#bugbounty #bugbountytips

How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM (slides inside) blog.orange.tw/2020/09/how-i-… #HITCON

Valve disclosed a bug submitted by drbrix: hackerone.com/reports/1295844 - Bounty: $7,500 #hackerone #bugbounty

#SecurityExplained S-1: Web Testing Methodology The below thread contains an overview of my pentesting methodology on the web application targets: 1. Initially, before starting with the engagement, I start with "Scoping" ......... (1/n)

A bugbounty threads about OTP related hunting I test these whenever I encounter with OTP related functionalities like email or phone confirmation, password reset, login with OTPs etc. #bugbounty #bugbountytips #bugbountytip #hacking #cybersecurity #infosec #bughunting 1/n

Here are the slides from the "Attacking JavaScript Engines in 2022" talk by itszn and myself offensivecon. It's a high-level talk about JS, JIT, various bug classes, and typical exploitation flows but with lots of references for further digging! saelo.github.io/presentations/…

1/10 - I've been doing offensive security source code review for a long time now, and along the way I've learnt a lot of lessons that can make you more effective. Some of them include:

It only took one month to dig up the bugcrowd monthly number one, and the top 50 of the p1 total ranking list Thank bugcrowd you can see it: bugcrowd.com/leaderboard

I decided to make a homage-post to Egor Homakov and Nir Goldshlager about different OAuth-token leakage methods I've been researching – ten years after their blog posts that inspired me to start hunt for bugs ♥️ thank you. labs.detectify.com/2022/07/06/acc…

very good! i like

Facebook's servers give a mystery error if you send any HTTP header that contains " and ends in \. But not if you omit the " or the \ isn't at the end 🤔 This cryptic and likely pointless finding was brought to you by Backslash Powered Scanner portswigger.net/research/backs…

I found a vulnerability that allowed me to unlock any Google Pixel phone without knowing the passcode. This may be my most impactful bug so far. Google fixed the issue in the November 5, 2022 security patch. Update your devices! bugs.xdavidhu.me/google/2022/11…

#HackerCup2022 and #BCTeamHunt We seem good too

Thank you bugcrowd #bugcrowd #bugbounty

16 Excellent websites I discovered in 2022 ( that are extremely useful ) :

December Top 10 🔥 #ItTakesACrowd #OuthackThemAll

ATO of FB/OC accounts after stealing access_tokens ($44,250) ysamm.com/?p=777 DOM-XSS in Instant Games due to improper verifications ($62,500?) ysamm.com/?p=779 ATO in Canvas Games due to weak cross window message Origin validations ($62,500) ysamm.com/?p=783

𝐌𝐚𝐥𝐰𝐚𝐫𝐞 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐓𝐨𝐨𝐥𝐬 𝟐𝟎𝟐𝟑 1- IP & URL Reputation: ✅1. Virus Total : lnkd.in/eweERpju ✅2. URL Scan : urlscan.io ✅3. AbuseIPDB: abuseipdb.com ✅4. Cisco Talos: lnkd.in/g7uWdC5q ✅5. IBM X-Force:

open url redirect bypass: /login?url=https://*.whitlistdomain bypass: /login?url={anything}&url={anything} Then it will jump to the third-party domain name to bypass restrictions. #bugbountytips ,#bugbountytip

It's been 1000+ hours into bug bounties since the day I started. Hunting: 1002 hrs Cyberstudy: 363 hrs Days worked: 271 days Here's the top 59 lessons/advice/learning I've been giving myself since day one that have helped me reach where I am today (a thread 1/60): #BugBounty