Shamem Ahmad @blkryd
InfoSec researcher #learn2hack #infosec Dhaka, Bangladesh Joined August 2017-
Tweets94
-
Followers44
-
Following263
-
Likes90
🎯 Google Dorking 101 : 10x your Scope & Recon game 👇
Two CORS bugs on two different domains: 1st bypass: target.com.evil.com 2nd bypass: eviltarget.com #bugbountytips #bugbounty #cybersecurity
Find leaked API Keys and Secrets using a single GitHub search query gist.github.com/win3zz/0a1c705… Tip: Never commit your keys/secrets to your public repository #Security #DataLeak #Hacking
Some tips for testing fileupload functionality (accepting xlsx file) - formula injection to ssrf =WEBSERVICE(google.com ) - try xxe payloads inside xlsx files to exploit parsers, after unzipping xlsx file ( you can add xxe payload in files like…
Payloads to try on phone number input fields by @securinti XSs +441134960000;phone-context=<script>alert(0)</script> Parameter pollution (1) +441134960000;phone-context=&phone-context=+442.. Parameter pollution (2) +441134960000;ext=1;ext=? SQL injection…
My new favorite SQLi finding methodology returning some great results... SQL Injection in `X-Forwarded-For:` header. #BugBounty
Spent some time using github.com/fyoorer/Shadow… today. It's pretty good. Make sure your Python env matches the runtime Python env, besides that everything works out of the box. Thanks @fyoorer for your work on this! Httpx on 150k subdomains in about 3-4 minutes.
I found 2 Blind time-based SQL Injections in X-Forwarded-For: header just using Burp Intruder. Made a list of 500+ HTTP request and tested one by one for 3+ hours, here is the result.. X-Forwarded-For: 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z #BugBounty
If you happen to find Symfony Web Framework that has Symfony profiler debug mode enabled, fuzz the following endpoints: - /app_dev.php - /app_dev.php/_profiler/phpinfo - /app_dev.php/_profiler - Look for "profiler token" in phpinfo() #BugBounty #BugBountytips
🚨 NEW Feature Alert! 🚨 📸 With the httpx v1.3.0 release you can now take screenshots of target URLs, pages, or endpoints along with the rendered DOM! 😱 ⌨️ Update httpx with the -up option now to try it out! What are you waiting for! 🤘 #hackwithautomation #bugbounty
"burp-vps-proxy: This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services." #infosec #redteam #pentest github.com/d3mondev/burp-…
500 hosts 65535 ports in 10 minutes :) Save your time on portscans use masscan with --max-rate 100000 to get it done within a few minutes #bugbountytips
echo xxx.com | alterx | httpx -nc -t 300 -p 80,443,8080,8443,8090,9090 -silent | nuclei -rl 300 -bs 35 -c 30 -mhe 10 -ni -t /root/nuclei-templates/ -stats -silent -severity critical,medium,high,low -es info
echo xxx.com | alterx | httpx -nc -t 300 -p 80,443,8080,8443,8090,9090 -silent | nuclei -rl 300 -bs 35 -c 30 -mhe 10 -ni -t /root/nuclei-templates/ -stats -silent -severity critical,medium,high,low -es info
If you have a JSON login page, test blind-SQL injection directly in the username and/or password fields like below. #BugBounty #SQLInjection #BugBountytips Payload injected in username input field:
Found a directory listing? You can use `wget -r --no-parent target.com/dir` to recursively fetch all the files (+structure) to your machine. Now you can view the structure, search, and grep in files. credit:@2RS3C #BugBounty #BugBountytips
WAF bypasses XSS payload in JSON Payload: ["');alert('XSS');//"]@xyz.xxx #WAF #xss #BugBounty #BugBountytips
Found another SQLi on @Bugcrowd 's private program #ItTakesACrowd #BugBounty #BugBountytips #BugBountytip Tip: Use this payload 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z In the value of every parameter and check if response delays according to the provided time in payload
Good morning SQL injection ❤️😎 #Sqli
Tufail @tufail_073
276 Followers 2K Following |HackTheBox| |TryHackMe| |Offensive Security| Currently in pursuit of accomplishing OSCP
Deandra @DeandraSec
762 Followers 4K Following Security Researcher | Bug Bounty🎯, Web&Mobile Apps Security | Red Team🔥 | Offensive Security
Sri Ram @SriRam71554361
2 Followers 69 Following My channel link 👇 YouTube : https://t.co/Yah8lVBbWv Telegram : https://t.co/nx4He0Va30
Souvik Mondal @SouvikM04639959
16 Followers 381 Following
Zeyad @7z3yad
707 Followers 534 Following
Mahmud Shamim @MahmudShamim6
595 Followers 1K Following I Love Self. l love humanity. I hope, One day People will win, Humanity will Win. Long live Bangladesh. Long live The World .
