Found API keys or tokens but not sure where to test them? Try this site. it offers a wide range of services so you can quickly validate different types of API keys in one place.
🚨 We discovered an SSRF vulnerability in Flask 3.1.1 (CVE-2025-XXXX)!
Our full video will be live soon on YouTube and blog 🎥
📲 For now, early details are available only on our WhatsApp channel:
whatsapp.com/channel/0029Vb…#BugBounty#Cybersecurity#SSRF#Flask
Found an XSS bypass during a bug bounty:
Backend was only stripping quotes ("), so payload like:
<s"vg o"nload=al"ert() />
turns into a valid:
<svg onload=alert()>
🚨 Never rely on poor input filtering!
#BugBounty#XSS
HTTP/1.1 Must Die is coming to #romhack2025 as the keynote! In-person tickets are sold out but you can still watch the livestream. This is your last chance to catch it live - register to watch here:
youtube.com/watch?v=T009mz…
💡 #BurpSuite tip (learned it the hard way😅):
> I assumed I could set different audit rules per target (e.g. chasing specific bugs). ❌ Wrong.
- Unless configs are combined into one rule, Burp only uses the last config. In my screenshot, only the BCheck rule runs!
All…
🚨Alert🚨CVE-2025-59358~CVE-2025-59361 : Chaos Mesh Critical GraphQL Flaws
Enable RCE and Full Kubernetes Cluster Takeover
🧐Deep Dive
:jfrog.com/blog/chaotic-d…
📊1.6K+ Services are found on the hunter.how yearly.
🔗Hunter
Link:hunter.how/list?searchVal…
👇Query
HUNTER :…
Testing for file upload vulnerabilities? 🧐
Check out Malicious PDF Generator, an open-source toolkit to help you generate tens of malicious PDF files designed to exploit various vulnerabilities and insecure features found in PDF readers! 🤠
🔗 github.com/jonaslejon/mal…
IDOR allows me to upgrade my own user role to Admin 😃
Also, I can downgrade the real Admin just by simply changing the ID and "isAdmin": true/false
Easy bug highest impact!
#bugbountytips
A recent SSRF in a PDF generator 👇
The server converted my supplied HTML into PDF, so I dropped in a <meta http-equiv="refresh" content="0;url=http://10.20.x.x/"> tag and got the backend to fetch responses from the internal network. I was able to access an API on internal…
pwnedOrNot: An OSINT Tool for Finding Passwords of Compromised Email Accounts
GitHub: github.com/thewhiteh4t/pw…
Per the repo: "pwnedOrNot works in two phases. In the first phase it tests the given email address using HaveIBeenPwned v3 API to find if the account have been breached…
97 Followers 2K FollowingTrust in His plan | God's love makes even the hardest journeys worthwhile | His love is the compass guiding your life's purpose |
23 Followers 725 FollowingPre-Final Yr @ReachNITT
Full time Hacker & Part time Founder and CPO Cywreck
Cybersecurity Hall of Fame Yubi @FreshworksInc @Mindtickle @ShiprocketIndia @Bayer
80 Followers 496 FollowingJust a simple guy with a passion for exploring and playing with security. Always looking for new challenges and ways to make the digital world safer.
2K Followers 972 FollowingTo catch an adversary you must become one. Always deliver more than expected !!!!!! All post are educational purposes only. prompt Library ⬇️ URL
66K Followers 9K Followingजय श्री राम | हर हर महादेव | सनातनी योद्धा: नफरत के कीड़ों का शिकारी | तर्क से लड़ता, कर्म से जीतता | हिंदुत्व की रक्षा में अडिग, आस्था पर हमला बर्दाश्त नहीं!
132K Followers 57 FollowingProviding intel from the Dark Web & Clearnet: Breaches, Ransomware, Darknet Markets, Threats, Crypto & more. Follow X Bot: @DarkWebIntelBot. https://t.co/Fi7VW9lg94
4K Followers 528 FollowingLead Security Researcher at @sherlockdefi
100+ audits done and over 400 H/M found https://t.co/JZpEyygsPC
Request an audit at https://t.co/MXMdM6cwva
37K Followers 528 FollowingHacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 6 years. YES Team Member
24K Followers 464 FollowingSharing insights on AI, Entrepreneurship, Online Business & Productivity • help people to Market & Launch SaaS and AI products. 📧 [email protected]
5 Followers 2 Following✈️Sole Mono Pole Travel Agency provides customized tour packages for South Korea, Maldives, and Sri Lanka, ensuring unique and memorable experiences.
No recent Favorites. New Favorites will appear here.