Udhaya Prakash @sherlocksecure
Product Security @Zomato | I'm that SherlockSecure ;( chat.whatsapp.com/F7F4gPEgjGk9gc… Chennai, India Joined March 2013-
Tweets826
-
Followers4K
-
Following159
-
Likes1K
🚨 Last call for the Zomato Scattered Secrets promotion! 🚨 Only a few days left before the deadline on March 31st! ⏳ Got any juicy intel on Zomato lurking online? 💻 Now's your chance to spill the beans and earn big $$$$! 💰 Submit your findings of sensitive data from…
Meanwhile the automotive vulnerability researchers 🤣 🥵
Here come the IDOR campaign once again 🤓. Hack the planet 🌍 #Zomato @Hacker0x01
Here come the IDOR campaign once again 🤓. Hack the planet 🌍 #Zomato @Hacker0x01
Do you want to know how the @zomato Security Team detects accidental source code and secret keys getting leaked by the developers? Introducing Vinifera -> blog.zomato.com/introducing-vi… #BugBounty #BugBountytip #infosecurity #infosec @Hacker0x01 @Bugcrowd
Shoutout to the awesome folks at @githubSecurity. They sent me an incredible batch of swag that made my day! From a Fuji camera for epic hacking pics to a custom hoodie that's my new hacking armor & a travel laptop bag for hacking on the move.Thx for the amazing surprises @github
Shoutout to the awesome folks at @githubSecurity. They sent me an incredible batch of swag that made my day! From a Fuji camera for epic hacking pics to a custom hoodie that's my new hacking armor & a travel laptop bag for hacking on the move.Thx for the amazing surprises @github https://t.co/giMxZj252f
I’m still worthy 😂 @Bugcrowd #BugBounty
github.com/sherlocksecuri… Here is my python script for automating the @IntelligenceX_ APIs. Just add your API Key & keywords and wait for results in your slack workspace with username/password leaks for bug bounty target. Feel free to raise a PR :) #BugBounty #BugBountytips
First winner @ItsAnkitsss DM me for voucher ( For explaining his goals & plans to learn). Still 2 vouchers left for best bug bounty methodology!!
First winner @ItsAnkitsss DM me for voucher ( For explaining his goals & plans to learn). Still 2 vouchers left for best bug bounty methodology!!
I earned ₹80,000 😁 for my 2nd submission on @pentabug dashboard.pentabug.com/user/profile/s… Early morning rewards 😁 . Joining @pentabug is similar to @SynackRedTeam #bugbounty #infosec
I earned ₹40,000 😁 for my submission on @pentabug dashboard.pentabug.com/user/profile/s… Have a look at this platform guys!!! Really fast triage and rewards within 12 hours of reporting!! #bugbounty #infosecurity
———-END PRIVATE KEY———- 🤪
I earned $3,000 for my submission on @Bugcrowd bugcrowd.com/sherlocksecure #ItTakesACrowd Mastering my IDOR chaining skills 🤪😎
I earned $5,000 for my submission on @Bugcrowd bugcrowd.com/sherlocksecure #ItTakesACrowd Solid P1 😊 chained two endpoints and made it!!
This year I’m attending @nullcon #Goa #2022 international conference ❤️. Attending one of @riyazwalikar training along with the corporate conference! See you everyone there 🤟🏻🥴 #infosec #bugbounty
I earned $6,000 for my submission on @Bugcrowd bugcrowd.com/sherlocksecure #ItTakesACrowd A OOB SSRF finally validated by the team after 6 months 🤯. #bugbounty #bugbountytips #infosec #cybersecurity @Hacker0x01 @SynackRedTeam
Intigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlMd Ismail Šojal @0x0SojalSec
22K Followers 4K Following Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || GH0ST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||Renganathan @IamRenganathan
12K Followers 677 Following 19 | Ethical Hacker | Building R Protocols | Speaker | 25+ talks | Secured Google, Apple, LinkedIn, UN, Medium & more | Tweets are personal :)Farah Hawa @Farah_Hawaa
44K Followers 840 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mineHet Mehta @hetmehtaa
24K Followers 953 Following Security Analyst | Content Creator | I Spread Cyber Security & Talk about AI, Cloud, Tech, Tools & UpdatesTuan Anh Nguyen 🇻�.. @haxor31337
13K Followers 2K Following 28 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowdroot@AkashHamal0x01:~.. @AkashHamal0x01
