I'm glad to share that I have successfully passed the OSCP exam. Thank you OffSec ! 🙌

New hackerone platform standards coming 2nd april: 1. IDORs with unpredicable IDs 2. Systemic Issues 3. Leaked credentials 4. Bypassing resolved reports Full info: docs.hackerone.com/en/articles/83…

Regardless of ups and downs, finally managed to join 1500 reputation club on HackerOne Although not super proud of this tortoise's pace there's many more to come! 🥳🥳 #togetherwehitharder

Rest in peace brother 😭 You will be missed 🤧❤️

Link: github.com/sumanashrestha…

Anyone using language translator extension on burpsuite? It's awful to copy and paste the response to google translator each time from the repeater. If anyone have better suggestion, please suggest.

Honeypot? todayisnew 👀😆

For friends in Nepal and India. 💥 Call for Paper/Presentation/Tools at OWASP Kathmandu. #owasp #infosec #cybersecurity #nepal

Excited to share I am now part of HackerOne Clear!! 🥳

Here’s my writeup on: Abusing mail server autoresponders to access your internal workplace link.medium.com/O0D1BuLugKb

.Katie Paxton-Fear's quick tips for beginners: 1. Understand first then hack 2. Don't get intimidated by a scope, break it down into functions 3. Don't assume everything has been found 4. Look for lesser known features 5. Read the scope page 6. Get into those hamburger menus

We are inviting virtual speakers for our event, including those who cannot physically attend the PenTester Nepal🇳🇵 11th anniversary, one of the most active infosec community events, or are far away but wish to share their knowledge with our community of over 6,000 members.

Bug bounty hunters: What’s your advice for someone who’s trying to make their first $100,000 in 2025? What should they do/learn? What should they avoid?

Found interesting behavior on one of the WAF implementation bypassing the rate limit: 10th failed /api/login hits 403, but /api/login#test bypasses it maybe WAF treats 2nd one as different endpoint. #BugBountyTip

It was my pleasure sharing insights on Open source security at Kathmandu university(KU). It was fun, Thankyou for having me We Shield Cyber.

It was 2015 when I reported my first vulnerability on the HackerOne platform. The experience was humbling—I had reported an 'Information disclosure via robots.txt' issue, which was promptly closed as N/A. I felt embarrassed and even questioned my abilities.

Blog on TryHackMe PT1 Certification: Check it out if you’re planning to take the exam! medium.com/@srijanadk/try…

Honored to be recognized as the ‘Sharp Eye’ of the Month by Hackenproof! 👀🔥 #BugBounty #HackenProof #CyberSecurity #EthicalHacking #InfoSec #Web3Security #ResponsibleDisclosure

New BSides Canberra 2025 talk by Animesh Acharya is now live: “Navigating Bug Bounties: From NAs to P1s.” Watch here: youtu.be/9etzR_sobh0