Protip: `GET /path.html?_method=TRACE` 😈

I'll be attending Security BSides Ahmedabad on October 12-13 in Ahmedabad, eager to meet cool hackers and make new friends. If you're attending too, drop a 👋 and don't hesitate to come over and say hi if you see me.

Don't say "I've been using KNOXSS for x months and didn't find a single XSS" Instead ask yourself "How many URLs I have been testing?" And "What's the QUALITY of them? "They are from less tested targets? Or from high tested ones?" It will certainly improve your results.

Invisible JS - Made by Martin Kleppe Martin Kleppe Thanks boss ! github.com/0xJin/invisible

Here are some speakers/workshop Slides of Security BSides Ahmedabad (0x05)🔥

Om⚡ Karan Chaudhary ✨

🚨 Calling all bug hunters! 🐞💻 Tired of overcrowded platforms? Choose fresh targets for bounties, swags, and Hall of Fame! 🎯🏆 Join the hunt now: bugbountyprograms.defensiveinet.com #bugbounty #infosec #hacking

🚨 Reflected XSS Alert! 🚨 Discovered a filter bypass using CSS & JavaScript tags to trigger an alert on document.domain! Payload breakdown: --%3E%3C/style%3E%3C/scRipt%3E%3CscRipt%3Ealert(document.domain)%3C/scRipt%3E #bugbountytips #bugbountytip #InfoSec #XSS

🔒Bug Bounty Tips - Here's how I earned a $6000 Bounty by escalating a simple Elmah File Disclosure Issue 🔒 💡 If you haven't already, add /elmah and /elmah.axd to your wordlist! These paths often lead to Elmah file disclosures, a finding many researchers report as Low/Medium

Arey baap re, ye toh dhoti khol raha hai ft. JS0N Haddix youtube.com/watch?v=6SNy0u…

Was chatting with a non-Indian founder about hiring in India. Here's how I feel about college pedigree for those who are interested:

Warp terminal 🔥 > every terminal 🤡 I recently started using it and it is crazy

𝐑𝐂𝐄 𝐕𝐔𝐋𝐍𝐄𝐑𝐀𝐁𝐈𝐋𝐈𝐓𝐘 𝐂𝐇𝐄𝐂𝐊𝐋𝐈𝐒𝐓 #bugbounty #bugbountytips #bugbountytip #cybersecurity

This also is intended behaviour 🐒🤡

Even if you are not part of the Indian Defence forces....you can still contribute & fight against the 0.5 front operating against India from within India. 🙏

Test your hacking skills on production 🔱

🔥 𝐀𝐈 𝐑𝐞𝐝 𝐓𝐞𝐚𝐦𝐢𝐧𝐠 𝐏𝐥𝐚𝐲𝐠𝐫𝐨𝐮𝐧𝐝 𝐋𝐚𝐛𝐬 from Microsoft 12 free labs to up-level your hacking skills from the “AI Red Teaming in Practice” Black Hat training, covering: - Credential exfiltration - Extracting a secret from the metaprompt - Indirect prompt