7K Followers 691 Following Solo | https://t.co/I6KH8WN8nm | Community Helper 🤝| WebApp Security 🐞 | Avid Learner 📖 | Male | Father of One | Married 💍Anton @therceman
20K Followers 596 Following 👋 I’m Anton (therceman) 🪲 Bug Bounty Hunter 💬 Sharing Bug Bounty Hunting Knowledge ℹ️ ➡️ 🎞️ https://t.co/D1MVWyjoKS 💡 https://t.co/ZsPdqy8BI6Akita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only SpaceSachin Pandey @sachin_pandey98
4K Followers 549 Following Security Engineer | Penetration Testing | #bugbounty | #cybersecurityFat @fattselimi
12K Followers 7K Following Hacking for fun and profit @Hacker0x01 @Bugcrowd @intigriti #CyberSecurity #1 @BMWGroup | Pentester @CytadelEuAhsan Khan @hunter0x7
33K Followers 1K Following [Hacker + lover of bash] I Don't know how to hack but i know how to pwnd!3nc0d3dGuy @3nc0d3dGuY
7K Followers 733 Following Building https://t.co/OrTb8I3xXe in Mornings, Nights at HackerOne (https://t.co/fn357xbB8E)Gokul A.P @CodingGokul
2K Followers 260 Following Python Programmer | Web developer | Web Pentester | CTF PlayerGowtham Naidu Ponnana.. @gowtham_ponnana
4K Followers 679 Following Just a 6'4 feet curly hair guy looking into the code assuming that he'll find bugs. (And he does😌) Security Researcher @techfund_inc ( We're comingggg.... )shivam tripathi @shivamtrip25
2 Followers 10 FollowingMohamad Abrar @perishdeath
16 Followers 471 FollowingHacker V @HackerV72847
9 Followers 104 FollowingTanmay Jain @BugCrusader
1 Followers 102 FollowingCorerouter @corerouter
92 Followers 334 Following I am here. I am there. You'll find me in most places you go to. You can see me but can't meet me. Try all you can, you'll never be able to grab me.Jashanpratap.sol @jashandotsol
581 Followers 653 Following Creating Content occasionally|Comp Eng student| AI and Web3 enthusiast | Contributor @SuperteamDAO | Building: @DegenHive | Ex. @capxfiL19-Siranjeevi.V @Siranjeevigo
11 Followers 102 Followingdub (redemption arc �.. @Dub0x3A
2K Followers 833 Following Crypto HFT | Equity RIA - journey to sub micro Quant / Equity / Crypto conference goer (mallard gang)Ashutosh Kumar Singh @0xAshutosh
13 Followers 428 Following 💻 Software Engineer & Security Enthusiast • exploring new Technologies • Passionate Coder 🔥 | 3x GCP | AI Enthusiast,Opensource ask me about DevOps & SecurityB2B Cyber Security.de @B2bCyber
2K Followers 4K Following IT-Storys, News, Meldungen, immer aktuell - IT stories, news, reports, always up to date Alle Meldungen in Deutsch und / and all news in EnglishThreat Entel @Entelligen
65 Followers 122 FollowingBhavin Vasara @Itzzmegrrr
8 Followers 290 Following Hacking and chilling | Vulnerability analyst @mastercardhope @hope380962
2 Followers 2K Following A young man is exploring action, meeting the future of technology changemlecchaslayer156 @mlecchasla37448
98 Followers 3K FollowingBooks Shop @books_shop89235
6 Followers 8 FollowingAustino A @austino_as
367 Followers 591 Following M.S. Cybersecurity || Security Researcher || Secured Google, United Nations, SpaceX and more.bitf00l @bitf00l
2 Followers 13 FollowingMd Mosaraf Hossain | .. @mosarafit
24 Followers 194 Following 🏅 Certified by @Google 🎵 #YouTube & #MusicPromoter 📱 #SocialMediaManager ✨🌍 @SEO Analyst #spotify 📌 Webinar registration 📩DM me for HelpRitik Bhardwaj @bhard96925
14 Followers 225 FollowingHaykeens paul @HaykeensP
31 Followers 130 Following Optimistic being... software engineering enthusiastmohammed atary🇵�.. @mohamme03882078
159 Followers 2K Following Network Engeneering and Security Student at JUST H4ck3r_t0_b3 👨💻 CTF player 🏴 Petrol Head 🏎️mohamed ali @mhmmd_aliiii
9 Followers 1K FollowingRomil Momaya @ROMIL0209
11 Followers 138 FollowingUmesh Jangid @UmeshJa01713778
2 Followers 107 FollowingSHIV∆M @_shivammusic
253 Followers 413 Following //onclick=prompt(" shivammusic ")/" "Chai pio biscuit khao (SHIVAM Remix)" OUT NOWJhin @blamingsion
84 Followers 1K FollowingRandom Tweets @RandomTweetsxyz
15 Followers 63 FollowingAsim Verdiyev @aska0x00
0 Followers 85 FollowingDhruva Goyal @dhruvagoyal
