SoloSecurities (@solosecurities) 's Twitter Profile
SoloSecurities

@solosecurities

The worlds data needs defending. Solo Securities provides you a complete cyber security services.

ID: 1290891206570852354

linkhttps://solosecurities.com/ calendar_today05-08-2020 06:03:48

35 Tweet

22 Takipรงi

22 Takip Edilen

SoloSecurities (@solosecurities) 's Twitter Profile Photo
SoloSecurities
@solosecurities

a year ago

๐Ÿš€ Bypass Restrictions Like a Pro! ๐Ÿ”ฅ Struggling with Access Denied (403)? Try these header tricks to potentially unlock admin access! ๐Ÿ’ฐ ๐Ÿ”น X-Original-URL: /admin ๐Ÿ”น X-Rewrite-URL: /admin ๐Ÿ”น X-Custom-URL: /admin If the response flips 403 โžก๏ธ 200, youโ€™re in! #BugBounty

๐Ÿš€ Bypass Restrictions Like a Pro! ๐Ÿ”ฅ Struggling with Access Denied (403)? Try these header tricks to potentially unlock admin access! ๐Ÿ’ฐ ๐Ÿ”น X-Original-URL: /admin ๐Ÿ”น X-Rewrite-URL: /admin ๐Ÿ”น X-Custom-URL: /admin If the response flips 403 โžก๏ธ 200, youโ€™re in! #BugBounty
SoloSecurities (@solosecurities) 's Twitter Profile Photo
SoloSecurities
@solosecurities

a year ago

๐Ÿš€ Bug Bounty Tip: Bypass WAF by Finding the Origin IP! ๐Ÿ”Ž Steps: 1๏ธโƒฃ Find ASN via bgp.he.net 2๏ธโƒฃ Identify the IP range 3๏ธโƒฃ Scan with: prips 93.184.216.0/24 | hakoriginfinder -d example.com 4๏ธโƒฃ Check for MATCHโ€”youโ€™ve found the Origin IP!๐ŸŽฏ #CyberSecurity

๐Ÿš€ Bug Bounty Tip: Bypass WAF by Finding the Origin IP! ๐Ÿ”Ž Steps: 1๏ธโƒฃ Find ASN via bgp.he.net 2๏ธโƒฃ Identify the IP range 3๏ธโƒฃ Scan with: prips 93.184.216.0/24 | hakoriginfinder -d example.com 4๏ธโƒฃ Check for MATCHโ€”youโ€™ve found the Origin IP!๐ŸŽฏ #CyberSecurity
SoloSecurities (@solosecurities) 's Twitter Profile Photo
SoloSecurities
@solosecurities

a year ago

๐Ÿ” Bug Bounty Tip โ€“ Find Hidden Subdomains! ๐ŸŽฏUse Certificate Transparency Logs to uncover forgotten subdomains & expand your attack surface! ๐Ÿš€ #BugBounty #CyberSecurity #OSINT #Pentesting #EthicalHacking #Infosec #RedTeam

๐Ÿ” Bug Bounty Tip โ€“ Find Hidden Subdomains! ๐ŸŽฏUse Certificate Transparency Logs to uncover forgotten subdomains & expand your attack surface! ๐Ÿš€ #BugBounty #CyberSecurity #OSINT #Pentesting #EthicalHacking #Infosec #RedTeam
SoloSecurities (@solosecurities) 's Twitter Profile Photo
SoloSecurities
@solosecurities

a year ago

๐Ÿ“ข Bug Bounty Tip: CSRF Bypass via Forgotten API Endpoints Even if your main API enforces x-csrf-token, legacy endpoints might still be wide open ๐Ÿ‘€ โœ… /api/user/account/DELETE โ†’ Protected โŒ /xos_api/user/account/DELETE โ†’ No CSRF check! #BugBounty #WebSecurity #CSRF

