I found a sensitive data exposure TIP: Always check JS files for endpoints using linkfinder or you also try this regex: (?<=(\"|\'|\`))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"|\'|\`)) if you didn't find much, don't forget to fuzz #BugBounty #bugbountytips

I found a Full Account Takeover via Facebook OAuth Misconfiguration More details: medium.com/@0x_xnum/full-… #BugBounty #bugbountytip #bugbountytips #bugcrowd

all you need to know about JWT vulnerabilities: medium.com/@0x_xnum/all-a… #Hacking #JWT #BugBounty #bugbountytips

well....

Just added a new section to my GitBook: "Attack Vectors by Port" – a quick methodology on what you can do with each open port and its services. Check it out : ahmed-tarek.gitbook.io/sec-notes/net-… #bugbountytips #BugBounty #CyberSecurity

I earned $1,250 for my submissions on bugcrowd #bugbounty #ItTakesACrowd #bugbountytip

Just dropped a new write-up about the latest privilege escalation I found check it out : medium.com/@0x_xnum/privi… #bugbountytips #bugbounty #bugcrowd #hackerone

hunting solo gets kinda boring. So if anyone's up for a collab to share tips or whatever just hit me up #BugBounty #bugbountytips #bugcrowd

Been studying Active Directory attacks lately and wrote some notes. Hope it helps someone out there ahmed-tarek.gitbook.io/0x_xnum/ad-pen #BugBounty #BugBountytip #bugcrowd #hackerone #pentesting

Got back after a break TIP : If UI says no, Intercept the request, backend might say yes. #BugBounty #bugbountytip #bugcrowd

I earned $450 for my submission on @bugcrowd #ItTakesACrowd #BugBounty

I earned $500 for my submission on @bugcrowd #ItTakesACrowd

Long time no see #bugbounty #bugcrowd

I earned $600 for my submission on @bugcrowd #ItTakesACrowd #BugBounty

Got invited to a private program on bugcrowd, less than 48 hours in, 6 bugs reported and accepted. Not bad at all. #BugBounty #Bugcrowd

I earned $700 for my submission on @bugcrowd #ItTakesACrowd TIP: Don't assume UUIDs are secure, check if it's using UUIDv1 you can easily brute force it

Took them nearly 2 months and 58 comment to understand a simple user-to-admin bug lol #bugbounty #bugcrowd

Just crossed 500 points on Bugcrowd and made it into the Top 1000 :) #Bugcrowd #bugbounty

I responsibly hacked and secured NASA and received this appreciation letter! #BugBounty #bugcrowd