BugBountyTip.tech @_Bugbountytips_
We Serve Best Tips for Bug Bounty from Across the Social Platforms and servers Best For you. Join Us : https://t.co/lUiCF7RQAU… bugbountytip.tech Joined September 2020-
Tweets5K
-
Followers5K
-
Following67
-
Likes45
Day 7/7 : SSRF ALL SSRF RESOURCE Tools: bcoles.github.io/ssrf_proxy/ github.com/daeken/SSRFTest github.com/daeken/httpreb… POC : github.com/reddelexc/hack… WriteUps: thewh0is.medium.com/list/ssrf-writ… Labs: bugbountynotes.com/challenge?id=33 portswigger.net/web-security/s……
Byte Fallback #XSS Vector <Scri%7Kt> %7Krompt%6K1%6K </Scri%7Kt> PoC brutelogic.com.br/tests/byte.php… Useful to #bypass WAFs in some Java apps. Included in @KN0X55
CVE-2024-25600: Unauth. RCE vulnerability caused by PHP code injection in Bricks Builder, a WordPress site builder with over 25,000+ active installations. Severity: Critical (CVSS 9.8) Root cause analysis: snicco.io/vulnerability-… PoC: github.com/Chocapikk/CVE-… Mitigation: Upgrade
7 SQLs 4 in php (select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/ 1 in aspx orwa';%20waitfor%20delay%20'0:0:6'%20--%20 2 in graphql orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))-- #bugbountytips #bugbountytip 💕
This is my day-to-day hacking tool stack: 🛠️ Burp 🛠️ Nmap 🛠️ @securitytrails 🛠️ @shodanhq 🛠️ @spiderfoot 🛠 @ipinfoio 🛠️ My own tools (github.com/hakluke) 🛠️ Everything by @pdiscoveryio 🛠️ Everything by @TomNomNom That covers about 99% of my hacking 🤷♂️
#KNOXSS GIVEAWAY 🔥FOLLOW US🔥 🔥LIKE & REPOST🔥 To have a chance to WIN one of the following • 1 Pro Subscription 1-month • 1 Pro Subscription 3-month • 1 Pro Subscription 6-month • 1 Pro Subscription 1-year Winners of this draw will be announced next week Good luck! 😀
[NEW] You can easily spoof #iOS Bluetooth pairing pop-up messages using any non-rooted #Android! All you need is nRF app from Google Play and input data to advertise, see the video. [updated] mobile-hacker.com/2023/09/07/spo…
Bug Bounty Tip SSTI (Server Side Template Injection) Payload List 🔹{7*7} 🔹*{7*7} 🔹{{7*7}} 🔹[[7*7]] 🔹${7*7} 🔹@(7*7) 🔹<?=7*7?> 🔹<%= 7*7 %> 🔹${= 7*7} 🔹{{= 7*7}} 🔹${{7*7}} 🔹#{7*7} 🔹[=7*7] If evaluated as 49 - the target is vulnerable Cheers!
