2 more days at taco bell then I start my new hourly as a SOC analyst. New hire paperwork starts next week. Already passed drug and background. I'm so fucking excited
Oh my fucking God. I did it. I passed the interview. I have a technical one next and then I think a follow up interview and then I get my dream job!!!!
If you see this please retweet for reach. -----FREE COURSE WILL BE COMMING WHO WANTS IT--- This course will be based on recon tools and what they do and why we use them. There will be a break down of how to look at the data and what to do with it aswell.
Sorry I had to wait so long for this, but I had to sign my NDA first and pass a rather rigorous test. Also had to display my skills as a programmer not just a hacker. Buuuuut I now work for
@theXSSrat
call me the curious rat. I love when I smell cheese and can't see it yet.
Challenge 30 day manual hunting on bug bounty targets. I won't use burp except for repeater and intruder. And I'll use specialized tools if I need to exploit something. Pushing myself to a new level. Day 1 starts tomorrow.
This is the last time this week I'll plug this. Please retweet for reach. If you'd like to support me and level up your game. Come learn everything I know about recon aswell as some bug bounty tips.
Hey guess who just got a triaged bug yesterday? This guy. Me. Thank you for everyone who has encouraged me and made me feel like I was enough through this journey.
@thedawgyg
@johnjhacking
@Jhaddix
@Masonhck3571
you guys have been amazing during this thank you
Don't miss this Friday. In appreciation for 2000 followers on twitch I am giving away 20 of
@theXSSrat
full house bundle. Yeah you read that right 20 of them. I wonder what the giveaway is gonna look like lol. Retweet for reach. Love you guys.
5th bug on etsy found today. That makes 5 bugs in 3 days. Shout out to my group I'm hacking with yall are amazing. Side note. Developers please keep hardcoding global api keys. Much appreciated
Umm yeah... I got into
@SynackRedTeam
looks like I'll be looking at targets next week. I'm so fucking happy. Thank you
@osiryszzz
for pushing me when I didn't think I was good enough.
Didn't get the job...but that's okay. I'm switching my job focus to something I'm already doing which is streaming. Come subscribe and show your support. I'm going to be starting a patreon and I will start having more content for you to level up.
And the verdict is.........I passed. Not only did I pass but I passed the gates that were set for me. If you wanna see my hacking skills check out my twitch. The exam is streamed live. Thank you
@theXSSrat
for this opportunity
This Saturday. We are hacking airbnb all damn day guys. Already found some reflected params on a 403 page and have waited to test them until Saturday. Let's kill it. HACK THE PLANET!!!!
Please retweet for reach. I am looking for any pentesting gigs I charge 80-100 an hour. I have worked for 3 years independently and 1 year with
@theXSSrat
. I have proven skills. Dm for contact. Thank you, happy new years
Day 1 of manual hacking. I found a JWT that does not verify its signature. I also am doing recon on a target and waiting for results so I can manually investigate interesting endpoints. Today is DAY 2 and after my stream I will be looking for more bugs.
Tomorrow is the day guys the first of what I hope is many guests,
@thedawgyg
hacking live targets live on stream with me. Join us tomorrow at please retweet fir reach. Make sure you follow on twitch to see when the show starts.
Got a job today. I'm a subway sandwich artist getting paid 18.50 an hour soon to be 20.00 an hour after 3 weeks. Graveyard. While doing dev work and studying for my OSCP oh and full time student. Whatever the universe is trying to teach I better learn it quick.
Anyone hiring for web app pentesting? No certs but a lot of self learned and taught things. I have soo many notes and my own tools I've written on github to make my job easier. I'd prefer remote but if your gonna pay for relocation I'll move my happy ass. 😊
@tabaahi_
It took 3 and a half years for me to be able to see bugs when I look at code. Now I find a bug almost everytine I stream. There is no quick answer to this. It takes time, and the amount of time is different for everyone. Keep at it and you will get there
hey guys just bought my 20 vouchers for the giveaway for friday at with a little OSINT and luck you should be able to get a voucher before then here's the proof
You guys are awesome. I'll start putting the course together with some different
@RealTryHackMe
boxes and vulnerable labs for you guys to hack along. The video may be like 20 hours long after I get done. But it will be free.
Hey guys just got off of work but I wanted to thank
@zseano
for comming on my show and hacking with me hopefully we can hack together off of the show. had a great time hope you come back soon.
Cv joint just snapped on my wife's car. Got turned down for a job and my current job pays me 0 dollars an hour......I thought bug bounties would be a good area to make a little money in but they are all informational... I need some hope. Anyone hiring??
First week in cyber.. no fist fights, no drugs offered. My employer actually told me I have 6 days to take off at will by the end of the year.... I LOVE MY LIFE. currently hanging out with my family ^.^ love to everyone
Here we go. I have finally done enough smart contract and solidity education I can wrap my head around it. I'm doing write ups on smart contract CTFs right now and a full motes cherry tree for smart contract hacking ^.^
Guys guess what..... I'm having a baby tonight. My baby bot is going to be born today or tomorrow. We are at the hospital now waiting for labor to start. Also my cash app is $jbeers42000 if you want to show some love. ^.^
Bug shout out to
@Jhaddix
his methodology for wide scopes is a big inspiration for process and how my methodology has matured. Of course my twitch channel is the mind of a hacker. Which was always a nod to his first videos I ever watched. Much love man.
