Awesome Burp suite tips and tricks agarri.fr/docs/HiP2k13-B…

Yay, I was awarded a $1,200 bounty on HackerOne for tricky privilege escalation ! “ If API endpoint /api/path/ep throwing 401 try to go with /api/path/ep.json “ and it will fetch out json data without checking access control ! #bugbountytip

The last part of our Attacking SSL VPN series is out - The Golden Pulse Secure SSL VPN RCE Chain, with Twitter as Case Study! blog.orange.tw/2019/09/attack… "If you have a nuclear level weapon, when is it ready for public disclosure?"

Hackers, today we’re announcing our Series D funding! This round brings us to over $110,000,000 USD invested since the company was founded. I wanted to take a moment to reflect on how you, the hacker community, have enabled us on our journey. Small story👇!

Yay, I was awarded a $2,000 bounty on HackerOne! For accessing company dashboard via creating account with Email “[email protected]” on main web app and login to dashboard with SSO. #bugbountytip

To everyone struggling on starting #bugbounty.. Remember that a child too has to learn walking, and then he can start running. You won't get 10 bounties the first month, but it's worth joining.

Testing a Ruby on Rails app? Add .json to the URL and see what happens! 😏 Thanks for the #BugBountyTip, yaworsk! 🙌

Can't get CSRF with POST? Then GET it! Use 'change request method' in Burp Suite to check if the server also accepts GET requests. Thanks for the #BugBountyTip, ! #HackWithIntigriti

Yay, I was awarded a $10,000 bounty on HackerOne For "Hijacking Enitre DNS management Panel For target.com " With this I reached 200K across all my earnings on all the bb platforms and private client companies hackerone.com/jensec #TogetherWeHitHarder

One bug does not mean one bounty! Maximise your 💰 using securitytrails.com, thanks to this excellent tip from Geekboy! 🇮🇳 #HackWithIntigriti

⭐️The second week of Double 11 festival bug bounty ⭐️Pure gold medal for Top 3 hackers. ⭐️Air tickets and hotel for top1 hacker to China agamimaulana saltedfish Neel Ponkia Batee5a Aagam Shah Yeasir Arafat(nullsaint) @real_us3r d Zeeshan Khalid ⭐️security.alibaba.com/online/detail?…

BSides Ahmedabad schedule is now available: bsidesahmedabad.in/schedule-tab.h… #bsidesahmedabad #bsidesahmedabad2019

Sharing one of my secrets #BugBountyTip When discovering subdomains/domains/assets owned by a company, use the Google Analytics ID to expand your attack surface. The ID is in the HTML code. Reverse search then: site-overview.com/website-report… RT once this helps!#bugbountytips #infosec

Way to go guys Shubham Patel Jenish Sojitra 😍

Thank you so much Alibaba Security Response Center for such amazing swag !! Jenish Sojitra Shubham Patel

Hey Alibaba Security Response Center Just received this awesome gift thank you so Much for this ❤

Yay, I was awarded a $1,150 bounty on HackerOne! hackerone.com/neelponkia #TogetherWeHitHarder

"why Asian companies lack of bug bounty programs?" The Quint talked with our team member Shubham Patel. This article also includes Issues With #AROGYASETU Bug bounty Program. thequint.com/tech-and-auto/… #BugBounty #TechNews #Techfenix

#bugbountytips #bugbounty How I was able to find multiple critical vulnerabilities to get Full Account Takeover with the help of PlayStore and AppStore region settings.