
الدول "العلمانية" الأوروبية عادي تحط الصليب على علم دولها أما في بلد نسبة المسلمين فيه 90 بالمئة وكان الدين سبب في تحريرهم ويضعوا كلمة التوحيد بجنب علمهم، فهذا طائفية والعياذ بالله غرد كأنك علمنجي
see our changes here
Tools Updates: - ffuf: -unique filters unique responses by size.- - Subfalcon: Single-domain input, -sdt for Azure takeover. - Paramx: -at for all tags, -ap for all params(no need for gf any more). Tools Here: github.com/cyinnove Happy Automation! #CyberSecurity #Automation
If you're scratching your head after the @matanber episodes, here's a demo to show you how to: - Enable developer mode - Download extension's crx file Debugging: - Enable "Search in anonymous and content scripts" - Disable Ignore List "Content scripts injected by extensions"
To succeed in bug bounty, be a specialist feat. @snyff #bugbounty #bugbountytips #bugbountyhunter
I recently reported an RCE to Happy-DOM (a Node.js HTML parser), and it’s now fixed! The bug itself wasn't complex, but since finding an RCE in an HTML parser isn’t very common, I'm quite happy with this one :D github.com/capricorn86/ha…
Here is my writeup for how i could find 22 LFI In the same program using automation tricks 🤯 medium.com/@zomasec/how-i… #bugbounty #bugbountytip #bugbountytips #websecurity #hackerone
CSRF in JSON requests is often overlooked, but it's a hidden threat! In my latest post, I break down how to spot JSON-based CSRF before generating a PoC. 🔍 Check out how I caught it in a pentest at @CyberAR_LLC: #bugbountytips #csrf linkedin.com/posts/h0tak88r…
عندما شاهدت هذا الفيديو من انتصارات اليوم في السودان ورأيت هذه الوجوه الطيبة وفيها الدين والخلق لأبطال القوات المسلحة السودانية، تذكرت بداية حرب #السودان حين قالت #الامارات نحن ندعم ونقف مع مليشيات الدعم السريع للقضاء على الإسلاميين؟! حقيقة الإمارات تريد وجوه العربدة والفساد
Hello everyone , i coded a new golang package for bughunters who want to use webarchive in their tools , i am the first one that do this package in golang community with full documentation github.com/zomasec/webarc… #BugBounty #bugbountytip #bugbountytips #golang #tools
github.com
GitHub - zomasec/webarchive: Webarchive is a Go package for pentesters and developers to interact...
Webarchive is a Go package for pentesters and developers to interacting with the Wayback Machine's CDX API and integrate web archive utilities into your Golang projects. - zomasec/webarchive
United States เทรนด์
- 1. Good Saturday 23.8K posts
- 2. Delap 8,124 posts
- 3. Gittens 5,360 posts
- 4. Burnley 29K posts
- 5. #askdave N/A
- 6. Neto 16.3K posts
- 7. #SaturdayVibes 3,479 posts
- 8. Tosin 7,539 posts
- 9. #BURCHE 11.7K posts
- 10. Chalobah 3,555 posts
- 11. Caturday 4,252 posts
- 12. #SaturdayMotivation 2,825 posts
- 13. #LingOrm3rdMeetMacauD1 558K posts
- 14. LINGORM MACAU MEET D1 552K posts
- 15. Maresca 16.4K posts
- 16. Somali 82.2K posts
- 17. The View 98.3K posts
- 18. IT'S GAMEDAY 1,639 posts
- 19. John F. Kennedy 2,518 posts
- 20. Marjorie Taylor Greene 86.5K posts
คุณอาจชื่นชอบ
-
Abdelhy khaled🦅
@cysky0x1 -
Mohamed Mater🇵🇸
@micro0x00 -
Omar Nasser 🇪🇬🇵🇸
@Sisi0_x -
Khaled Samy
@khaleedsamy12 -
Mohamed reda ameen
@AlQa3Qa3M0x0101 -
Mostafa🥶
@MElguerdawi -
Yousef
@iYousefAlotaibi -
M0hamed_Gamal0
@M0hamedGamal0 -
عرفات
@ImXhandle -
Maverick🇵🇸
@mavric1337 -
Osama Ayman
@OsamaAyman__ -
Salman Saif-ElDin 🇵🇸
@Salman_0x00 -
Pepo Root
@mahmmoudel5ateb
Something went wrong.
Something went wrong.