tushar_recon @ReconTushar
Bug Bounty @Hacker0x01 hackerone.com/tushar_rec0n India Joined September 2020-
Tweets318
-
Followers599
-
Following135
-
Likes564
In March, I submitted 9 vulnerabilities to 5 programs on @Hacker0x01. #TogetherWeHitHarder hackerone.com/last-month
@disclosedh1 i still find it bonkers that h1 triage have the power to say "nope this isn't a bug!" & close reports for companies they don't work for. imagine if x/twitter didn't review this report. not a good look for h1 triage
ATTENTION all India based researchers !!!! Seems like @Hacker0x01 payment partner[@Currencycloud ] is no longer processing INR local & SWIFT (USD) payouts to India as per this post - hackeronestatus.com/incidents/x9cj… Kindly update your payout preference in @Hacker0x01
Hackers, here's an example of HackerOne's Detailed Platform Standards being used to get to a shared, and accurate understanding of severity (Critical for a mass sensitive PII leak in this case). Any other examples anyone wants to tag me in? Would appreciate it. cc: @ReconTushar
Hackers, here's an example of HackerOne's Detailed Platform Standards being used to get to a shared, and accurate understanding of severity (Critical for a mass sensitive PII leak in this case). Any other examples anyone wants to tag me in? Would appreciate it. cc: @ReconTushar
Enjin disclosed a bug submitted by @ReconTushar: hackerone.com/reports/2327238 #hackerone #bugbounty
#BugBounty https://t.co/xObpwJ3uzH
Every time I've been hiring recently, it's been for Senior roles, and I always get asked about more Junior opportunities. Well, that time has come, and we're looking for a Security Engineer at Reddit.
Bug bounty hunting is very stressful. Hunters have al most no power against companies or platforms. There's an asimetry of power and information. Programs (companies) can refuse to accept a bug just because they can. Programs might delay triage and payment for months, even years
Found this on a newly added feature #bugbounty
Head over to our latest blog post to read all about the hunt, the challenges, and the sweet, sweet rewards that @tirtha_mandal & I bagged!! You won't regret it - naaash-adobe.simple.ink
That's a wrap from our hacking meetup.We hacked on a private program, submitted 40+ reports with some cool bounties on the way. Yet to see who tops the leaderboard as bounties are updated .t.ly/XuPaG Thanks everyone for attending let's meet soon #BugBounty #hackerone
In November, I submitted 24 vulnerabilities to 9 programs on @Hacker0x01. #TogetherWeHitHarder hackerone.com/last-month
(unpopular opinion) In #bugbounty, those who make the most money are not necessarily the best in terms of skills (hardly ever). They're definitely the best at making money. By: - access to unpopulated private programs - milking CVEs from many programs - favoritism on some…
I have made a 26 minute long video covering the Zenbleed CPU vulnerability. But it's not just a news video! I always try to include lots of technical details and "hidden tutorials". So what can you learn from this video?
Prime example of why AI will never replace security researchers.
Prime example of why AI will never replace security researchers.
Bug write-up for Google Extensions thanks @ThomasOrlita and others for the help :) ndevtk.github.io/writeups/2023/… this writeup does include some free XSSs I got board of waiting.
Yay, I was awarded a $500+$500 bounty on @Hacker0x01! hackerone.com/tushar_rec0n #TogetherWeHitHarder I had to request mediation for both the reports. Nothing happened, personally pinged the program owners. Mediation is really bad these days.
