Not only crawling but you can do Subdomain Enumeration using Wayback.
⬇️
curl --insecure --silent "…" | sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | sed "/@/d" | sed -e 's/\.$//' | sort -u
#bugbounty
#hacking
#infosec
Hi. I run a cyber security startup and make courses on web/network security.
If you just come across the tweet. I just said Hi👋
@shifacyclewala
#infosec
BugBounty Tips:👇
Always check for paths in JS Files. I found an endpoint in js file /customer/state, send a request to the endpoint with shopify_id in body and it allowed me to fetch details of any user.
#bugbounty
#infosec
#bugbountytips
Infosec Entry level Interview Questions 101 📜🏆
PS: These are the list of questions I have come across and questions faced by my students in their interviews.
Feel free to add more below 👇
1. What is your fav OWASP Top 10 bug
2. Explain your methodology?
#infosec
#bugbounty
Cyber Security is for everyone. We got overwhelming responses for guidance from a lot of people. So we came up with a 10 Weeks Web Application Pentesting Internship.
This will be a highly practical training which will help you kickstart your journey and upskill yourself.
Gitlab 14.9 CVE-2022-1162
New Gitlab Accounts (created since the first affect version and if Gitlab is before the patched version) can be logged into with the following password:
123qweQWE!@
#000000000
So i gave an interview today.Questions asked👇
- Can we add custom header in csrf poc n perform attack If yes how
- Exploit Blind Sqli OOB
- Exploit Blind SSRF 00B
- Exploit XXE OOB
- Test cases for Insecure Deserialisation
- SOP vs CSP vs CORS
- Can csrf token prevent RXSS
List down some good resources for identifying secrets, ips, subdomains, assets or useful information for pentesting & bug bounty.
👇
1. Shodan
2. Censys
3. Github
4. spyse
5. dnsdumpster
Comprehensive Thread on Web App Fuzzing!
What is web fuzzing?
How can web fuzzing be super useful in Bug Bounties or Pentest?
FFUF for Web Fuzzing?
↓
{1/16}
Lets see does it work!
Hi 👋 if you are interested in:
Cyber Security 💻
Bug Bounties 🐞
Linux 🐧
Follow me✔️
I'm planning on using Twitter to share a lot of content that you won't want to miss. 🥳
The Roadmap to cyber security begins with 🚩⚡️
1️⃣ Basic Computing Fundamentals 💻
2️⃣ Networking Foundation 📶
3️⃣ Linux Fundamentals 🐧
4️⃣ Reading RFC’s 📚
5️⃣ Community Building / Networking 🤝
Mention your tips👇
Tips to find DOM XSS: ⚡️🔥
1. Start Burpsuite Community Edition
2. Click on Open Browser
3. Go and click on the Burp icon in extension tab on browser
4. Click on Turn on DOM Invader
5. Inject a custom canary
6. Open target website, right click, Inspect and go to Invader
Giveaway Time: 💯
@shifacyclewala
@CristiVlad25
1. 50 Lucky Winners for my BBv1 Course
2. 50 Lucky Winners for my BBv2 Course
3. 50 Lucky Winners for my Recon Course
4. 10 Lucky Winners to all membership courses access for 1 year.
To enter: Follow, RT the tweet, comment a tip!
Bug Bounty Tips :
1. Replacing HTTP Methods on API Requests from POST to PATCH or GET can leak sensitive info without Authorization.
2. Got a pre condition failed on API Request, Don’t send request to repeater, Modify the Userid from Burpsuite Proxy- OPTIONS, GET.
#bugbounty
Congratulations to everyone who got selected for Hacktify Cyber Security and Virtually Testing Foundation Internship 🎉🎉🎉
We welcome you all on board. 😇
We will have amazing time together for next 3 months.
I love to see building a constructive community of professionals.
Tip: While exploring for XSS issues in target.
the most common vulnerable parameter was sanitising the input, found more vulnerable hidden params by fuzzing wordlist with burpsuite.
More XSS ✅
#infosec
#bugbounty
Job Possibilities in Security Domain 👇
🧵
→ Security Analyst
Role: Analyses and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities.
@shifacyclewala
Hey Infosec people!
Let me know your hacking machine configuration.
Mine:
➡️ Macbook Pro M1 - 16 GB, 1 TB SSD.
➡️ 16 GB VPS on AWS.
Lets see who does it well on the least spec.
#infosec
A comprehensive thread on XXE Attacks.
What is XML, Entities and DTD?
How OWASP Top 10 2021 merged XXE in Security Misconfiguration?
XXE exploitation Types & Payloads for pentesters and bug bounty hunters
↓
{1/18}
Thanks to
@shifacyclewala
@Hacktifycs
I love using shodan and it has been really useful in past.
The recent amazing tool which allows to query any ip without api key was awesome.🚩
So here's a nrich vs one liner 🔥✅
1️⃣echo "162.14.101.189" | nrich -
2️⃣curl {162.14.101.189} | jq
#infosec
Cyber security has amazing opportunities.
DM me if you think you have good skills for a fresher role in app security in Mumbai,India.
Bug Bounty experience will be add on.
Role - Fresher
Skills - Web App Sec
Location - Mumbai,India
@shifacyclewala
You can use the coupon OCTHACK or feel free to use these below links for 95% OFF courses👇
✅ Bug Bounty v1 :
✅ CVE's for Bug Bounty:
✅ Bug Bounty v2:
✅ Recon for Bug Bounty:
{1/2}
Join Giveaway and WIN Certified Bug Bounty Researcher program for FREE
To participate:
1. Like & Retweet
2. Comment below “How this program will help you”.
1 Lucky winner will be announced on 3rd Sep
Details:
@shifacyclewala
#Giveaways
#security
Excited to announce 📣
FREE Internship opportunity for you all.
Most awaited FREE internship on Web penetration testing!
✅Register Here:
✅Who can apply: We welcome anyone who wants to start and try hands-on Cyber Security
✅ 3 Months, Mode- Online.
What are the things one can test before login in any web application?
Comment below 👇
1. Try Signup using company email to check if u get more access
2. Check sql
3. Check xss in email & pass fields
4. Check ssti /code execution /ssrf to your collab
#infosec
#bugbounty
#bugbountytip
👇💥
You can find IDOR by manipulating the Email Address in the Payload of JWT Token and changing the Algorithm to None.
Came across an application which passed Email in Body and Email in the JWT Token. Changed both and it leaked PII of other user.
Nuclei is becoming basically the next Nessus. Just difference is the attack definitions are open source and contributed by everyone.
The project has got amazing traction and its totally worth it.
Thankyou
@pdnuclei
Hey 👋,
As a pentester, what are the tools that boost your productivity the most?
1️⃣ Browser / curl
2️⃣ Terminal
3️⃣ Burpsuite
Mention yours👇
#infosecurity
#cybersecurity
Daily dose of Web Security learning as a beginner:
✅ Solving Labs from Owasp /PortSwigger Academy
✅ Practice on Live Websites
✅ Reading & Writing new infosec blogs
✅ Mental Health
✅ Programming for basic Automation
✅ Contribution to community & be kind.
@shifacyclewala