Hacking APIs Book Giveaway sponsored by APIsec.ai! We are giving away 10 print books. One entry per: ♥️ Like 🔁 RT 👑Bonus entry to anyone who follows APIsec. Ends in 48 hours!

Just scored a reward Intigriti on a private program =) A #bugbountytip tip : When you found KEYS and/or TOKENS, always read documentation to see what you can do with them. check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #bugbountytips #bugbountytip

Security: Type Confusion in Portal::ActivateImpl (reward: $20000) crbug.com/1319841

Application Security Interview Preparation questions. Credit - Internet github.com/tadwhitaker/Se… gist.github.com/boodera/f216ac… github.com/justinltodd/se… github.com/jigerjain/Inte… github.com/pbnj/infosec-i… github.com/pbnj/infosec-i… github.com/paulveillard/c…

Developers Bug Bounty Hunters

Finally I have got my 1st critical bug triaged for the 2023 year, I'm pretty sure this is gonna be my year. PS : persistence is the key. Just scored a reward Intigriti, check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #bugbountytip #bugbountytips

When you get a special congratulations for submitting x4 consecutive XSS after finding a way to bypass the firewall. Always , find other parameters and endpoints after u did bypass the firewall, it could be bypassed on different assets. #bugbounty #bugbountytips #bugbountytip

You've just received a new update from your favorite private bug bounty program! It's a new login process! 😎 But do you still remember this login form? The one you found so many vulnerabilities on? 🤑 SSO just got added, and you know what that means... A thread! 👇

Just scored a reward Intigriti , this is my first payout for the year 2024. Kinda late but still did it. See you on the next bug. Feel free to check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #BugBounty

Just scored a reward Intigriti I have found a JSONP vulnerability that leaked JWT token and I have used it to steal victim’s PII information. Tip: always look for headers in application to identify where the JWT is being used. #HackWithIntigriti #BugBounty #bugbountytip #jsonp

Just scored a reward Intigriti, I have found my first SQL injection in bug bounty program 😅 PS : payload was simple sleep command %27sleep(5)— -%27 check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #bugbountytip #bugbountytips

Just scored a reward Intigriti it was an LFI which leads to access to internal endpoints and sensitive data. tip: always use different encoding for LFI vulnerability and you would be amazed by the result. check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #BugBounty

Just scored a reward Intigriti, It was an IDOR that allowed an attacker to forge victim's payment process and leak informations. check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #bugbountytips #bugbounty #bugbountytip

Just scored a reward Intigriti, Another blind sql 🤓 check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti

Just scored a reward Intigriti, I was able to takeover any organization with 0 interaction 🔥🔥 Tip: always use graphql introspection endpoint and test for all queries and mutations ! check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #bugbountytips #bugbounty

Just scored a reward Intigriti, I am happy to share that i have crossed the 1,000 reputations points on Intigriti ! 🥰 My goal this year is to reach at least 2,000 points or way more 9 months to go ! 🤓 check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #bugbountytip

Im happy to share that I have found my first RCE in bug bounty program and got paid for it. It was image file upload and managed to bypass filters and got reverse shell. Thanks Intigriti check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti #rce #BugBounty #bugbountytips

Just scored a reward Intigriti, It was a finding related to Magento XXE CVE-2024-34102 . check my profile: app.intigriti.com/profile/7azimo #HackWithIntigriti

Final giveaway of the year🎁: 4️⃣Hand-On Web Exploitation (Course Only hhub.io/2024holidays) 3️⃣Shodan Codes 2️⃣Caido licenses 1️⃣Hands-On Web Exploitation (Certificate+Course Bundle) To enter drop a 🫶🏼and RT