๐Ÿ“ข Bug Bounty Tip: CSRF Bypass via Forgotten API Endpoints Even if your main API enforces x-csrf-token, legacy endpoints might still be wide open ๐Ÿ‘€ โœ… /api/user/account/DELETE โ†’ Protected โŒ /xos_api/user/account/DELETE โ†’ No CSRF check! #BugBounty #WebSecurity #CSRF
SoloSecurities (@solosecurities) 's Twitter Profile Photo
SoloSecurities
@solosecurities

a year ago

๐Ÿง ๐Ÿ’ป Bug Bounty Trick: Base64 Image in a Text Field You're testing how the app handles unexpected data types โ€” a goldmine for bugs like XSS, content sniffing, or poor input validation. ๐Ÿž๐Ÿ” Real hackers donโ€™t just think outside the box โ€” they *test* the box. ๐Ÿ”“ #BugBounty

๐Ÿง ๐Ÿ’ป Bug Bounty Trick: Base64 Image in a Text Field You're testing how the app handles unexpected data types โ€” a goldmine for bugs like XSS, content sniffing, or poor input validation. ๐Ÿž๐Ÿ” Real hackers donโ€™t just think outside the box โ€” they *test* the box. ๐Ÿ”“ #BugBounty
SoloSecurities (@solosecurities) 's Twitter Profile Photo
SoloSecurities
@solosecurities

a year ago

๐Ÿ“„๐Ÿ’ฃ PDF Script Injection: Silent but Deadly 3 attack vectors every bug hunter should know: 1๏ธโƒฃ Metadata: "><script>alert(1)</script> 2๏ธโƒฃ /OpenAction JS 3๏ธโƒฃ File name: "><script>alert(1)</script>.pdf ๐Ÿ’ก Chain for max impact. ๐Ÿ›ก๏ธ Test. Report. Get paid. #BugBounty #CyberSecurity

๐Ÿ“„๐Ÿ’ฃ PDF Script Injection: Silent but Deadly 3 attack vectors every bug hunter should know: 1๏ธโƒฃ Metadata: "&gt;&lt;script&gt;alert(1)&lt;/script&gt; 2๏ธโƒฃ /OpenAction JS 3๏ธโƒฃ File name: "&gt;&lt;script&gt;alert(1)&lt;/script&gt;.pdf ๐Ÿ’ก Chain for max impact. ๐Ÿ›ก๏ธ Test. Report. Get paid. #BugBounty #CyberSecurity
Hemant Patidar (@hemantsolo) 's Twitter Profile Photo
Hemant Patidar
@hemantsolo

a year ago

While I hunted the big ๐ŸŽ, automation secured the bag ๐Ÿ’ผโ€”P3 & P4 holding it down! โ‚ฌ200 earned via systematic recon: ๐Ÿ” Subdomain โ†’ Port scan โ†’ Dir brute โ†’ Old creds & logs Details on the Apple vuln dropping soon (sensitive bits redacted) ๐Ÿ•ต๏ธโ€โ™‚๏ธ #BugBounty #Infosec #Security

While I hunted the big ๐ŸŽ, automation secured the bag ๐Ÿ’ผโ€”P3 &amp; P4 holding it down! โ‚ฌ200 earned via systematic recon: ๐Ÿ” Subdomain โ†’ Port scan โ†’ Dir brute โ†’ Old creds &amp; logs Details on the Apple vuln dropping soon (sensitive bits redacted) ๐Ÿ•ต๏ธโ€โ™‚๏ธ #BugBounty #Infosec #Security
SoloSecurities (@solosecurities) 's Twitter Profile Photo
SoloSecurities
@solosecurities

a year ago

โณ Only 2 Days Left! ๐Ÿ”ฅ May Batch โ€“ Live Bug Bounty Training From Beginner to Advanced ๐Ÿž๐Ÿ’ฐ ๐Ÿง  Learn real-world hacking ๐Ÿ† Land bounties & HoF mentions ๐Ÿ“… Starts: 12 May 2025 ๐ŸŽŸ๏ธ Register: wa.me/message/VYWZKXโ€ฆ Or visit: academy.solosecurities.com #BugBounty #EthicalHacking

โณ Only 2 Days Left! ๐Ÿ”ฅ May Batch โ€“ Live Bug Bounty Training From Beginner to Advanced ๐Ÿž๐Ÿ’ฐ ๐Ÿง  Learn real-world hacking ๐Ÿ† Land bounties &amp; HoF mentions ๐Ÿ“… Starts: 12 May 2025 ๐ŸŽŸ๏ธ Register: wa.me/message/VYWZKXโ€ฆ Or visit: academy.solosecurities.com #BugBounty #EthicalHacking