#NewProfilePic

Here are 3 ways to quickly find new (untouched) subdomains using Shodan/Censys 🤑 👇

Alhumdulilla After One month waiting

Alhumdulilla. Another One Yogosha

BEAST GAME EPISODE 3 IS OUT NOW! To celebrate, I'm giving away $100,000 total to 10 random people who like and retweet this post! Go watch it here: amazon.com/beastgames

In the past few months, I've been making a subdomains database containing 1.6 billion subdomains scrapped from multiple public (and private) sources. This database is now public and FREE and can be queried on the following website. dash.pugrecon.celes.in Enjoy!

Hello everyone ♥ a little bit write-up of #bugbountytip #bugbountytips I am going to write here ..... Title: getting unauthorized access on 3rd party's/workspaces & and building your checklist for quickly locating bugs there via massive recon we know that its helpful to look

Cert Exam Voucher Giveaway provided by Ablative Technologies Prizes: 1 Security+ exam voucher 1 CCNA exam voucher How to enter: - RT - comment which voucher you want Winner will be picked next week. Good luck!

Exciting News: My Second Write-Up is Now Available! medium.com/@HX007/a-journ… Dive into the details of the bounty that ranks as the 3rd highest I’ve received on bugcrowd "A Journey of Limited Path Traversal To RCE With $40,000 Bounty!" Collaborated with Godfather Orwa 🇯🇴 , This

Google Drive :) huh site:drive.google.com inurl:folder site:drive.google.com inurl:open site:docs.google.com inurl:d site:drive.google.com "confidential" site:docs.google.com inurl:d filetype:docx hackerone.com/reports/2926447

I just published "Exposing PII and SSNs through Persistent Session Tokens - $15,000 Bug Bounty" a new write-up in which I describe: - My throught process - My approach when hacking in program campaigns - Technical details of the vulnerability shorturl.at/9X9H8

💡 Quick tip! When testing WordPress targets, always make sure to check for exposed backup files! These are sometimes saved in the web root path of the server and accessible to anyone! 🤠 Here's a list of common file names to look for! 👇

I have successfully passed the Certified AppSec Practitioner (CAP) By The SecOps Group. This certification has deepened my understanding of application security, secure coding practices, and vulnerability mitigation, #CyberSecurity #CertifiedAppSecPractitioner #ThesecopsGroup

🏆 KNOXSS August 2025 Giveaway 🏆 ➡️ Follow, like and share! 😍 ➡️ 1 Month Pro access for 3 winners on Friday 8th Good luck! 🤞 knoxss.pro - #XSS made easy. Sign up or upgrade now. #WebAppSec #BugBounty #PenTesting

🔥 Giveaway Time 🔥 I’m giving away a seat in the Endless Bundle (all courses, all labs, certs, community, future updates). How to enter: - RT/Share this post - Tag a hacker friend - That’s it Winner picked tomorrow. 🐀 I will retweet their comment this time so it's more clear

Alhumdulilla..! From Bugs To Bucks Just got a reward for a critical vulnerability submitted on YesWeHack ⠵ -- Cross-site Scripting (XSS) - Stored (CWE-79). #YesWeRHackers

🔥 ZoomEye Black Friday – LIFETIME Deals 🔥 ⏰ Nov 27, 10:00 HKT – Limited Stock 💥 Lifetime Plans - One payment, access forever! 1. Membership — $149 Access to all standard features. Perfect for Pentesters & Researchers. 2. Membership Pro — $999 Includes everything in

ibrahim Aboukhalil You can do it in 1–2 months, not 1 year. Trust me, it’s simple: 1) Focus on Recon The problem with many hunters is they use the same recon method, so they find the same domains/subdomains that everyone already found and tested. To stand out, try to reach domains/assets that