Bug: SQLi method: oneliner link github.com/h6nt3r/tools/b… #sqli #hackerone #bugcrowd #ethicalhacking

Your are using my bxss payloads from Italy. Please change the server before testing.

How much chance those URLs are vulnerable, when the URL contain .css .js extensions? a. 0% b. 50% c. 80% d. depends on website

Alhamdulillah, My Teammate just awarded on #yeswehack platform for blind xss. My all blind payloads link github.com/h6nt3r/payload… Tips: Don't rely solely on the gf pattern. #bxss #xss #ethicalhacking

Alhamdulillah. Happy Bug Bounty

Status: New Status: Under Review Status: Need More Info Status: Some conversion Status: Again Under Review Status: Now I'm waiting for next response. Every time I've provided video POC Owah What a lession!! #yeswehack

How many percentage chance for RXSS here as you think? #xss #ethicalhacking

Hello YesWeHack ⠵ team, It's been 11 days but there is no update. Do you have any explanation? Note: I've added my local bank(jamuna) address. #YesWeRHackers

Quick XSS extension Extension link(chrome,brave) chromewebstore.google.com/detail/lyra/ag… Payloads github.com/h6nt3r/payload… #ethicalhacking #xss #rxss #BugBounty

হে আল্লাহ, ফিলিস্তিনের পবিত্র ভূমিতে নিরপরাধ কোন প্রাণের আরেকটি ফোটা রক্ত আমরা দেখতে পারবো না।আমরা আমাদের সহ্য ক্ষমতা কে অতিক্রম করেছি। জালিমরুপী রক্ত*পিপাসু নেতা*নিয়াহুগোষ্ঠী ধ্বং*স হোক।

বাংলাদেশ থেকে যারা YesWeHack ⠵ platform এর টাকা তুলেছেন তারা ব্যাংকে agreement হিসেবে কি দেখিয়েছেন? আমি invoice, billing mandates দেখিয়েছি কিন্তু তারা agreement ছাড়া টাকা দিবেনা বলেছে। কিন্তু YesWeHack ⠵ invoice, mandates ছাড়া আর কোনো ফাইল দেয়নি।

মজলুমদের পক্ষে, মানবতার পক্ষে, ন্যায়ের পক্ষে দলে দলে যোগ দিন।

We stand with the people of Palestine. No more violence, no more suffering. Peace and justice for all. Dhaka, Bangladesh.. 🇧🇩 🇵🇸 #MarchForGaza #FreePalestine

I've found an BXSS. The request url and backed executed url both are different. In the xss report Uri section has the url where payload executed but how do i find that what is the raw request url? If anyone knows the way to find request url please comment. #bxss #blindxss

Hello XSS Report Team, Is it possible to scanned request url will show here? I know that can pass custom parameter here. If scanned request url here that will be a great feature.

I can't run any GUI apps like google-chrome in nethunter cli. can you help me so I can run GUI apps in cli background.

What is your suggestion now for dumping data? Command Used: ghauri -u "example.com/?replytocom=10…" --random-agent --force-ssl --level=3 --dbs --dbms=MySQL --batch Coffin

This is how i collect GET based parameters. urlfinder -d "vulnweb.com" -all | grep -a "[=&]" | grep -aiEv "\.(css|ico|woff|woff2|svg|ttf|eot|png|jpg|js|json|pdf|gif|xml|webp)($|\s|\?|&|#|/|\.)" | anew | tee all_params.txt What is your methodology? #BugBounty

No matter where I am, testing will not stop. #EthicalHacking #BugBounty #Pentesting #bxss