Esmaeil Rahimian @H_Mosafer
Who am I? DevSecOps Engineer,PenTester,Security researcher,BugHunter(Sometimes) 🇦🇪🇮🇷 blackhat.com/asia-18/presen… Dubai, United Arab Emirates Joined November 2012-
Tweets3K
-
Followers3K
-
Following474
-
Likes7K
How to avoid burnouts in bugbounty? medium.com/@mr_prey3r/how… #TogetherWeHitHarder #inbbupdatesblogs #infosec #bugbountytips
I just published How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform. link.medium.com/58c2u5J66Ib #bugbountytips #bugbountytip #CyberSecurity
PlayStation should be paid 100k$ at least for this bug instead of 12k$ what a joke ! hackerone.com/reports/2177925 #bugbountytips #CyberSecurity
dorkking.blindf.com سایتی برای دورک کردن
خب من ریدم سر در اون ارگانی که کار ارباب رجوع رو به خاطر اینکه روز پنج شنبه برنامه کوهنوردی دارین ،عقب میندازین
fdlucifer.github.io/2024/04/22/gra… عجیبه این آسیب پذیری رو نادیده گرفتن و گفتن این feature هست .
Best opportunity 👇👇👇👇
The damage of VDP programs and their Incentivization is far greater than giving some hunters "points" for farming none-bugs that they can later boast on their CV's, I believe it might actually ruin Bug Bounty platforms in the near future, Let's explore the facts 📜 So VDP's, as…
اگر در بهشت انواع ته دیگ سرو نشه من پامو تو بهشت نمیذارم 🤣😁
و غیره....... 😁🤣🤣🤣🤣
instagram.com/reel/C3GGOchMX… چرا کسی این بی ناموس رو نمیگیره؟ آقای قوء قضایی به جای اینکه بری یوتیوبر بگیری برو اینا رو بگیر
Monocle is a new reverse engineering tool from James Stevenson that combines local LLM with a bridge to Ghidra to implement a natural language search capability that will return candidate functions along with a match score and a high-level synopsis of what the function does:…
The below SQLI Payload working properly: ' union select @@version,null --%20 and give me the database version but other payloads did not work the SQLMap also can not detect the working payload. Do you have any idea ? H1 need more info for this case #BugBounty
اتفاقا یک بار برا من اتفاق افتاد که به بحث و جدل انجامید من گفتم برو اضافه بار ببین چقدره هزینش رو من میدم مطمئن بودم اگه ریگی به کفشش نباشه قبول میکنه که یارو غربت بازی درِآورد فهمیدم یارو دیوثیه که بار ممنوعه داره میخواد بکنه تو پاچه ی من به هیچ عنوان قبول نکنید.
اتفاقا یک بار برا من اتفاق افتاد که به بحث و جدل انجامید من گفتم برو اضافه بار ببین چقدره هزینش رو من میدم مطمئن بودم اگه ریگی به کفشش نباشه قبول میکنه که یارو غربت بازی درِآورد فهمیدم یارو دیوثیه که بار ممنوعه داره میخواد بکنه تو پاچه ی من به هیچ عنوان قبول نکنید.
یاشو @voorivex
34K Followers 653 Following باگ هانتر، مدرس، مشاور امنیت دونپایه، دانش آموخته مهندسی لیزر و اپتیک، دوستدار شطرنج، حساب انگلیسی @yshahinzadehTeegra 🧝♀�.. @Teeegra
11K Followers 2K Following 🔞 𝕏 🤖 Infrastructure Cyber Security 💊🌈 🎓 M.S. Cybersecurity 🍄 Ransomware 🔍😈🐛🐞💳🎣💰 #cybersecurityHamid Kashfi @hkashfi
7K Followers 999 Following I do computers @ https://t.co/DKXRMmnzya . Previously Immunity Inc & ToB. Hobbyist photographer https://t.co/QGEtQaXnRE @[email protected]Sepehr Hashemi⚡ ∞.. @sipbikardi
3K Followers 210 Following #Bitcoin lover | A guy from Shiraz | Obsessed with Persian poem | I’m an oxygen consumer and CO2 producer, just like any others!seyyid @__seyyid__
827 Followers 574 Following آسیدام #تبریز هر از گاهی شعر میخونم/ رپ گوش میکنم. کانالم تو تلگرام : https://t.co/jd0zgnyo2rVahid Rezazadeh @vahidrezazadeh5
6K Followers 2K Following Full Stack Developer https://t.co/wL1ZACIVCeBorna Nematzadeh @LogicalHunter
3K Followers 219 Following Microsoft MVR | Google Top Bug Bounty Hunter | Security Researcher | @alectrona_ethamirpayamani @amirpayamani
1K Followers 2K Following Cyber security engineer🕸️Penetration tester🕷️Bug hunterSina @_SecurityAttack
