First post of the year. Here I walk you through my android pentesting process. I reported this finding last month, app with 10M+ downloads. Hope you enjoy reading and learn a thing or two. More to come soon :D aseemshrey.in/lets-learn-eng… #bugbounty #hackingsimplified #cybersecurity

Please help our friends in India. A small bit of cash will go a long way ⛑ See trusted places to donate to below 👇 Thank you Ian Dunt Midfoils Tech Ritik Sahni for the recommendations.

4.1/ Don't know how to #opensource #bugbounty? Visit the huntr Dojo (⚠️work in progress!): huntr.dev/dojo/ Tune into our LIVE podcast on Discord, Mondays 5pm GMT: discord.gg/uayjhKY4EK Follow Arjun Shibu Michele Romano Abhiram V Ritik Sahni ivx 👾💀 for upcoming videos!

Anyone using ExifTool make sure to update to 12.24+ as CVE-2021-22204 can be triggered with a perfectly valid image (jpg, tiff, mp4 and many more) leading to arbitrary code execution!

🥇 the huntr Leaderboard 🥇 is back! huntr.dev/leaderboard/ Secret rewards for the Top 5 will be revealed next month!😏 ⭐️ Earning XP⭐️ Disclose: huntr.dev/bounties/discl… Fix: huntr.dev/bounties ⬆️Popularity = ⬆️XP = ⬆️Cash #bugbounty

How to Hunt for Prototype Pollution #Vulnerabilities in #OpenSource by Arjun Shibu, maker of 500+ contributions to #opensource including 40+ disclosures and 90+ security fixes. 📼->youtu.be/Z6CtDSx8C5k 2/5 videos. Follow for more 🎥 #OSBB #bugbountytips #bugbounty #infosec

Here's something that is indented by design. #exiftool

1st writeup..How I turned a Blind SSRF to $15k RCE. My public disclosure request has not been approved so I cannot directly name the program involved, but this was found on one of Hackerone's largest bug bounty programs! #bugbounty #bugbountytips sirleeroyjenkins.medium.com/just-gopher-it…

📢#infosec AMA #50 Our next guest is :- The most special people :- ♥️#infosec community♥️ Anyone can ask question and anyone can answer . Finally all the questions will be answered by the awesome hackers of BugBountyHunter.com 🪲 and uploaded as a blog post .

Getting a job in cyber security after finishing my MSc in biology, getting into SRT; This community helped me a lot, especially giveaways done by siLLyDaddy johnjhacking Michael Skelton As I got my 1st salary; I'll giveaway 3 @RealTryHackMe vouchers(1M)🤩 cmnt y u need ? follow RT

Apple account takeover vulnerability - thezerohack.com/apple-vulnerab…

want another router 0day?

I just hit 30k followers 😊 To celebrate giving away 30 PentesterLab subscriptions. To enter, quote tweet this with a message of gratitude to someone that has helped you become a better hacker/human. Thanks to PentesterLab/Louis Nyffenegger who provided 50% of the subs. ❤️🧡💛💜💚

10 Vulnerable Android Applications for beginners to learn Android hacking. 🧵👇

If you had to start over in bug bounties, which vulnerabilities will you be going to learn first? for me it's access control issues, what's your?

I Published another article discussing my favorite topic #Binary_Exploitation If you have a voracious appetite for reading then please go through this. 😊 #medium #hacking #pwn #ctf #reverse_engineering #Pentesting #bugbountytips 7h3h4ckv157.medium.com/into-the-art-o…

The team behind the TensorFlow machine learning library has revoked support for YAML due to an arbitrary code execution vulnerability portswigger.net/daily-swig/des…

Overview of GLIBC heap exploitation techniques 0x434b.dev/overview-of-gl…