root@AkashHamal0x01:~.. @AkashHamal0x01
7K Followers 691 Following Solo | https://t.co/I6KH8WN8nm | Community Helper 🤝| WebApp Security 🐞 | Avid Learner 📖 | Male | Father of One | Married 💍Het Mehta @hetmehtaa
24K Followers 954 Following Security Analyst | Content Creator | I Spread Cyber Security & Talk about AI, Cloud, Tech, Tools & UpdatesMd Ismail Šojal @0x0SojalSec
22K Followers 4K Following Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || GH0ST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||Fat @fattselimi
12K Followers 7K Following Hacking for fun and profit @Hacker0x01 @Bugcrowd @intigriti #CyberSecurity #1 @BMWGroup | Pentester @CytadelEuitrik ions @Kirti16995441
57 Followers 878 FollowingUsman 🪐 @UsmanDeveloper
38 Followers 408 Following SEO Learner | Running a blog | Love to read 📚 and documentations | Selling domain https://t.co/Tt647qhCWDShree @shree29k
20 Followers 179 FollowingAnonyVoid @AnonyVoid
59 Followers 781 FollowingTester @ace9499
56 Followers 1K FollowingAzhari harahap @blackarazi
419 Followers 1K Following Security Researcher | Senior Engineering Managerkaiwan Ahmad @kurd_scan
43 Followers 3K FollowingNikhil 🇮🇳 @Myth4ckz0x
272 Followers 2K Following Security Researcher | Bug Hunter | Infosec & Specifically Web guyManas Mahajan @manasmjn265
14 Followers 432 FollowingAniket Gupta @ComputerOfPlane
1 Followers 321 FollowingReza @henryy19965855
15 Followers 105 FollowingJony @jony_401
5 Followers 133 Followingech0Enigma @ech0_enigma
122 Followers 1K Following I'm looking for a cybersecurity mentor here. That's it.Hardik Rathod ⚡ @imhardikrathod
271 Followers 851 Following Penetration Tester | Bug Bounty Hunter | CTF Player | Intigriti | Detectify | Yogosha | CVE-2022-2775Manojkumar J @IAmHack37240743
122 Followers 187 Followingc0d6 @0OmdDmwUaDVJwe1
28 Followers 143 FollowingNguyễn Thanh Vuy �.. @DukeSec97
101 Followers 3K Following Cyber Security, malware, bug bounty hunter 🍷Sadik Mahmud @sadik0x01
109 Followers 1K Following Kill me or love me it's your choice but I'll shine againAnshil_Dev @AnshilDev7
1 Followers 141 Following⛅🌤️Adrian☀�.. @Nutritionist_AP
2K Followers 5K Following 🇩🇪🇷🇴🇺🇸 (DE/ROU/US) 🪲 🐞 = ❤️ I'm just around here sometimes. Views do not belong to my employer.Varun @ASAMCA01
0 Followers 112 FollowingLoganathan Venkatesan @Loganathanvenk1
7 Followers 2K Following Cyber Security Analyst , Malware Research, Penetraction Testing , Security ResearchPandyaMayur @pandyaMayur11
442 Followers 744 Following 👨💻Security Researcher | 🐞Bug Hunter | 💻Learner | ✨Grateful | IG:-cyber_talk_Anirban das @anirbandas_09
47 Followers 2K FollowingMOZA 369 @M0ZA369
25 Followers 258 Following pen tester bug bounty hunter ctf player #try_hack_me https://t.co/5VlDvlZfZuannumeena @annumeena19
62 Followers 4K FollowingBLUE FF @BLUEFF64528875
0 Followers 8 FollowingKhairy Ahmed @KhairyZakzouk
93 Followers 656 Followingzax @itsz4x
853 Followers 677 Following Security Researcher | Security Stuffs Learner | Explorer | Self Learner | Biker | Tourer | Movie Lovers | Foodie🤘--------- Let's Break SecuritiesWael @Liliexx2
801 Followers 859 Following مبتعث، عابر سبيل، لا ضرر ولا ضرار. الخاص مفتوح لاي استفسار، فلا خير في كاتم العلم. Ethical Hacker Dedicated to Enhance The Global Web Security.Ismail Arabi @IsmailArabi18
68 Followers 1K FollowingIntigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlBen Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷bugcrowd @Bugcrowd
161K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™Hussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking PlatformJason Haddix @Jhaddix
147K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.🇷🇴 cristi @CristiVlad25
38K Followers 151 FollowingSam Curry @samwcyo
77K Followers 949 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.The Bug Bounty Hunter @tbbhunter
34K Followers 0 Following The channel 'The Bug Bounty Hunter' is now on Twitter. ✉️[email protected]Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herhakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentroot@AkashHamal0x01:~.. @AkashHamal0x01
7K Followers 691 Following Solo | https://t.co/I6KH8WN8nm | Community Helper 🤝| WebApp Security 🐞 | Avid Learner 📖 | Male | Father of One | Married 💍publiclyDisclosed @disclosedh1
56K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBDCorben Leo @hacker_
68K Followers 659 Following I hack stuff (legally) | Jesus follower | Co-founder @boringmattressshubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnoteHackerOne @Hacker0x01
289K Followers 3K Following The only official HackerOne Twitter account. Peace of mind from security's greatest minds. #HackForGood #togetherwehitharderHet Mehta @hetmehtaa
24K Followers 954 Following Security Analyst | Content Creator | I Spread Cyber Security & Talk about AI, Cloud, Tech, Tools & UpdatesDavid Bombal @davidbombal
142K Followers 621 Following YouTube: https://t.co/xGPVEj6ULN Discord: https://t.co/GZI30F45va Website: https://t.co/MpcS9ylBrVSTÖK ✌️ @stokfredrik