4K Followers 529 Following BugHuntingPentest!! Jump 0x90 - Graduated in software engineering & Loves computer security researchCompact blue @Taha_shh
2 Followers 194 Following جانوری که قبلا یک مرد بود به سوی گهواری ای جدید میرفتsam @Taherzadehsam
1 Followers 40 FollowingSatar @Sattar_nz
62 Followers 966 Following/\/\ o |-| /-\ /\/\ /.. @0x64m_
0 Followers 27 FollowingEva @sondersand
10 Followers 244 Following Love life, enjoy traveling, enjoy different landscapes and cultural history (hope to meet friends with common interestsSHARIQ KHAN @shariqkhan145
17 Followers 738 FollowingKiran R @Kiran_r_
3 Followers 82 Followingsanga Mahesh @sangaMahesh118
2 Followers 262 Followingnavabigh @navabigh
1 Followers 245 Followingt4jnn @l30nt4jnn
51 Followers 575 Following VMO0aQ Y2jhu4k Ymnhur90 beG7mXQ xJFp4buBdQ bMOgOg dMO0aQ Y2jhurNuZw Ymnhur90 Z8OsIA Y+G6oy4 | Server Reboot Engineer | Service Restart EngineerK1nz @viet_kien16450
105 Followers 2K FollowingAhmed Mabark Raiaed M.. @raiaed22150
41 Followers 1K Following𝔸𝕫𝕙𝕕𝕒�.. @azhdarban
22 Followers 769 Following علاقهمند به #تکنولوژی #بلاکچین و دنبال کنندهی بازارهای مالی حوزهی #کریپتوکارنسی و #بیتکوینAbolfazl Vaziri @Abolfazlvaziri4
140 Followers 95 Following Black Intelligence 🧠 \n SECURITY RESEARCHERasalkateb @asalkateb
3 Followers 65 Followingعلی موز @Alilooo85
33 Followers 788 FollowingRaccoonCryptoCoder @0XRaccoonCoder
32 Followers 343 Followingbehzibehhh Behzii @BBehzii95319
0 Followers 92 FollowingAraz @0__reza__1
6 Followers 130 FollowingYashar xan @yasharxan
405 Followers 665 Following پشت هیچستانم پشت هیچستان جایی است پشت هیچستان رگهای هوا، پر قاصدهاییست که خبر میآرند...~ᴍᴇʜᴅɪ @Real_Mehdi1
34 Followers 180 Following گفتمش: جان منی، خوشتر ز جان جانان منی گفت: جانا، تو خود آنی که میپنداریpapa @papa2037902
5 Followers 58 Followingamir robot @amir_robot
8 Followers 121 Followingmr @n_mobin22148
26 Followers 154 Followingsufian English @EnglishSufian
21 Followers 1K FollowingEsi @E309999
0 Followers 15 FollowingAli.es @Alies2003
74 Followers 76 FollowingAH00EE @AH00EE
99 Followers 550 Followingگینزو خوابه @_eagle_eye__
247 Followers 3K Following دارای خون جهنده :)/بسیار شنونده :)/متخصص نه شنیدن و نه گفتن :)/سرگشته و حیران درپی خویشتن خویشpwner @ManishNeupane03
2K Followers 200 Following یاشو @voorivex
34K Followers 653 Following باگ هانتر، مدرس، مشاور امنیت دونپایه، دانش آموخته مهندسی لیزر و اپتیک، دوستدار شطرنج، حساب انگلیسی @yshahinzadeheMjEY @lisa_loo_who
39K Followers 1 Following محمد جرجندی -دکتری تلف کردن وقت Independent CyberCrime Intelligence Researcher Ben Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷Teegra 🧝♀�.. @Teeegra
11K Followers 2K Following 🔞 𝕏 🤖 Infrastructure Cyber Security 💊🌈 🎓 M.S. Cybersecurity 🍄 Ransomware 🔍😈🐛🐞💳🎣💰 #cybersecurityHamid Kashfi @hkashfi
7K Followers 999 Following I do computers @ https://t.co/DKXRMmnzya . Previously Immunity Inc & ToB. Hobbyist photographer https://t.co/QGEtQaXnRE @[email protected]YS @YShahinzadeh
10K Followers 325 Following Bug Hunter, Security consultant - My Farsi Tweets go @voorivexIntigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlSepehr Hashemi⚡ ∞.. @sipbikardi
3K Followers 210 Following #Bitcoin lover | A guy from Shiraz | Obsessed with Persian poem | I’m an oxygen consumer and CO2 producer, just like any others!bugcrowd @Bugcrowd
160K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™Borna Nematzadeh @LogicalHunter
3K Followers 219 Following Microsoft MVR | Google Top Bug Bounty Hunter | Security Researcher | @alectrona_ethSam Curry @samwcyo
77K Followers 943 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.amirpayamani @amirpayamani
1K Followers 2K Following Cyber security engineer🕸️Penetration tester🕷️Bug hunterSina @_SecurityAttack
