Linx Command Line
#infosec #cybersecurity #cybersecurity tips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosec urity #cyberattacks #security #linux #cybersecurity awareness #bugbounty #bugbounty tips
Recon Tools
#infosec #cybersecurity #cybersecurity tips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosec urity #cyberattacks #security #linux #cybersecurity awareness #bugbounty #bugbounty tips
Tor vs VPN
#infosec #cybersecurity #cybersecurity tips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosec urity #cyberattacks #security #linux #cybersecurity awareness #bugbounty #bugbounty tips
#bugbountytip s #bugbountytip
add this XSS payload for your list
url=%26%2302java%26%23115cript:alert(document.domain)
Happy Hunting
How to find SQL injection on the Registration page?
Try SQL Injection in Email Address (username)
#bugbounty tips #bugbounty #bugbounty tips #sqli
REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB
Details: labs.taszk.io/articles/post/β¦
#cybersecurity #Pentesting #Hacking #bugbountytips #infosec #pwn #CTF #cybersecurity tips #redteam #coding #100DaysOfHacking #vulnerabilities #BugBounty #Hardware #Software β¦
Shodan InternetDB feature for Scanning Host CVEs & Ports using IP :
curl -X 'GET' 'internetdb.shodan.io/ip_here' -H 'accept: application/json' | jq
#bugbounty tips #bugbounty
CRLF injection with a 302 response will not succeed because browsers will ignore the body. However, adding a NULL byte (%00) will prevent the redirection, and the body will be executed, meaning that you will be able to inject XSS payloads.
#crlf #bugbounty #bugbounty tips
I earned $50 for my submission on bugcrowd
Tip: Fuzzing deeper is the key π
If you think you find a file sensitive, load up a huge wordlist and fuzz on every endpoint.
#BugBounty #bugbountytip s #bugbountytip #ItTakesACrowd
Time to Crack MD5 Hash
#infosec #cybersecurity #cybersecurity tips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosec urity #cyberattacks #security #linux #cybersecurity awareness #bugbounty #bugbounty tips
Linux Permissions Explained
#cybersecurity #pentesting #informationsecurity #hacking #DataSecurity #CyberSec #bugbountytips #Linux #websecurity #Network #Network Security #cybersecurity awareness
Chat GPT Cheat Sheet
#cybersecurity #pentesting #informationsecurity #hacking #DataSecurity #CyberSec #bugbountytips #Linux #websecurity #Network #Network Security #cybersecurity awareness
Here's the video PoC of Gmail Impersonation which I reported to Google VRP (Google Bug Hunters)
- Video: youtu.be/8hIw2hPtdRg
- Technical Details: hacklido.com/blog/499-technβ¦
#cybersecurity #Pentesting #Hacking #bugbountytips #infosec #CTF #pwn #cybersecurity tips #redteam #coding β¦
Common DNS Attacks
#cybersecurity #pentesting #informationsecurity #hacking #DataSecurity #CyberSec #bugbountytips #Linux #websecurity #Network #Network Security #cybersecurity awareness
Excited to announce that I've hit the milestone of 15k+ reputation HackerOne, placing me at an impressive rank 60 All time! π Grateful to have achieved this at the age of 20!
#bugbounty #bugbounty tip #bugbounty tips #ethicalhacking #hacking #infosec #pentesting #hackforgood
ChatGPT Cheat Sheet
#infosec #cybersecurity #cybersecurity tips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosec urity #cyberattacks #security #linux #cybersecurity awareness #bugbounty #bugbounty tips
Good old Forced Browsing π―
1. Noticed 403 for β/.gitβ
2. Kept knocking at different doors
3. Door # β.git/configβ & β.git/indexβ were unlocked
4. Dumped repo locally
5. Analyzed all items and located βconfig.phpβ containing secrets, prod credentials
#bugbountytips #BugBounty
Hello Community,
I found this JS file 'env-config.js' and my question is :
Should i report it immediately as [sensitive infos disclosure] or i need to perform other actions to prove the impacts ?
#bugbountytips
#BugBounty
#CyberSecurity