I was bored at work yesterday so I found 6 bugs on
@BugBountyHunt3r
on my Samsung Galaxy. I did not know that when you open javascript files on a phone it auto beautifies. Your welcome.
It is with a heavy heart and a very very long thought process that I have come to this decision. I will no longer be streaming on twitch. I will have courses and even mentoring available comming up in the future probably a few months.
1 month from know I will be releasing my full recon course from ip's to parameters and everything in-between including javascript review. All demonstrated on a live target
@theXSSrat
HEY I WILL BE ANYONES HACKING BUDDY. HMU!!!! I'm hacking 5 days a week and automation on weekends. Come hang out with me and we can kill any targets you want
Web3 course comming soon.
Writing smart contracts, using brownie, auditing real bug boubty smart contracts and testing some vulnerable ones too for comparison. More updates comming soon.
HOLY SHIT you guys have shared my course coupon over 28 times. thats insane. I LOVE YOU GUYS! more courses comming soon and I will be streaming next week
@theXSSrat
Junior- has most of the knowledge needed to complete a task but not the whole job. Medior - has enough knowledge and skill to complete a scope with reports and progress paperwork but doesn't submit reports to the client. Senior - can complete a job and serve results to client.
I got scammed today. They took my whole bank account. I went to the bank to explain it and they told me that due to security practices they will be cutting contact with my account and shutting down operations with me.. the scam was a job recruiting scam. Hungry for a job, 1/2
Whelp......I'm moving out of the US gonna goto europe in the next year and a half. I never thought I would say this in my lifetime.....But I no longer feel free or safe in america(new russia) I WILL NOT raise children in a country where they cant have rights.
@0xValkyrie
*Not real**wink*Yup a client of mine got hacked and well.... the ip trace may or may not have been followed to a bot distributing server. That server may or may not have been injected with malware and went offline. Supposedly.
Yall are amazing and you can do anything you put your mind to. Just remember to do things slowly. I was rushing to get so many things done and carry on a bug bounty and other home things.... I forgot self care, my brain is on fire. It has slowed to a subtle pulsing of fire.
Tomorrow will be my newbie Friday the first one. Where we apply portswigger academy lessons to real life targets manually. Blow this up yall 12pm PST on
Fucking shit!!!!! You guys wanna see the syllabus for my api class? It's on the css rats podia already waiting for folks to sign up. The first 1000 people get it for 20$ I bet
@theXSSrat
could drop a link here. I will leave the syllabus in this thread check it out and retweet
HEY GUYS!!! i have 80 subscribers on if you wonderful people can get me to 150 subs by the end of the week I WILL BE GIVING AWAY 1 TICKET TO DEFCON!!!!!!!!!! retweet for reach please.
Okay guys I have some family things yo take care of so Iight not streaming for the next few days. I will be streaming again on Fridays and Saturdays because I have gotten 2 jobs lol yaaay. I will also be putting together a.
@RealTryHackMe
giveaway when I return.
Hey yall. I quit subway. Fuck that.. I'm going to be streaming today at 12pm PST. Mind of a hacker. No weed smoking. No smoke breaks. No more company info leaks. Recon and techniques. Ethical and educational. ^.^ see yah there
FIRST FUCKING BLOG ENTRY EVER!!!!
I will be starting to do tryhackme room walkthroughs and thoughts so enyone doing the room can get a little more out of it.
Day 3 at subway graveyard shift.... Co worker offered me meth... I'm 5 years clean and sober. I kicked him out of the store and finished the shift myself... this is the kind of honesty and work ethic you want your employees to have. Shout out to those going through the struggle
Omg my new resume and a friend of a friend got me an interview at
@NetSPI
I'm so fucking excited. Time to get a job in my profession. Thank
@Jhaddix
for helping me with my resume. Thank everyone for making this possible.
@ibug___
@theXSSrat
@stokfredrik
Other common 403 bypasses for WAF is x-forwarded-for: (the ip of the site or ips of cbmaes for the site or 127.0.0.1 or 127..1) you can also use x-original-url: the url you want to access --> use the original url header on a page that is not blocked. But also dig into the
Hey guys I'm looking for a pentesting job for apis and web apps. I'm good enough for a junior role I've been doing bug bounties and pentesting for about 4 years now (independently) I have the cnwpp cert from the xss rat and have also been employed by him for the last year 1/2
Bash course is in the making it will be done soon and I promise you will learn so much bash for hacking you will be stunned. from commands to scripting to awk ans sed we are gonna bash like pros.
For anyone who is wondering you will be able to find me on
@BugBountyHunt3r
all day. Today I learn the shadow ninja ways. Hopefully some ssrf and IDOR jutsu ^.^
Hey guys!!! Dobby is a free elf. I have managed to phase out janitorial at the restaurant.....daily streams you say????? Yes I think daily bug bounty is a great idea. Who wants to hack with me?
This exam made by
@theXSSrat
is so personalized he is letting me streamy attempt at the cert. It's a full pentesting engagement and you guys will get every second of it. Starting tomorrow.