100 Days of Hacking! Day 31 #SpeciaL ⬇ ~# WebHacking (BugBounty) Cheatsheet 📢 1. Cross Site Scripting ( XSS ) Vulnerability - github.com/EdOverflow/bug… - github.com/payloadbox/xss… - portswigger.net/web-security/c… 2. SQL Injection - github.com/EdOverflow/bug… -…
Limiting the google search to only IP addresses bringing interesting results. @0x21SAFE made a web-based tool just for that, you can try it at 0iq.me/gip/ or github.com/SeifElsallamy/… #infosec #cybersec #bugbountytips
Just Published a new Blog on @hacklido! Hope you Guys Like it! hacklido.com/blog/410-top-r… Mentioned some amazing folks! Thanks to them for their work!! @_Bugbountytips_ @intigriti @GodfatherOrwa @ADITYASHENDE17 @0x0SojalSec @nav1n0x @NinadMishra5 @bug_vs_me @Bugcrowd @theXSSrat
💀 Bypassing Email Filter which leads to SQL Injection Bypassing Email Filter which leads to SQL Injection SQL Injection in Email Address (username) 🔗 Source : medium.com/@dimazarno/byp… credit:@TodayCyberNews #bugbountytips #bugbounty #bugbountytip
Recon is an art! Have you ever used Google Tag Manager IDs to find new domains belonging to your target? 🤔 @g0rchy has, and today he's sharing this trick with all of you! #bugbounty #bugbountytips 👇
#Day60 /100 Read Blogs: 🔸WAF Bypass + XSS on The MOST Popular Movie Ticket website medium.com/@tarang.parmar… 🔸Simplify Your Web Application Testing with These Python Snippets ashraful004.medium.com/simplify-your-… #100daysofcyber
How To Hack Traffic🚦Lights? A Thread 👇 | #Infosec
📈 Top 20 bug bounty YouTube channels of 2022 🧵 Let's look back at 2022 and specifically at the creators who ruled the bug bounty scene in 2022 These are the top 20 bug bounty creators! 👇
Want to create a script in a minute? Try Chat GPT is quite good to create automation scripts, try it out 😉 #bugbounty #bugbountytips #bugbountytiptech
Cloud security Penetration Testing practice labs :- - github.com/RhinoSecurityL… - github.com/0xsha/CloudBru… - github.com/RhinoSecurityL… - github.com/WithSecureLabs… - github.com/bridgecrewio/t… - github.com/nccgroup/sadcl… #BugBounty #BugBountytips #CyberSecurity #CyberSec #Tweets #Security
Md Ismail Šojal @0x0SojalSec
22K Followers 4K Following Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || GH0ST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||Tushar Verma 🇮🇳 @e11i0t_4lders0n
21K Followers 796 Following Offensive Security Consultant at NST-Cyber | @SynackRedTeam Member | Public Speaker | Open for Freelance EngagementsAnubhav Singh🇮🇳 @AnubhavSingh_
8K Followers 815 Following Security Engineer @SecInnovation | @OwaspDkte chapter leader • CTF Player ⛳ • Bug Hunter 🧐 • Project Morya • Tea is ❤️ • Learn365 • eCPPTv2 • eWPTXv2Akita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only SpaceDr. Maik Ro @maikroservice
19K Followers 710 Following Training the next generation of Hackers | 💜-Team Hacker | CRTP, PNPT, eCPPTv2, BTL1, CRTO, CARTP, BTL2 (last one soon™ CRTL) | he/himRohit @sec_r0
23K Followers 1K Following Security engineer by day @getEthoslife, globetrotter by night and other day, trying new cuisines! 🌎🍴 #SecurityZines Ex - {@walmart, @visa, @gojektech}Rekono @rekonosec
18 Followers 121 Following External Attack Surface Management Use many hacking tools at once and handle their results easily🐉 $MON Nguyễn Đ.. @NguynngHnh5
60 Followers 93 FollowingFarzad Tjk @TjkFarzad4098
0 Followers 5 FollowingMatty @Msh1916
15 Followers 93 FollowingKEFA MSIGWA @KMsigwa25803
2 Followers 23 FollowingJAYACHANDRAN PRAKASH @JAYACHANDR62727
0 Followers 111 FollowingKero Gabra @KeroGabra2
25 Followers 392 FollowingEduardo Cunha @Goat84537618
73 Followers 2K FollowingAdedayo Enoch @adedayoenoch2
0 Followers 60 Followingcrazycryptobird @cryptocrazybird
122 Followers 225 Following crazycryptobird is an NFTs collection. #BTC #ETH #Web 3.0Chris Hanlon @ChrisHanlonCA
