🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

I spent 3 days on trying to exploit an SSRF. And still FAILED. The Payloads were getting blocked. Started digging a bit and realised there's a TON of bypasses and workarounds out there than I thought: - Simple Headers can sometimes do wonders: X-Forwarded-For, etc. - URL

Great stuff!

Just scored a reward Intigriti, check my profile: app.intigriti.com/profile/saurinn Bug: Out-of-Band XXE injection via importing a file leading to system file read. #HackWithIntigriti

The moment when you realize Bug Bounty in tutorials and courses is not same as real hunting on a target.

First gray hair on my "beard". I'm done chat😩

Swag's here! As part of an active campaign from 12build program run by Intigriti, I managed to find a few cool bugs. Great program, good quality💯 t-shirts #bugbountytips

Because I haven't had enough time to bug hunting this month I'll invest my time learning PentesterLab. The AuthN/authz and API labs look particularly interesting to me

SSRF *almost* working? Getting the blind callbacks, maybe even control the path, but the target app just doesn't parse or reflect the *content* from your exfil server? The assumption usually is: "It's a WAF, blocking SSRF. I'll tear it apart." Rather, the Reality is: Nope, not

😈

i OnLy UsE yOu To DoWnLoAd ChRoMe

Have you had multiple bugs on the backlog but can submit them because the program has been suspended for a few days? Anxiety 🚀

These SAML pentesterlab exercises are killing me 😭but I'm learning a lot though

Now we're moving! I'm learning a ton PentesterLab. I subscribed for the Pro just to get my hands on SAML attacks and so far it's been really insightful

In case you missed it: All of the #NahamCon2025 talks have been uploaded to our website and can be access for free!

Program's closing 😀😃😄😁😆😅🔫 I'm left with two crits on draft... I guess this is one of those "First time?" meme moments