345 Followers 775 Following founder @BugBase, pentest copilot | bug bounty. dropped out, OSCP, OSWE, OSEPBhavesh aka ShellBrea.. @shellbreaker_
264 Followers 366 Following 1.5 year of Experience in Application Security | Bug Bounty | CAPen | https://t.co/VjkgibdaJ6 | https://t.co/sGKNwqTMFTSagar Chauhan @sagarchauhan005
325 Followers 829 Following Fast with computers, slow with people. A Geek A PolyMath A Bootstrapper An Ethical Hacker A Senior Technical Product ManagerTauheed Ahmad Khan @tauh33dkhan
317 Followers 338 Following OSCP | Bug Bounty Hunter | CTF Player | Full Stack DeveloperIntigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlPentesterLab @PentesterLab
153K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!bugcrowd @Bugcrowd
160K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™🇷🇴 cristi @CristiVlad25
38K Followers 151 FollowingJoseph Thacker @rez0__
49K Followers 865 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.Sam Curry @samwcyo
77K Followers 943 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.Hussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking PlatformJason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.Farah Hawa @Farah_Hawaa
44K Followers 840 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mineCorben Leo @hacker_
68K Followers 660 Following I hack stuff (legally) | Jesus follower | Co-founder @boringmattressshubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnoteBug Bounty Reports Ex.. @gregxsunday
38K Followers 555 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.Yassine Aboukir 🐐 @Yassineaboukir
26K Followers 338 Following HackerOne Top 20, Pentest Lead, Ambassador, MVH Title and Hacker Advisory Board • Digital Nomad • Aspiring Athlete.ReconOne @ReconOne_bk
16K Followers 49 Following Tweet about Bug Bounty, Recon, Recon Tips and Attack Surface. Improve you Recon skills and find your first Bug 💪Anton @therceman
20K Followers 596 Following 👋 I’m Anton (therceman) 🪲 Bug Bounty Hunter 💬 Sharing Bug Bounty Hunting Knowledge ℹ️ ➡️ 🎞️ https://t.co/D1MVWyjoKS 💡 https://t.co/ZsPdqy8BI6Akita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only SpacepubliclyDisclosed @disclosedh1
56K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBDtceofficial @tceofficialpage
1K Followers 52 Following Thiagarajar College of Engineering(TCE), Madurai, an ISO 9001:2008 certified Institution affiliated to Anna University.Dhruva Goyal @dhruvagoyal
345 Followers 775 Following founder @BugBase, pentest copilot | bug bounty. dropped out, OSCP, OSWE, OSEPCalories details @CaloriesChart
120K Followers 169 FollowingIntelligence X News @Info_IntelX
763 Followers 0 Following Intelligence X is a search engine and data archive. This account tweets announcements & status updates of the service. 📢Chevon Phillip @ChevonPhillip
3K Followers 3K Following CEO & Founder of RedVault Security | Senior Application Security Engineer | Tweets are my own. 🇬🇩🇺🇸Ninad Mishra @NinadMishra5
5K Followers 626 Following Follow me for daily tips on cybersecurity, bugbounty hunting & researching . opinions are my own https://t.co/xU23c1Rs3sSipan V'artagnan @Hexen1337
6K Followers 2K Following 🔫 Chief Mammoth Killer @hexensio & @xyz_remedy || https://t.co/qvK94LY8Fu 🦇🔊 Opinions are my own!Anand Prakash @anandpraka_sh
11K Followers 1K Following Founder & CEO, @pingsafeai, Top ranked whitehat hacker on Twitter, Uber, LinkedIn, MetaMohd Shibli @_d3f4u17_
904 Followers 379 Following Sensei 🧑🏫 | Dev💻 | Sysadmin | Security Engineer @zomato | Opinions are my own and not the views of my employerNolan @ma1fan
3K Followers 1K Following @exvulsec as founder. Catchme at @immunefi now rank top 17th year of 2023, Ex at @huawei as mobile security researcher, Learn from everythingchybeta @chybeta
13K Followers 2K Following looking forward to bug bounty collaboration https://t.co/VVU1OV5yz6Ben Heald @heald_ben
1K Followers 274 Following Security Engineer @ Meta | ExBugcrowd | CS MS grad @RITtigers | My thoughts are my own, not my employer's. | Potatoes? Boil ‘em mash ‘em.Trade Cymatics @TCymatics