Vitthal Shinde🇮�... @0_1VitthalS
515 Followers 2K Following Cyber Security Enthusiastic #Its_all_Binary
Parvej Mahmud @lnwolf16
5 Followers 31 Following
Eon KId @EonKid789
0 Followers 6 Following
Maherin Mizan @MaherinMizan
1 Followers 2 Following
Mukesh Kumar @hack_logic
89 Followers 2K Following Lead Security Engineer | SRT Member |OSCP | CREST CPSA | CREST CRT | eWAPTX | CEH | ISO 27001 | CISC
Sakib Ahmed @_SakibAhmed_
6 Followers 114 Following
Ngono @_MNAE_
115 Followers 5K Following
⛺️ @karthik_13337
33 Followers 871 Following
Thilakesh @thilakesh00791
74 Followers 747 Following Learner📙 | Security Engineer🐱💻 | RedTeam Guy👨💻 | CTRE
Shams Alam Khan @shams_a_khan
30 Followers 185 Following I eat, study and do Marketing.Trying to get in shape and win a marathon race.I can suggest you the perfect book based on your mood. Follow me up IG: shamsorjito
helloworld/ @hellodebug8
255 Followers 6K Following
Arpit Borawake @_venom26
822 Followers 930 Following Ethical Hacker and Bug Bounty Hunter. Hacker @hadriansecurity
Deepak Gangula @deepakmikee
83 Followers 134 Following
YULINLIN @NLinken
0 Followers 19 Following
Hacker_Instinct @NITESH22SHARMA
49 Followers 640 Following
test domain @User2Micro
719 Followers 4K Following
$ @wanted0x
22K Followers 8K Following
除了吹牛啥都不... @Drift52971192
13 Followers 824 Following
Nitish Dubey @iamnitishdubey
51 Followers 455 Following
Chirag Savla @chiragsavla94
3K Followers 5K Following With Knowledge We Know the Words.. But... With experience We Know their Meaning ! #HOF #Microsoft #BigBasket
Umang Bhanu @0ut0fb4nd
263 Followers 2K Following OSCP | Security Analyst by day | CTF'er by night | HTB | Mess with the best, Die like the rest !
Md. Rakibul Hasan Kha... @therkbhasan
78 Followers 538 Following A simple guy with many goals! Beginner ctf player Trying to learn web application pentesting
Md AKTHER @MdAKTHE99617346
7 Followers 148 Following
Digital L Solution @dlsolution2017
153 Followers 1K Following
Razibur Rahman @MD_RAZIBUR
231 Followers 671 Following Expert Frontend Developer I Specialize in React.js, WordPress, Shopify & Wix. Let's build something amazing! ✨ #FrontendLife #OpenForProjects #CreativeDev
Pew @TheGrandPew
3K Followers 634 Following Defying Logic. BlackHat US 2022 & Defcon 30 Speaker. Pwn2own Winner 2024 & 2025.
Dark Web Intelligence @DailyDarkWeb
139K Followers 0 Following Daily Dark Web dose from the dark side.
CyCatz @CyCatz_Official
7K Followers 182 Following Provide one-stop world class robust effective Cybersecurity solutions which is required for current & future state of the art technology.
Aseem Shrey @AseemShrey
8K Followers 3K Following Founder https://t.co/gzIQqhCPZb - We handle security. You ship awesome products 🚀 🛠️ Founder SecureMyOrg 📹 https://t.co/ZjN2YzePJW #cybersec #privacy
deepnude.to @DeepnudeTo
19K Followers 101 Following No downloads, no registration, no bullshit. Your daily fix for #deepnude content!
LlamaIndex 🦙 @llama_index
102K Followers 28 Following Build AI agents over your documents Github: https://t.co/HC19j7veGE Docs: https://t.co/QInqg2yMCJ LlamaCloud: https://t.co/yQGTiRSfFL
Anton Osika – eu/ac... @antonosika
64K Followers 1K Following building the last piece of software @lovable_dev prev physics
Aviad Carmel @AviadCarmel
419 Followers 197 Following
Lu3ky13 ⚡️⚡️ @lu3ky13
14K Followers 782 Following Co-Founder @suly_con @CyberShield01 | EWPT | ECCPT | CCNA | CCSP-AWS | CAPen | CNPen | CAPenX | CRTO |All HTB PRO | PT1 | CRTeamer | B.S. Accounting | C-APIPen
🐞Sara Badran @SaraBadran18
8K Followers 100 Following #bugbounty hunter / penetration tester , gamer 🎮 eWAPTX / eWAPT / eJPT 💻
Nuclei by ProjectDisc... @pdnuclei
37K Followers 183 Following Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
Ninad Mishra @NinadMishra5
6K Followers 667 Following Previously ethically hacked Google, Likedin, Twitter, Paytm, Redhat, Oracle, Apple https://t.co/xU23c1Rs3s
Slack @SlackHQ
435K Followers 122K Following On a mission to make your working life simpler, more pleasant and more productive. Need help? Email [email protected]!