16K Followers 18K Following Security Engineer / Nerdy Punk Dad Google Security Hall of Game Presenter & Workshop host at #BSidesLV and #DEFCONaqsa hafeez @aqsahafeez63452
1 Followers 104 FollowingAssuid Dany @DanyAssuid
11 Followers 34 Followingricardo @fabian53576185
0 Followers 17 FollowingSandeep Yadav @Yadavsk1973
31 Followers 783 Followingsanga Mahesh @sangaMahesh118
4 Followers 467 FollowingGOTA @microtao404
10 Followers 125 FollowingBenjamin @Benjamin15469
86 Followers 566 Following Cybersecurity Enthusiast | Industrial Automation Engineer | Software Developer | Lifelong Learner (Math & Physics) | Public Speaker | Gamer | Friend.Revanth Varma @Revanth3V
7 Followers 89 FollowingAyman Amer @AymanAm32761583
0 Followers 10 FollowingKenan Kazimov @KazimovKenan313
0 Followers 10 Followingunity @cr7__031
0 Followers 25 FollowingAngelin Iyla @AngelinIyla
5 Followers 22 Followinghavebeenpowed @ruilima88516944
35 Followers 296 FollowingTom Bajoux @BajouxTom
6 Followers 49 FollowingAnar @Anar1310055
1 Followers 7 Followingsailesh @saileshxoxo
0 Followers 29 FollowingLucifer @KISHORE02722489
48 Followers 194 FollowingDimitar Ilievski @dxtech7
9 Followers 55 FollowingG3kSec @G3kSec
62 Followers 291 Following Cybersecurity \\ Pentester \\ Bug Bounty Hunter \\ CTF PlayerParth Pulyani @PPulyani51284
0 Followers 16 FollowingSaber Mohamed @sabermohamed444
0 Followers 17 FollowingLehmadi Dz @DzD1177
0 Followers 20 FollowingShahidul Islam @Shahidu35513209
2 Followers 131 Followingadityaa @adityaa78464069
58 Followers 587 FollowingNaman Devnani @naman_devnani
332 Followers 6K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDEDevendra Bhatta @deven1200
51 Followers 1K FollowingIntigriti @intigriti
156K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlBen Sadeghipour @NahamSec
198K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷PentesterLab @PentesterLab
154K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!bugcrowd @Bugcrowd
161K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™Harsh Bothra @harshbothra_
42K Followers 664 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personalKatie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herHussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking PlatformSTÖK ✌️ @stokfredrik
127K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesecJohn Hammond @_JohnHammond
240K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSCl👑 OFJAAAH 👑 @ofjaaah
18K Followers 444 Following Bug Hunter ☣ | Hi I Hacker spare time and not spare time too 🧙♂️. https://t.co/9opHyVyAF6 / Twitch https://t.co/VtHcEj9WCJkhan mamun @mamunwhh
5K Followers 60 Following Red team member @pentabug | hacking isn’t crime | Bug Bounty Hunter | (whh)white hat hacker @Hacker0x01LiveOverflow 🔴 @LiveOverflow
143K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioProjectDiscovery.io @pdiscoveryio
30K Followers 121 Following Making cybersecurity accessible to everyone. Join us for the security conference for all things open source: Hardly Strictly Security: https://t.co/R7NlVw3cBJAhsan Khan @hunter0x7
33K Followers 1K Following [Hacker + lover of bash] I Don't know how to hack but i know how to pwnd!XSS Payloads @XssPayloads
43K Followers 0 FollowingPatrik Fehrenbach @ITSecurityguard
30K Followers 277 Following rɪsˈpɒnsəbl dɪsˈkləʊʒə building https://t.co/l2g3RTecnYHackerGPT @thehackergpt
9K Followers 0 Following #1 Trusted ethical hacking AI for web application hacking.Cybertix @thecybertix
3K Followers 21 Following We offers Cyber Security Training 📚✏, Penetration Testing, and Bug Bounty Tips💰 to protect businesses and individuals from cyber attacks. Feel Free to Ask.Naked Security @NakedSecurity
90K Followers 203 Following We’ve moved! For the full archive of Naked Security articles and to continue getting the latest Sophos security insights, visit https://t.co/TwnNJ21Cxq or @SophosXOpsPrateek Tiwari @prateek_0490