10K Followers 32 Following Renko Based Options | Market Simplifier | Trend Trader | System Builder | 16 years of Options Trading | Trading Zones !!Bipin Jitiya @win3zz
7K Followers 139 Following Founder of @Cuberks. Maker, hacker, security researcher. Love nature and psithurism. Tweets mostly about hacking, tech, entrepreneurship, and other geeky stuff.Critical Thinking - B.. @ctbbpodcast
12K Followers 50 Following A 'by Hackers for Hackers' podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest exploitation techniques.Peter M @pmnh_
3K Followers 565 Following aka pmnh / ex-Security researcher / Synack #1 SRT 2022-2023 / Synack, HackerOne, BC / Deep recon / source code analysis. Opinions my own, not employer.HTTPVoid @httpvoid0x2f
4K Followers 69 Following Infosec | Managed by @rootxharsh @iamnoooob | Research for @pdiscoveryioJatin Dhankhar @jatindhankhar_
739 Followers 179 Following Security Engineer / Developer @zomato, Programmer, Reader and bragger. Views (Controllers and models as well) my own. All Views are very obviously just mine.Shivam Goyal @g33kyshivam
902 Followers 2K Following Appsec @Zomato | Mobile Security | Web Developer Opinions are my own. RTs != endorsement.Khaled Hammad @KHRoot93
78 Followers 348 Following 🐛 Bugbounty Hunter 🐛 💻 CyperSec 💻 🎩 Whitehat Hacker 🎩 📈 Information Security 📈GitHub Security @GitHubSecurity
15K Followers 96 Following The @github Security team. 🚨 Report vulnerability: https://t.co/wTLhTm60PQ. Security Research: @GHSecurityLab. We're hiring!Ayushi Chky @kuttrapali26
317K Followers 182 Following SEBI Licensed RIA INA000008075, Views Are personal & For Educational Purpose Only, [email protected], Telegram https://t.co/Gk8IuBFd4RWatcher.Guru @WatcherGuru
2.3M Followers 1 Following Watcher Guru gives you unparalleled, unbiased coverage of all-things finance in real-time | Tweets Are Not Financial Advice0xor0ne @0xor0ne
55K Followers 525 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |cje @caseyjohnellis
29K Followers 4K Following founder/chief strategy officer @bugcrowd && co-founder @disclose_io || pioneer of crowdsourced security as-a-serviceASN Lookup @asnlookup
15 Followers 2 Following Autonomous System Numbers (ASN) internet search engine to lookup updated info about specific ASN, Organization, CIDR, or registered IP addresses (IPv4 & IPv6).Blinkit @letsblinkit
70K Followers 13 Following Mango Stan Account 🥭 | India's Last Minute App ✨ | A @Zomato Company | For assistance, please reach out to @blinkitcaresHunter @HunterMapping
11K Followers 186 Following Internet search engine for security researchers https://t.co/PYY1kXgbiizomato @zomato
1.6M Followers 7 Following chai fan account, for any support you can reach out to @zomatocareCybersek PVT LTD @Cybersek_Secure
11 Followers 15 Following Cybersek is an Indian-Based cybersecurity provider of integrated business information security solutions with an innovative approach to IT security.Osint For All @AllForOsint
11K Followers 14 Following Our mission is to educate any/all Internet users about Open Source Intelligence(#OSINT) & technology. YouTube - https://t.co/09C95FYpqHSecurity @XSecurity
40K Followers 0 Following The Security Team at X | Report a security vulnerability: https://t.co/IDBMumf7e8Rohit Jadav @saucyvip3r
400 Followers 1K Following Security Researcher #infosec #cloud #containers #securityAssetnote @assetnote
8K Followers 0 Following Assetnote combines advanced reconnaissance and high-signal continuous security analysis to help enterprises gain insight and control of their evolving exposure.itrik ions @Kirti16995441
57 Followers 877 Followingwvu @wvuuuuuuuuuuuuu
6K Followers 1K Following Sentient one-liner grepping the Internet for signs of intelligence. VulnCheck. Previously Atredis, Rapid7 vuln research, and Metasploit.Wallarm @wallarm
3K Followers 4K Following Integrated #App and #APISecurity. For modern enterprises.XSS WAF Bypass, One payload to rule them all, a nice read from @0xEdra 🔥 onetest.fr/posts/xss-waf-…