Reeboot_to_init5 @ReebootToInit5
4K Followers 327 Following Just another NooB Hacker🫡 Hakuna Matata ☠️ quite unapologetic when it comes to my country and religion
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
Synack Red Team @SynackRedTeam
49K Followers 621 Following The power behind the @Synack platform is an elite team of the world's top cybersecurity researchers. Our best are honored at https://t.co/6bEAyp7HWJ
OffSec @offsectraining
325K Followers 119 Following Empowering the world to fight cyber threats with indispensable cybersecurity skills and resources. Build the path to a secure future with OffSec.
Vickie Li @vickieli7
32K Followers 194 Following Infosec nerd. Hacks and secures. Creates god awful infographics. Author of #BugBountyBootcamp. Security @instacart.
NetworkChuck @NetworkChuck
220K Followers 636 Following Believer. Beard. Coffee. Tech. Youtube. Check the link in my bio to see my latest video!
Hack The Box @hackthebox_eu
231K Followers 230 Following Cyber Mastery: Community Inspired. Enterprise Trusted.
张惠倩 @momika233
18K Followers 222 Following Anda boleh melakukan segala-galanya dari syurga ke bumi, wanita kecil!! If you have any questions, please contact me https://t.co/MkzsavUU9V
Abhishek Meena - {�... @aacle_
41K Followers 251 Following Co Founder & COO At https://t.co/mpHluWMzHS | Bug Hunter ✦ 🖊️ Tester
PinkDraconian @PinkDraconian
11K Followers 276 Following ▶️ YouTube: https://t.co/j2KvfZx6Un 💼 LinkedIn: https://t.co/1Ky1Jft7mj
Mudit Gupta @Mudit__Gupta
69K Followers 1K Following CTO @0xPolygon Labs | Intern @deq_fi | Blockchain Security Researcher | Ethereum & Web3 dev | Advisor & Angel Investor 🦇🔊
Pentabug @pentabug
1K Followers 15 Following Premium crowdsourced security & responsible disclosure platform
Sami @ZulkarnainSaer
126K Followers 788 Following Bangladeshi | Producer @AJIUnit | Affiliate @OCCRP | Occasional digs @Haaretzcom @NetraNews @Bangla_Outlook | Threema:SASX9R2K | Signal: ZSK.01 (Views my own)
Rich Warren @buffaloverflow
11K Followers 667 Following Red Team & Offensive Security Research @AmberWolfSec // @buffaloverflow.rw.md on bsky
pwn.ai @pwn_ai
8K Followers 1 Following Built to breach. Agentic hacking ecosystem in the works. coming soon. Built by the amazing team @OctagonNetworks
Emad Shanab - أبو ... @Alra3ees
51K Followers 601 Following Father | Lawyer | Bug Bounty Hunter | Complete newbie | Every Law has its own Bugs. https://t.co/Cwuy2zfF8N https://t.co/Bd9ltJWS5X
Abdullah Nawaf (Hacke... @XHackerx007
8K Followers 439 Following Hackerx007 Bug hunter FB/Twitter/Mail.ru HOF 41 Bugcrowd rank 11 Bugcrowd P1 rank with 226 p1 :) In love with P1 ;)
RUSHII🦁🇮🇳/ @u1tran00b
3K Followers 481 Following Infosec Junkie, Pentester, Part-Time Bug Bounty @Bugcrowd @SynackRedTeam, Ambassador @Bugcrowd, Freelancer 💻 🎒 | CRTO | eCPPTv2 | eWPTXv2 | ShivaHolic 🕉🔱
Musab Khan @Musab1995
4K Followers 750 Following Certified Ethical Hacker | Penetration Tester | Youtuber
prin @fuxksniper
8K Followers 101 Following frankenstein coder, Hacker, Bug Bounty Hunter dead insyde CEO/Founder - @AcademyCipher
Rodolfo Assis @RodoAssis
10K Followers 121 Following That #XSS and #WAF #bypass guy. @BRuteLogic @KN0X55
HackerRats - Uncle Ra... @theXSSrat
155K Followers 951 Following Alone we survive, together we prosper. Are you with me? https://t.co/AfnDsVhqqA
Harsh Bothra @harshbothra_
43K Followers 740 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
Ahmad Halabi @Ahmad_Halabi_
11K Followers 373 Following Sr. Security Specialist | Hacker | Developer | Managing Director @RESecurity | Hacked 200+ Companies | ahmd_halabi (h1) | https://t.co/gmkgIeONun
Nagli @galnagli
39K Followers 482 Following Hacker; Head of Threat Exposure at @wiz_io 🧙♂️; Bug Bounty Hunter; Live Hacking Events Winner
André Baptista @0xacb
17K Followers 784 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiack
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
S4vitar @S4vitar
103K Followers 37 Following Hack4u CEO & Founder (https://t.co/7bB6syuUdw). Creador de contenido de Hacking y Ciberseguridad. Hacking y Ciberseguridad. 📩 ▶ [email protected]Trends for United States
You might like