4K Followers 529 Following BugHuntingPentest!! Jump 0x90 - Graduated in software engineering & Loves computer security researchiSec @iSec_eg
135 Followers 9 Following We Promote #information #security solutions and services to establish a consistent and secure environment within entitiesAndres Freund (Tech) @AndresFreundTec
9K Followers 105 Following FWD: @[email protected] Postgres developer, working at Microsoft. For politics: @AndresFreundPolDimitrios 🪼🪼 �.. @Ch0pin
3K Followers 58 Following Senior Security Researcher @Microsoft. Developer of https://t.co/Gc5RzBvCGL. Mastodon: https://t.co/jimGT5rgIU. My opinions are my own.SSD Secure Disclosure @SecuriTeam_SSD
23K Followers 2 Following SSD provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. [email protected]NO CONTEXT HUMANS PER.. @ContextPersian
34K Followers 0 FollowingHamid Teimouri @hamidteimouriii
14K Followers 4K Following angel investor, vlogger, founder of iranfilm, acting student🄲🅈🄱🄴🅁 .. @Cyber_Asia_
3K Followers 349 Following Follow us for the latest #cybersecurity news in Asia Pacific.Peyman Mohammadian @pey_74
23K Followers 2K Following علاقهمند به مارکتینگ و اقتصاد و کسبوکار مشاور مارکتینگ و کسبوکار و سئو دایرکت توییترم خوب کار نمیکنه؛ لطفا به تلگرامم پیام بدید: https://t.co/feeWIsXbquSam Page @Sam_Page_MK
2K Followers 2K Following IT, Cyber & InfoSec Staff Augmentation @ThebesGroup - Father of 3 boys - Economics Graduate - Evertonian - Rugby Coach - Boxing, BJJ & MMA fanSurena @RFetrati
5K Followers 543 FollowingRohit @rohsec
12K Followers 180 Following Bug Bounty Hunter | @Hacker0x01 Ambassador | Creator - @h1disclosed . The Only Easy Day Was Yesterday Born in India, Made on BattlefieldBugBountyTips Retweet.. @BBT_retweet
542 Followers 2K FollowingZeroZenX @zerozenxlabs
86 Followers 0 Following ZeroZenx, your trusted destination for cutting-edge 0day acquisition solutions. We're dedicated to revolutionizing cybersecurity, ensuring your digital securityوزیرِ هزلیه @hazliyeah
7K Followers 365 Following مبانی فلسفه و علم به زبان هزل! ___ هزل فارسی - وزارت امور هزلیہ - #هزلیهDarkerhack @Dark3rH4cK
901 Followers 2K Following BB Hunter, @warlockrootx CTF Player, Fascinated About CyberSecurity. Aim for the Impossible 🚩Rick Sanchez 🤍 ر�.. @m4tinbeigi
6K Followers 6K Following ریک هستم، ریک سانچز | «عشق یک واکنش شیمیاییه» Wubba lubba dub dub! | برای #تبلیغات ایمیل بزنید | دایرکت پیام ارسال نکنید [email protected]Joel Margolis (teknog.. @0xteknogeek
14K Followers 1K Following AppSec by day, Hacker by night || Co-host of @ctbbpodcast || Puzzle addictSaeed Fard @saeed_fard
3K Followers 903 Following Business & Web Developer, https://t.co/aoEGsUZ0xh Local Manager, Founder @wpparsi, @irwpmeetup. CEO @cuteskin_iranHunter @HunterMapping
11K Followers 186 Following Internet search engine for security researchers https://t.co/PYY1kXgbiiArash Rezaei @me_n4me
353 Followers 577 Following 🇮🇷 Web application Security Researcher & Linux/Debian٫ Calligrapher٫ Bug hunterB a b r i y 🐯 @Ttcompany2009
3K Followers 621 Following "أقوى الحُروبِ أن تُحارِبَ اشتياقَك" | Fuelet 🔗خالق چارت رنگی در تویتتر فارسی |¦|Ahmad Batebi @radiojibi
64K Followers 3K Following Journalist at @VOAFarsi & Doctoral student in Cyber Security. I am not impartial. I am on the side of the truth. All tweets are personal opinions. https://t.co/awlUZtfew3Milad Bahari @Milad_Bahari
673 Followers 1K FollowingAmir Kiani @Amir0x01
2K Followers 4K Following Cyber Security Researcher | Penetration Tester | KickBoxروم به دیوا�.. @roombedivar_com
22K Followers 59 Following فروش اینترنتی محصولات جنسی-تحویل در کمتر از ٢ساعت در تهران، البرز، مشهد و رامسر-ارسال پستی به تمام نقاط ایران | با دانلود اپلیکیشن از اعتبار هدیه برخوردار شویدMina 💃 @mina_usual