127K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesecJustin Gardner @Rhynorater
27K Followers 2K Following Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 2x HackerOne MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️Bug Bounty Village @BugBountyDEFCON
216 Followers 3 Following Official X account for the Bug Bounty Village @DEFCON. Founded by @infinitelogins and @arl_rose.Chris Evans @scarybeasts
26K Followers 199 Following CISO and Chief Hacking Officer at HackerOne. Past: Founded {vsftpd, Chrome security, Google Project Zero}; Tesla; Dropbox. Hacker / Researcher. beebjit.NCIIPC India @NCIIPC
8K Followers 10 Following National Nodal Agency for Protection of Critical Information Infrastructure.Akshansh Jaiswal @Akshanshjaiswl
1K Followers 527 Following Security Engineer @CRED_club, Curious about things revolving tech 😛J e r r y @lordjerry0x01
2K Followers 272 Following Call me whatever you may, a hacker, a superhero or just another guy.BugBountyHQ @BugBountyHQ
24K Followers 92 FollowingEaton Z. @XeEaton
547 Followers 173 Following Security researcher @traceableai, reverse engineer, application developer.Jayesh Madnani @Jayesh25_
11K Followers 354 Following CEO and Hacker in charge @ EIS | HackerOne Top 15 | https://t.co/JSX03WutFNBlaklis @Blaklis_
7K Followers 800 Following Infosec and specifically web guy. CTF player from 0daysober. Bug Bounty Hunter & Researcher - securing the Internet :p 🇨🇭🇫🇷d0xing @d00xing
6K Followers 790 Followingrajat moury @moury_rajat
207 Followers 358 FollowingYusra Israr @IsrarYusra_
2 Followers 19 FollowingAnkit Singh @AnkitCuriosity
7K Followers 19 Following Cyber Security Enthusiast | Bug Hunter | 2nd place @bugcrowd Bug Bash 2021 & 2022 | Speaker @JoshTalksLive https://t.co/C2ixlQ3MtC | https://t.co/rbxJCW2ccACritical Thinking - B.. @ctbbpodcast
13K Followers 50 Following A 'by Hackers for Hackers' podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest exploitation techniques.Anirudh Malhotra @aninotrude
44 Followers 110 FollowingShivansh Sharma @5h1v4n5h_5h4rm4
8 Followers 92 FollowingMohsin Khan 🇮🇳 @tabaahi_
15K Followers 218 Following Full-time Bug Hunter, Real Estate & Stock Market Trader. Listed at more than 100 companies hall of fame.ᴅᴀɴɪᴇʟ ᴍɪ.. @DanielMiessler
140K Followers 922 Following AI · SECURITY · MEANING → HUMAN 3.0 ⚒️Founder of UL, Creator of Fabric & Threshold 👤Human 2.0: 🟩🟩⬛️⬛️⬛️ Human 3.0 📋Apple, Robinhood, IOActive, HP, ArmyJess @Hogarth45_
2K Followers 352 Following Reformed Baptist Son Of A Shepard Hackerone's Bottom 10 list since 2014Nishchhal Rtr @NishchhalRtr
56 Followers 109 Following OSCP| Cybersecurity enthusiast | CTF Player |Pranshu Kaushal @PranshuKaushal7
17 Followers 145 FollowingAman Mahendra @amanmahendra_
3K Followers 905 Following Infosec Guy! | Bug bounty hunter | Hackerone top 110 | Bugcrowd top 120 | Owned CVE-2023-44296Floerer @bug_dutch
2K Followers 342 Following Bug Bounty Hunter - CS Student - 🇳🇱 - MVH #1337UP0622 - https://t.co/JmznWlXSwm - https://t.co/IMspfhkMrYShashwata Samanta @Shashwata_2003
14 Followers 127 Followingcts🌸 @gf_256
52K Followers 624 Following Co-founder @zellic_io & @pb_ctf | YT: https://t.co/nlNai6iQCn Prev: Vector35, Grayshift, Two Sigma, Dfsec | 23yo hacker femboyImmunefi @immunefi
44K Followers 640 Following The leading bug bounty platform for blockchain with the world's largest bug bounties. More than $95m paid out to whitehats and $156m in rewards available.Nicolas Grégoire @Agarri_FR
26K Followers 608 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricksKarthik @86Karthik86
40 Followers 336 FollowingDEV Community @ThePracticalDev
312K Followers 3K Following The Twitter account that launched https://t.co/TJyCu2SDPd. Built on @forem 🌱 Also at @[email protected] On Bluesky @/https://t.co/TJyCu2SDPd No DMs — please email us for support!Alex Birsan @alxbrsn
12K Followers 562 Following Opinions only represent the views of my employer and are absolutely not my ownvx-underground @vxunderground
292K Followers 211 Following The largest collection of malware source code, samples, and papers on the internet. Password: infectedHuntress @HuntressLabs
32K Followers 548 Following Managed endpoint protection, detection and response designed to help the 99% fight back against today’s cybercriminals.1x0262 @canmustdie
2K Followers 113 Following appsec researcher / part-time bug hunter / author https://t.co/dX7oa0upJQ https://t.co/UocOq5wphc https://t.co/2gOdmaYflX https://t.co/67CuQQCNx1Abdel Hafid Ait Chikh @HafidAitChikh
809 Followers 3K Following h1 : https://t.co/PFrpt8XVJh Fb : https://t.co/4VPgJuI82lNetworkChuck @NetworkChuck
169K Followers 543 Following Believer. Beard. Coffee. Tech. Youtube. Check the link in my bio to see my latest video!Project Zero Bugs @ProjectZeroBugs
35K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project ZeroYay, I was awarded a $10,000 bounty on @Hacker0x01! hackerone.com/blaklis #TogetherWeHitHarder Another 0day on a lib for a local file read through php filters!
