Hunting for blind XSS vulnerabilities: A complete guide, good resources by Intigriti intigriti.com/researchers/bl…

Attacks on Maven proxy repositories, nice finding leading to stored XSS, by Michael Stepankin github.blog/security/vulne…

Leak HTTP Requests through Service Worker and XSS, an interesting XSS use-case, by Abdullah Al-Sultani tech.alsultani.me/2025/02/10/lea…

Israeli drone operator, probably an Israeli 20-some year old you’ll run into somewhere in Europe or Thailand, dropped a bomb on a starving girl carrying water home to her family. He’s probably done this dozens of times. This time it’s on camera

I found a simple IDOR that turned into an account takeover. The bounty? $5,000. Here’s exactly how I found it 🧵👇

1. The target had an "Add Contact" feature. It was used to add contacts to an account, but those contacts could be given a wide range of permissions. The request to add a contact looked like this: POST /addcontact?accountId=123 { "accountId": 123, "email": "[email protected]" }

🚨 NGINX Misconfiguration Challenge 🚨 I created a vulnerable nginx.conf for learning purposes 🔥 Can you find and explain at least one vulnerability? Bonus points if you find them all 😎 Drop your findings in the comments 👇

Brought to you by the World’s Most Moral Military™

I bypassed the paywall of an entire learning platform... They marked it "medium". I tried harder and raised the severity. That turned into a $1,500 bounty. Here’s the full story 🧵👇

Cloudflare 403 bypass to time-based blind SQLi: PL: (select(0)from(select(sleep(10)))v) → 403 but PL: (select(0)from(select(sleep(6)))v)/*'%2B(select(0)from(select(sleep(6)))v)%2B'%5C"%2B(select(0)from(select(sleep(6)))v) → Time-based Blind SQLi #BugBounty #SQLi

If you respond with 3 replys, you will help me a lot to make my post visible to everyone, even if a dot. gofundme.com/f/help-ibrahim…

Find the origin servers of websites protected by Cloudflare, Sucuri, or Incapsula with a misconfigured DNS. ⚔️ - github.com/MrH0wl/Cloudma… Credit: Md Ismail Šojal 🕷️ #infosec #bugbountytips #Cybersecurity

WAFs still blocking your payloads? Try our newest pointer capture tricks. Our XSS cheat sheet just got an upgrade thanks to Ahsan Shahid. portswigger.net/web-security/c…

Thank goodness they found those indestructible pilot’s passports on the ground below the World Trade Centres. Otherwise, we wouldn’t have been able to confirm it was the Muslims that did it. P.S. Jet fuel melts steel beams but has no effect on paper. They think you’re

This was way before Oct 7

If you see this Pic, reply with 🇵🇸 to spread it !

How to access servers behind Cloudflare by bypassing the firewall? FearsOff Cybersecurity #bugbountytips #cloudflare #firewall #bypass 1) Found a sweet hostname but Cloudflare Firewall blocks you? There's a neat trick attackers can use if the origin is misconfigured.

Thanks to the awesome work by our team we can finally announce our official urlscan cli tool: urlscan.io/blog/2025/09/0… - Submit scans, run searches, find domains, get creative. Feel free to share your use-cases with us on X! Download on Github or homebrew.

In 4 years of hacking, dorks only worked for me once. But that single hit earned me $6,700. Here's exactly how it happened 🧵👇

Kirill Firsov FearsOff Cybersecurity I wrote two writeups about cloudflare: The first one about bypassing WAF rules if it only allows cloudflare ips only 0vulns.medium.com/rip-cloudflare… The second one about finding the origin server behind cloudflare using cookies name 0vulns.medium.com/a-deep-dive-in…