2K Followers 556 Followingyedoost @iyedoost
2K Followers 597 Following Back-end developer 👨💻, knows a thing or two about DevOps and Linux (I use Arch BTW), gamer 🎮, headbanger 🎸 and halfway otaku. gpg: 6AB5 E828 BB29 95C1Hediyeh @HediyehAmm
5K Followers 2K Following بیا در مورد شعر، موسیقیِ کلاسیک و فلسفه حرف بزنیم، از اسمون غافل نشیم اما | علاقمند به امنیت | tennis | fx trader |Bug Bounty Switzerlan.. @bugbounty_ch
2K Followers 201 Following Together with Hackers we prevent Cyber Attacks and build Digital Trust for a better World.I've made over 100k on SSRF vulnerabilities. They aren't always as simple as pointing it at localhost or AWS Metadata service. Here are some tricks I've picked up over the past 5 years of web app testing:
شاید اگر الان ی تیرامیسو گنده داشتم، آدم خوشحال تری بودم🫠
اینم یک مخزن دیگر که در چند وقت اخیر فعال بوده و می توان به عنوان یک راهنما برای Bug Bounty و pentest از آن استفاده کرد که تکنیک ها و نکات را به صورت Mindmap به تصویر کشیده است. github.com/imran-parray/M…
یکی از مخازنی که این چند ماه اخیر خیلی خوب با تکنیک ها و نکات امنیتی بروز می شه SecurityTips است. هم Mindmap های خوبی داره برای نقشه راه، مثل همین باگ های File upload که در تصویر می بینید و کلی مباحث دیگه مثل BurpSuite، RedTeam، Web Pentest و ... github.com/hackerscrolls/…
Dork: Apache Server Leakage inurl:server-status "apache server status" "cpu usage" Reference: medium.com/@ghostlulzhack… Vulnerable Site- itronot.co.il/server-status Join Telegram for More t.me/brutsecurity/3… #bugbounty #bugbountytips #ethicalhacking #cybersecurity
I found a simple but rare misconfiguration and got $200 on a hackerone program harish45.medium.com/i-found-a-simp… #TogetherWeHitHarder #inbbupdatesblogs #infosec #bugbountytips
The team at @sysdig wrote a great article on how they fuzzed and bypassed the AWS WAF! buff.ly/4d69fbK <strong><button popovertarget=x>click me</button><test onbeforetoggle=alert(document.domain) popover id=x>aaa</aaa></strong> #bugbounty #bugbountytips #hackers #xss
When you Hunt Manually on a target Just Hover the mouse over the page contents /functions it covers parameters that can be tested for .. #bugbountytips
When testing for LFI and You Can't see POC in Browser & you want fast test "No Interceptors " You Can Use curl :) #bugbountytips
Tips for JS file enum for endpoints /Juicy info ... ** - download js files of the target Ex : wget link_to_js ** - use beautifier.io to easy read js file contents ** - i got extra endpoints to check for :) #bugbountytips
@Burp_Suite I probably have requested this before already, but do you have any plans for implementing active-extension profiles? Similar to customized scan profiles, it would help a lot to be able to load/unload a specified set of extensions with one click, based on needs.
@H_Mosafer @Rezza_Olfat ممنونم مهندس. خیلی لطف کردی. انشالله تو شادیا جبران کنم. ❤️💙🙏🌹
چقدر دارک بوده پسر، انگار به موضوع اعتیاد به شیشه رو داره بررسی میکنه، هر فریم این ویدیو آدم یکبار پشمام میریزه 😄 اینترنت صدا نداره
برنامه شوک سال ۸۸ در مورد اینترنت
@alicanact60 Vdps running private programs with *exact* same scope are a big problem. Waste of time. Wouldn’t bother spending more time on there if I was you
همیشه برام سواله که این آدما خانواده نداشتن چیزی بهشون یاد بده؟ دوست درست حسابی نداشتن؟ چجوری انقدر میتونن کثافت باشن اخه!
@H_Mosafer @payping_ir نه نه عوضش کردیممم اینجا جدیدس خیلیییییی خوشگله🥹
I always read reports on APTs hitting Cisco & other vendors VPN appliances, not as a forensics report, but a crash course on product-specific offensive tips & tricks. Vulns eventually die but post-exploitation tricks often last very very long. blog.talosintelligence.com/arcanedoor-new…