🚀 🌐 HTTP Toolkit offers a open-source solution for HTTP(S) debugging, testing, and development on Windows, Linux & Mac. Check it out at httptoolkit.com and contribute at github.com/httptoolkit. #DevTools #OpenSource #WebDevelopment bit.ly/43OwV05
Finally got h1 clear!!! hackerone.com/marvelmaniac?t… Thanks a lot @H1LeoW 💪
Similar to that Figma xss,I recently had a scenario where onerror/onload were blocked so I needed an event which would trigger automatically and should work for this case where user controllable value is assigned to a innerHTML but that element is never added to the dom.
2 interesting XSS writeups by @sudhanshur705 github.com/Sudistark/xss-…
@disclosedh1 i still find it bonkers that h1 triage have the power to say "nope this isn't a bug!" & close reports for companies they don't work for. imagine if x/twitter didn't review this report. not a good look for h1 triage
Took some time, but finally crossed the 5000 reputation mark on @Hacker0x01 #bugbounty #hackerone
ATTENTION all India based researchers !!!! Seems like @Hacker0x01 payment partner[@Currencycloud ] is no longer processing INR local & SWIFT (USD) payouts to India as per this post - hackeronestatus.com/incidents/x9cj… Kindly update your payout preference in @Hacker0x01
Hackers, here's an example of HackerOne's Detailed Platform Standards being used to get to a shared, and accurate understanding of severity (Critical for a mass sensitive PII leak in this case). Any other examples anyone wants to tag me in? Would appreciate it. cc: @ReconTushar
Found this on a newly added feature #bugbounty
@scarybeasts It would be nice if we could disable this via the notification settings, it's a bit spammy and may lead to missed invitations. Loving the recent hacktivity enhancements though.
An IDOR, with just an incremental ID (around 200m if we consider the ID began to 1 - but that's a pure assumption), leaking billing details for all shops that have at least a bill. In my honest opinion, that throws the question about their custom CVSS score being unable to really…
⚡ IDOR on GraphQL queries BillingDocumentDownload and BillDetails 👨🏻💻 blaklis ➟ Shopify 🟧 Medium 💰 $5,000 🔗 hackerone.com/reports/2207248 #bugbounty #bugbountytips #cybersecurity #infosec
Found some interesting bugs in Excalidraw used in @Meta Messenger (w @naglinagli and @0xteknogeek) as well as Microsoft Whiteboard some time ago. Here's the writeup! spaceraccoon.dev/clipboard-micr…
Enjin disclosed a bug submitted by @ReconTushar: hackerone.com/reports/2327238 #hackerone #bugbounty
Bug bounty hunting is very stressful. Hunters have al most no power against companies or platforms. There's an asimetry of power and information. Programs (companies) can refuse to accept a bug just because they can. Programs might delay triage and payment for months, even years
@ReconTushar Yeah I’ve done this too. Especially when the triager marks “PR” as low for a self sign-up application
The @BookMyForex has the worst service over there, the channel partner has refused to deliver the currency and customer is not helping me with it, they’re asking me to wait until they confirm. They can’t even immediately cancel my order so that i can buy it from somewhere else
I started learning about cybersecurity in 2021, and one of the first few videos I saw was @CryptoKnight01's about how he cracked OSCP at 20. In 2022, I won an OSCP voucher in @NahamSec's giveaway at nahamcon.