Md Ismail Šojal 🕷️
@0x0SojalSec
Followers
30K
Following
50K
Media
782
Statuses
37K
Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project @AIStrikeSec || 0ld Accounts Suspended @0xSojalSec ||
localhost
Joined October 2021
RT @NahamSec: This Tiny JWT Mistake = Massive Bug Bounty (with a real world example!) . watch here 👉🏼 https://t.co/….
0
31
0
Swap manual bug hunts for Grok’s sweep. Take a look at the 21,174 character long prompt.
Grok 4 Heavy is better than any model available at identifying issues in your codebase. Here's the JS prompt I use with my game code to have Grok 4 Heavy find the bugs. Python prompt in Comments👇
0
0
2
RT @mattjay: 🚨 New macOS backdoor alert: North-Korean hackers are disguising a Zoom update that drops malware built to hijack laptops and s….
0
114
0
RT @pdiscoveryio: How to get subdomains, validate DNS, and probe with httpx - all in JSON!. This one-liner is a great start to your automat….
0
31
0
RT @mqst_: 🧵 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞𝐬: 𝐋𝐞𝐚𝐫𝐧 𝐚𝐛𝐨𝐮𝐭 𝐖𝐀𝐅𝐬 𝐚𝐧𝐝 𝐡𝐨𝐰 𝐭𝐨 𝐛𝐲𝐩𝐚𝐬𝐬 𝐭𝐡𝐞𝐦:. Awesome WAFs: Firewall bypass: .
0
65
0
RT @HunterMapping: 🚨Alert🚨 CVE-2025-49704 : Microsoft SharePoint Remote Code Execution Vulnerability.📊24.9K Services are found on the https….
0
46
0
RT @Commanak46: Hijacking Shopify Stores with Just an Employee Email and a Perfectly-Timed Request.
0
13
0
RT @the_yellow_fall: DeviceCodePhishing: A New Automated Tool Bypasses MFA & FIDO for Azure Entra Users.
0
63
0
RT @coffinxp7: I Discovered a critical IDOR vulnerability in an Indian Railways corporate booking portal. By simply….
0
24
0
RT @bountywriteups: How I Found Facebook and Google API Keys Hardcoded in an Android App (and Why That’s a Bad Idea)..
0
17
0
0
86
0
RT @coffinxp7: Here's my complete checklist that will be included in my upcoming article. These are based on my older methods on my website….
0
33
0
RT @Jayesh25_: Found an interesting bug a while back and thought I’d share it here 👇. I came across an unused API endpoint inside a JavaScr….
0
37
0
RT @jusxing: CSP + WAF + Dom purify + char limit + Http only cookies . Yesterday, 8 PM: Found a self-HTML injection. Today, 7 AM: Reported….
0
9
0
RT @intigriti: Open this thread to master server-side template injection vulnerabilities!. 🧵 👇
0
29
0
RT @bountywriteups: How to stay aware of new Bugbounty programs using Reconsnap. #bugbounty #bugbountytips #bugboun….
0
13
0