bug bounty
65 Threads
Over the past 6 months, I've had the pleasure of participating in 5 HackerOne Live Hacking events. It has been quite the challenge to my work-life balance and my hacking skills, bu...
API-Security-Tips Old version of API tend to be more vulnerable Saw a call to api/v3/login? Check api/v1/login exists as well It might be more vulnerable 🧵1/10 #bugbounty #bugb...
How about some quick recon only using tools by @pdiscoveryio ? 🧵👇 #bugbounty #recon #bugbountytips
Top burpsuite extensions you must give a try while hunt✅ 👇🔥 #bugbountytips #infosec →Autorise: Used to detect IDORs and BACs →Upload Scanner: Tests multiple upload vulnerabilities...
#bugbountytips #learn #learn365 #SSRF Let's learn SSRF in a Thread 🧵 Here is my notes on SSRF (Just Basics) ->
New to recon? Looking for video tutorials to up your recon game? Checkout the talks below 🧵👇 PS: All of these talks are super informative and well presented. There's no ranking...
I revisited NahamCon 2021 and found the talk by @rez0__ on fuff super informative. Hence, I decided to write a thread on it for those who don't have time to watch the talk. "fuff...
I got around 10+ messages last week asking me for the tools I use in Bug Bounty. So I thought why not make a thread on it. Here's a list of my most used tools. 🧵👇 PS: This is m...
We mostly use amass enum and forget the rest. But did you know you can do something more? Did you know that you can track scan requests? Read more 👇 #bugbountytip #bugbounty #a...
2FA Bypass Techniques thread 🔥🐞🔓 ------------------------- 📌2FA Code Leakage in Response: You can intercept otp using burpsuite and inspect http response and check if the 2FA cod...
75% of my Twitter DMs in the recent times have been people asking me "How to get started in Ethical Hacking?" Although I love to answer everybody personally, I decided to write a...
ffuf is a tool used by many people. But only a few use the tool effectively. Here are 9 tips you want to know right away 👇 🧵 #recontips #ffuf #BugBounty #bugbountytips #attacks...
Useful Google Dorks for #BugBounty site:https://t.co/tskXDTQKwR intext:company site:https://t.co/rne7OraQQ6 inurl:company site:https://t.co/hJ7LoQ8GRT inurl:company 😜More on the...
CRLF injection is a software application coding vulnerability that occurs when an attacker injects a CRLF character sequence where it is not expected. More in the Thread Below👇👇👇...
a🧵 ⚠️Orgs with mature security programs⚠️ Want a masterclass in scoping/running a bug bounty program? Read more from a program owner, (former) bounty platform employee, and top...
A thread🧵 💸Secrets of automation-kings in bug bounty💸 Finding 1day (or 1month) web exploits that haven't made their into scanners yet can make you big money. Read more to under...
Business Logic Bug Worth $600 🧩 #bugbountytips 🧵👇🏻
Have A Nice Weekend #CyberSecurity Folks, #BugBounty hunters & larger #twitter fam... https://t.co/pP1v2wS0FR
#Secret6 8 Awesome 2FA Bypass Techniques 🗝️ #bugbountytips 🧵👇🏻 https://t.co/fdlisRs2gA https://t.co/bxiDoWaYog
Some Good Bug Bounty Thread Here... https://t.co/WSAup2BANU #bugbountytips #BugBounty #CyberSecurity
Recon Tools for Web Application Pentesting... :) Credits ~ Khalid Maina A Thread 🧵 ↓ #cybersecurity #infosec #pentesting #bugbounty
= Infosec super-thread = A big part of my presos is tools/resources I like for offensive security & bug hunting. Here's a thread of "PRINT" resources cited in the Bug Hunter's M...
Recon Tools for Web Application Pentesting... :) Credits ~ Khalid Maina A Thread 🧵↓ #cybersecurity #pentesting #bugbounty
I recently wrote a thread on my top used Bug Bounty Tools. You can find it here : https://t.co/ep4fRZuBhh After publishing the above thread, I got lots of requests to write on m...