You've probably seen this SQL Injection payload before... 🧐 But how does it exactly work? Let's break it down and also craft a few variants for bypassing WAFs! 🤑👇
Find domains that have "xyz" in their whois curl -H "User-Agent: Mozilla" "viewdns.info/reversewhois/?…" | grep -Po "<tr><td>[^<]+</td>" | cut -d '>' -f3 | cut -d '<' -f1 🔥Handy use cases🔥 - "Microsoft Corporation" - "Elon Musk" - "[email protected]" ⚠️ use + instead of spaces
python-multipart (which is also used by FastAPI and Starlette in form requests) is vulnerable to ReDos: github.com/Kludex/python-… 1. Find requests that use `application/x-www-form-urlencoded` as a Content-type (basically many form requests) or if you're code reviewing, you may…
Recently, I discovered a DOMPurify bypass in the case of CUSTOM_ELEMENT_HANDLING and FORBID_CONTENT options usage ⏭️ This issue isn't a big deal as it doesn't involve a default configuration bypass. However, I thought it was interesting to document it 👇 mizu.re/post/playing-w…
Use @Chocapikk_ CVE-2024-21887 exploit tool to get easy shell on vulnerable endpoints. github.com/Chocapikk/CVE-… #bugbounty
hey @xnl_h4ck3r thanks for the best tool! (xnLinkFinder) was able to find hidden directory + hidden endpoint in javascript codes 1: python3 xnLinkFinder.py -i target_js.txt -sf target.com -o js_final.txt 2: httpx -l js_final.txt --mc 200 #bugbountytip
We are currently running a campaign on HackerOne. Any valid Access-Control vulnerabilities such as IDOR, Broken Access Control, etc. discovered during this campaign will be awarded a 50% bonus on top of the regular bounty! hackerone.com/zomato #BugBounty #Zomato @Hacker0x01
Easy way to spy on competitors feature requests 👀 1. Go to Google 2. Type in --> site:*.canny.io 3. ?!! 4. profit 🤑
This tool ( unisub ) , its one of the best option for you to bypass WAF's and filters .🙂 by @TomNomNom #bugbountytips #bugbounty #Hackingtime
GHunt v2 is out ! 🥷 All the code has been redone from scratch. github.com/mxrch/GHunt/re…
There are some changes guys 😝 • I cannot do the Akamai one yet, but sometime in 2024 I should have the green light • There was actually a mistake, It’s 3 Million not 30, Still a mass data breach due to the sensitive info exposed Will publish 2 blogs in January 5th
Write ups coming up in 2024: - Accessing 30 Million User’s Orders - How I was able to steal your Insurance Plan - UI:None Cache Poisoning/Deception Cases - Stealing Bank Mail Offers To PII Leak - Akamai Biggest Problem Comment which one you want to see first 🤔
Two P3s after successfully bypassing the Cloudflare WAF on a private program. A simple SVG-based payload proved effective. Payload: "%3cSvg%20Only%3d1%20OnLoad%3dconfirm(1)%3e" #BugBounty
This awesome 'FFuf Advanced Tricks' article by @noraj_rawsec needs a shoutout. I created my own FFuf script based on his tricks, and here is the result. #BugBounty acceis.fr/ffuf-advanced-…
subdomain discovery using Shodan github.com/incogbyte/shos…
nuclei-plus :- A GUI graphical interface with enhanced functions based on nuclei, and integrates functions such as template management, project management, configuration management and network space search engines (Fofa, Hunter). github.com/Yong-An-Dang/n…
I think it's time for a solution ⏰ To solve this challenge, you had to abuse the DOMPurify namespace misconfiguration to trigger an XSS this way 👇 Solution link: challenges.mizu.re/xss_02.html?ht… 1/6
Small XSS Challenge Time 🚩 Rules 📜 - You should only use the provided endpoint. - The solution must not involve user interaction. If you find the solution, please do not send it in the comments; send me a DM instead 📩 Challenge link 👇 challenges.mizu.re/xss_02.html
You've heard of blind XSS - but what if there's CSP? Introducing blind CSS injection! portswigger.net/research/blind…
New blog post: A vulnerability in Zoom that allowed accessing meetings scheduled via Zoom Scheduler. #security #vulnerabilitydisclosure #bugbounty blog.ophionsecurity.com/posts/zoom-acc…
\u0022\u003c%26quot;%26gt;%26lt;"';}};“></SCRIPT><img src=x onerror=alert(69)>${{7*7}} My favourite xss payload