8K Followers 349 Following abnormally normal!!! Views, posts, and opinions shared are my own.Peter M @pmnh_
3K Followers 566 Following aka pmnh / ex-Security researcher / Synack #1 SRT 2022-2023 / Synack, HackerOne, BC / Deep recon / source code analysis. Opinions my own, not employer.Binni Shah @binitamshah
133K Followers 175 Following Linux Evangelist, Malwares , Security Enthusiast, Philanthropist , Reformist , Jain. binitamshah at protonmail dot comMusab Khan @Musab1995
4K Followers 758 Following Certified Ethical Hacker | Penetration Tester | YoutuberShreyas R Gurjar 🇮.. @shreyasrx
3K Followers 116 Following Just a Hacker 💯| SRT @synackredteam | Opinions are my own | Security Consultant at @payatulabsMayur Parmar @th3cyb3rc0p
5K Followers 5K Following Team Lead - NST | 👔 I Don't stalk,I Investigate 📌 | SRT @SynackRedTeam | Penetration Tester @yogoshaofficial |🇮🇳Ryan M. Montgomery @0dayCTF
53K Followers 504 Following Pentester / Serial Entrepreneur / Child Safety Warrior — https://t.co/9c4DBWMYiQPomme @pxmme1337
5K Followers 291 Following Genuine oddity | Pomme@Hackerone | Pomme@Intigriti | ByeFelicia@BugCrowd | Senior Sec Engineer @ somewhereHack3rScr0lls @hackerscrolls
9K Followers 59 Following for hackers by hackers Contact: [email protected]Aadesh deep Namdev �.. @aadesh_namdevv
359 Followers 546 Following | Bughunter😎 | Security geek🐼 | cheerful |Brute Logic @BRuteLogic
59K Followers 283 Following #CyberSecurity R&D | #XSS | #WAF #bypass | #hack2learn | @rodoassis | @KN0X55 | https://t.co/vOa3E883V0D∆₹K⚜LÖ†Û$ @darklotuskdb
2K Followers 209 Following Ram Ram 🙏 | #HR51KDB 🔱 | 14x7💻 | @imKDBhati 👀 | #BGSx701 ☸ | @SynackRedTeam | Work @synopsys | Member @owaspseasides 🏖 | tee https://t.co/BSs4PiS3YMCommix Project @commixproject
3K Followers 1 Following Automated All-in-One OS Command Injection Exploitation Tool. Created with ❤️ by @ancstR ando @Rando02355205
464 Followers 79 FollowingSpiros Fraganastasis @m3g9tr0n
14K Followers 1K Following Team @hashcat! Eternal n00b and knowledge seeker! Age is just a number and motivation is the fuel! Whatever you do in your life, do not forget to be humble.VIEH Group @viehgroup
2K Followers 425 Following An Innovative Cyber Security Company | Think Secure, Think V.I.E.HNorsyx @norsyx
10K Followers 0 Following Leading in #offensive #security - Keeping you one step ahead of #threats. The official X account for Norsyx LLC. and Norsyx Insight Inc.Hacktory @HacktoryAI
432 Followers 0 Following Hacktory are professional AppSec, Red and Blue Teams developing their online learning platform. #education #websecurity #bugbountyJérémy Brun @Xst3nZ
996 Followers 607 Following Hacker #Infosec #Pentest #RedTeam #MalwareDev #IoT 🇫🇷 Github: https://t.co/55SAml1Tby | https://t.co/y0yqXQq2a8KNOXSS @KN0X55
12K Followers 0 Following Announcements, tips and support via DM of KNOXSS - Online #XSS PoC Tool by @rodoassis @brutelogicEmad Shanab - أبو .. @Alra3ees
51K Followers 722 Following Father | Lawyer | Bug Bounty Hunter | Complete newbie | Every Law has its own Bugs. https://t.co/Cwuy2zfF8N https://t.co/Bd9ltJWS5XTarang Parmar @Tarang96
33 Followers 333 Following Everything Is Vulnerable Just Change The Way of Thinking 😉 Founder of @_Bugbountytips_The Anti-Doomscroller @anti_scroller
1K Followers 1K Following 🔔 Breaking the Scroll Spell | 3D Tasbih Curator | Escaping the Social Media Abyss 🌊👑 King Of Tips �.. @KingOfBugbounty
6K Followers 23 Following 👑 OneLineTips project 👑 Github: https://t.co/o8SCytw7Fr Twitter owner: @OFJAAAHSoroush Dalili @irsdl
18K Followers 850 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, @SecProjectLtd founder 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐ippsec @ippsec
111K Followers 351 Following#KNOXSS GIVEAWAY 🔥FOLLOW US🔥 🔥LIKE & REPOST🔥 To have a chance to WIN one of the following • 1 Pro Subscription 1-month • 1 Pro Subscription 3-month • 1 Pro Subscription 6-month • 1 Pro Subscription 1-year Winners of this draw will be announced next week Good luck! 😀
Just Published a new Blog on @hacklido! Hope you Guys Like it! hacklido.com/blog/410-top-r… Mentioned some amazing folks! Thanks to them for their work!! @_Bugbountytips_ @intigriti @GodfatherOrwa @ADITYASHENDE17 @0x0SojalSec @nav1n0x @NinadMishra5 @bug_vs_me @Bugcrowd @theXSSrat
#Day60 /100 Read Blogs: 🔸WAF Bypass + XSS on The MOST Popular Movie Ticket website medium.com/@tarang.parmar… 🔸Simplify Your Web Application Testing with These Python Snippets ashraful004.medium.com/simplify-your-… #100daysofcyber
Yay, we were awarded a $50,200 bounty on @Hacker0x01! Me and @rene_kroka were able to find another critical vulnerability. This one was tough, and we definitely learned a few new tricks. I hope we can share the PoC soon. hackerone.com/hackerontwowhe… #TogetherWeHitHarder #bugbounty
Time for another giveaway! We are going to send a t-shirt and a few goodies to one person who follows @PentesterLab and retweets this tweet!! And we are going to give a 12-month voucher to someone who follows @PentesterLab and likes this tweet!!
When positive quotes works for you. And look what I got. Thanks @YogoshaOfficial for triaging my all the submitted bugs in very less time. Looking forward to submit more high & Critical bugs in upcoming days.Currently ranking 53 in overall leaderboard ✌ #togetherwehitharder
We just released two new videos: Exploitation of CVE-2022-21724: JDBC RCE PostgreSQL pentesterlab.com/exercises/cve-… and Exploitation of CVE-2021-40438: pentesterlab.com/exercises/cve-… With subtitles in English, Arabic, Portuguese and Spanish. Hindi subtitles available for CVE-2022-21724
Giveaway time! We are going to send a t-shirt and few goodies to one person who follows @PentesterLab and likes this tweet !! And we are going to give a 1-year voucher to someone who RT this tweet!
Open Redirection Vulnerability... Try to test every parameter which are supposed to be redirect to another page.. @bugbounty0 @bugbounty18 @tbbhunter @_Bugbountytips_ @BugsGallery @bugbountyforum #bugbountytip #bug
Learning Android Pentesting... Let's Gain the knowledge. 😎😁 @bugbounty0 @bugbounty18 @_Bugbountytips_ #bugbounty #android
My slides for the talk "Account Takeover via Exploiting Misconfigured Password Reset Feature" at @BSidesTO speakerdeck.com/tuhin1729/acco…
On Phone: I told my father I got 6 lakh INR reward, he started crying, I can feel the pain, when their son is unemployed.😭 I'm rewarded with 8000$ for accessing admin panel. Lots of thanks to: @Hacker0x01 @zseano @hunter0x7
As of late, I've been having trouble trusting that the triage team is working in my interests, I've had to fight for my bugs to even be considered by security teams, where in the past I have been able to connect with security teams who understand underlying issues.
Apache Tomcat SSI printenv Command XSS (CVE-2019-0221) It's old, but it's still useful. [PoC] hxxp://localhost:8080/printenv.shtml?%3Cscript%3EaIert(%27xss%27)%3C/script%3E packetstormsecurity.com/files/163457/A…
@saphalshakha1 @pentesternepal @NahamSec @theXSSrat @stokfredrik @codecancare @_Bugbountytips_ @sec_r0 @saugatpk5 @WHOISbinit Thanks for the mention! (: Let's learn, share and grow together!
@pentesternepal Inspired from many. Just to list few: @NahamSec @theXSSrat @stokfredrik @codecancare @_Bugbountytips_ @sec_r0 🙏 Thanks for continuous support now: @pentesternepal @bishal0x01 @saugatpk5 @WHOISbinit 💕
@_Bugbountytips_ @harshbothra_ Thanks @_Bugbountytips_ ❤️
@_mohd_saqlain @_Bugbountytips_ @imranparray101 @GodfatherOrwa @ofjaaah Use nmap scripts