Regarding github --> 90.9% of pushes with live credentials are to personal repositories. 9.1% are to organization repositories. --> 7.8% of pushes with live credentials are to forks rather than the original repository. Applicable even to 2025? Arshad Kazmi

3/ Common GraphQL attacks: 🔍 Introspection = Schema mapping 🚫 Broken Access Control = Data leaks 🌀 Deep queries = DoS 🧨 Injections = SQL/NoSQL risks 📤 Overfetching = Unintended exposure

Do you remember when you joined X? I do! #MyXAnniversary

hackthebox

I just completed the Bug Bounty Hunter path in HTB Academy! academy.hackthebox.com/achievement/13… #hackthebox #htbacademy #cybersecurity

I just crushed the "Dojo #41 - Ruby treasure" challenge on @YesWeHack! Thank you Ali@s Ready to learn and pwn? 🌟 dojo-yeswehack.com/challenge/play… #YesWeHack #ChallengeAccepted

Spending too long fumbling through Burp Suite? Most beginners don’t realize how many shortcuts Burp supports. This post compiles 20 top tips from the Burp community to save time, boost precision, and uncover more bugs: portswigger.net/blog/20-burp-s…

I just pwned the "Dojo #42 - Hex Color Palette" challenge on @YesWeHack! These challenges are really awesome, new vulnerability every time. Great work YesWeHack ⠵ team. dojo-yeswehack.com/challenge/play… #YesWeHack #ChallengeAccepted

Jai Sri ram This is a turning point in my bugbounty journey. Really thankful to Garr for giving me this opportunity. This made my fundamentals more stronger. Thanq Hack The Box for Hands-on labs,in-depth knowledge and a great certification. #cbbh #bugbounty #htb #infosec

Not a great/good bug hunter to share quaterly analysis. But having a full time job + being a swayamsevak(RSS🚩), I feel I am doing good. Always thankful to the bugbounty community. But I will Do or die with bugbounty only. #bugbounty #CyberSecurity #infosec

Meme of the day! 😈

I just added the 15-minute talk I gave at Tumpicon to the "Freebies" section This talk covers the extensions Piper and Scalpel, and allows users to easily manipulate encrypted data by shuffling blocks around hackademy.agarri.fr/freebies

cybersecurity is unlike any market. neither the buyer nor the seller has enough info to make a rational decision, whether it’s a pentest, red team, or some shiny “AI-powered” security product. so salesmanship wins over substance. lately my LinkedIn is full of “AI security”

I just published Dumping the content of a table, without Sql injection medium.com/p/dumping-the-…

LINUX DISTROS based off on Use

Roadmap JavaScript #js #javascript

JavaScript Regex Cheat Sheet