Test

Top 10 Browser Extensions for Bug Bounty Hunters and Security Researchers 🧵👇

2024 Edition.

1️⃣ Wappalyzer: A technology profiler that identifies the technologies used on websites, from CMS to JavaScript libraries.

Available in: Google Chrome | Mozilla Firefox

🔗Link:

Hey Mates !!!!
Remember that write-up I mentioned earlier? Well, guess what? I made a rookie mistake and deleted it. But fear not, because I'm a person of my word, and I'm here to make it right!

hacklido.com/blog/513-hacki……

I earned $3,000 for my submission on @bugcrowd #ItTakesACrowd #bugbounty tip s #bugbounty tip #bugbounty
Bugcrowd's new 'Response Request' feature is awesome!! Duplicate To Unresolved.
Please open the thread to read about the bug.

Subfinder 101 : Find 10x more Sub Domains

🧵👇

Today I have a suggestion for a great GitHub repository with a compiled list of Bug Bounty Platforms❗️🤩 You should definitely add it to your bookmarks.🤞🏻🌸

Happy hunting❗️👻

Credit: github.com/disclose/bug-b…

#bugbountytips #BugBounty #platform #cybersecurity #pentesting

🔸 Don't miss out on the Trezor One Wallet Giveaway! 🔸

🎁 Visit the link below, follow the steps and stand a chance to win your very own #TrezorOne wallet!

📅 Date: June 7th - June 10th

👉 Complete the task here: gleam.io/competitions/B…

#BrickstreetShop #CryptoTamizha #BTC

I re-watched Godfather Orwa 🇯🇴 's talk at InfoSec Community 's IWCON 2.0 and must say it's super informative.

The talk is ~45 minutes long but I have condensed the talk for you to read in 2 minutes.

🤯 OpenAI + Burp Suite = welcome to 'ReconAIzer'

A powerful extension for Burp Suite that leverages OpenAI to help bug bounty hunters optimize their recon process.

🔗Link: github.com/hisxo/ReconAIz…

(It's not a serious project, it's just for fun 😂)

Here is how I managed to find multiple Payment Bypass vulnerabilities on the same target.
📌THREAD📌

Thanks to Soroush Dalili for his awesome research about 'Common Security Issues in FinanciallyOriented Web Applications'
Which can be found here : soroush.secproject.com/downloadable/c…

#bugbountytip

I’ve built a *very* shiny button 🫳🪩

My article is working check it out if you are testing a target using Adobe Experience Manager : medium.com/@fattselimi/in…

#bugbounty #bugbounty tips #ethicalhacking #cybersecurity

🖤 Introducing all-new effects in Framer. Hover, Press, Drag, and Loop. Add stunning interactions and animations to your sites in seconds. Watch the video here: framer.com/updates/all-ne…

One of the best write-ups I've read so far is the dirty dancing (attack) technique explained by Frans Rosén.
I am certain that many programs out there are vulnerable to this attack.
That results in single-click account takeovers.
labs.detectify.com/2022/07/06/acc…

Universal regular expression to search for all leaked keys/secrets at once

gist.github.com/h4x0r-dz/be69c…

Contributor H4x0r.DZ🇩🇿
Thanks for tip Ninad Mishra

'Bypassing MFA with the Pass-the-Cookie Attack'

#infosec #pentest #redteam
blog.netwrix.com/2022/11/29/byp…

CloudFront bypass:⚔️

'>%0D%0A%0D%0A<x '='foo'><x foo='><img src=x onerror=javascript:alert(`cloudfrontbypass`)//'>

Would be interested to know if this is target specific or other CloudFront websites are vulnerable

#infosec #xss #cybersec #bugbountytips

Earned More than $10000 in bounties, successfully hacked 11 company. want to learn more about 'Dependency Confusion' attack? Then follow this 👇

github.com/x1337loser/Dep…

#infosec
#BugBounty
#bugbountytip s
#bugbountytip

It fits perfect on the most animated section ever 🤯

HQ: share.cleanshot.com/Yk2NJV4l

I just published The easiest way to get subdomain takeover link.medium.com/JnCDZ3MtXwb
#bugbountytips #BugBounty #infosec #trickest