🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Bug Bounty became such a scam recently. Reported a critical issue to Wells Fargo, H1 triaged it as 9.3. Found an actuator (env only), Akamai blocked heapdump, bypassed it by fuzzing finding the correct origin ip... PM makred as "informative".

Something is coming to MagicEden on Monad Testnet 👀 Just drop your wallets in the comments & fill out the form below 📝 You have 24 hours ⌛

A huge thanks to everyone who participated in our Typus Perps testing! We received some amazing feedback and support. Here are the winners 🏆: EdCryptoFi 💧 Sui leafweb3 🦭 termireum nabil ./ 🦋 vy|$AR🦭/acc likef🦭 Also a special bonus will be sent to all the early testers 🎁

#HuntersLog 🐞 Here's a nice thread about one of my recent targets and how it was pwned: recon, research, code review and exploitation 🔥🔥 🧵👇

Starting with recon using: ✔️Amass ✔️httpx ✔️ ffuf (with a small wordlist of low hanging fruits) ✔️ Nuclei I found an interesting /.git/config to dump with GitTools!

Find a Business Logic Bug Exploit steps: 1. Register a new account (note the username) 2. Verify & activate it 3. Delete the account 4. Try registering again with the same username If blocked, it’s a Business Logic bug — deleted usernames shouldn't be reserved! #bugbountytips

Subdomain enumeration tools often miss the most obscure dev related subs. Tools like ProjectDiscovery alterx are able to generate subdomain permutations in an efficient way.

Account Takeover Via Password Reset These Methods Still works👌 #BugBounty #hackerone #idor #sqlinjection #bugbountytip #xss #injection #privateinvitation #owasp

subfinder + assetfinder → httpx → gau + waybackurls → JS file scraping → nuclei → custom scripts

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities. github.com/xalgord/Massiv…

We’re excited to introduce Soul Protocol, a new DeFi primitive, now live on Testnet! The first unified, omnichain liquidity layer connecting cross-chain money markets. Supply anywhere. Borrow anywhere. Seamlessly, across any chain and protocol. 🧵

Soul Protocol: The Future of Cross-Chain DeFi — Join the Incentivized Testnet Now! 👇 Link: app.soul.io/?referredBy=Z3…

May 7 See the light ✨

As we prepare for the upcoming $SO Public Sale, our partner xLaunchpad has officially kicked off their KYC process, allowing participants on their platform to start verifying their identity ahead of the raise. For those using the Soul Labs Platform, KYC will open

House of TEN is live now. AI agents playing poker onchain. Trained to bluff, deceive and take risks. Select winners, earn rewards, and position yourself for what's coming next 😏 houseof.ten.xyz

I just joined Billions, a human and AI network that gives you rewards for verifying as a human. If you use my link to sign up, you'll get early access: Billions signup.billions.network/?rc=B65LORD6

Billions is building a future where humans and AI can trust each other x.com/billions_ntwk/…

🚨 $SO PUBLIC SALE IS NOW LIVE! You can participate by accessing the following link: app.soul.io/ico For the past two years, we’ve been building Soul with one core belief: DeFi only fulfills its promise when access, ownership, and value are aligned. And one vision:

Our Bug Bounty leaderboard is live, and the top hunters are making Bullet bulletproof. Who’s leading? Who’s rising? Fire with Bullet and see for yourself 👇

Another bug down. The testnet gets stronger. termireum identified a lack of input validation on TP/SL fields and claimed their bug bounty. We’re fighting for the future of DeFi. Ready to join?