Alhumdolillha ♥️ 2nd report on Google also got accepted, . Tip : always try to monitor your target for fresh leaks 😁 . #bugbounty #bugbountytips #jerry1319

RT @0xAsm0d3us: Some good news!! OpenID Connect (OIDC) Support for npm Registry is coming soon. Which means, the attack surface for supply….

I Used your extension ( @sl4x0 ) and it's working like a charm. I suggest everyone to use it.

I was awarded $5,000 after discovering a hidden endpoint using this extension:

Saw some tools on X claiming to find leaks in minutes with “private scanners.” Don’t fall for the hype — they’re just basic open-source tools with fancy UIs. Invest your time, pipeline the tools yourself. Same results, no BS. #bugbounty #bugbountytips.

RT @hakluke: The #1 RULE before you collaborate! ⚠️

did anyone faced noise issue in the AIO Liquid cooling caused by the air bubble trap , Kindly let me know if anyone faced or how they solved this annoying issue in there pc .

There are alot of things to do while resolving subs to get more subs and ASM which are ignored by other hunters dont just run tools with lazyness. It's impossible for me to share everything in tweets, that's why not talking about it much ,. Know well before running randm 1 liner.

it's better to monitor your resolvers and sending dns list to analyze and get more subs or else resolve same perm wordlist multiple few times to get more subs without hitting the limiting of resolvers.

Getting a lot of DMs asking how to get more subdomains using perm. One common mistake: running the permutation wordlist and PureDNS resolver in parallel. This often leads to DNS resolution issues or hitting rate limits. Run them sequentially for better results.

This is not the right way to permutation and resolve the dns , you are gonna miss a lot of sub's bcz of race issues here.

Heyy @YShahinzadeh ,. Can you please open your dm , need to talk about few escalation of html injections to xss , I would love to know if you would like to help me in it's escalation via a collab ,. Thank you.

Hey @4non_Hunter ,. Any update on this ???.

RT @shellbreaker_: This life is yours. Live for yourself. Take risks. Build. Fall. Get back up. Repeat.

RT @Jayesh25_: I've often hesitated to participate in public bug bounty programs, mistakenly believing that if a program is public, it's li��.

RT @jeetbhdr: Last year, my mother got diagnosed with leukemia. Thanks to bug bounty, I was able to pay all her medical bills and take care….

Hey @4non_Hunter ,. Is there any update regarding the slides you promised to publish of seasides ,. Just curious to know.

Thanks Bhai ❤.

is it still possible to takeover a github subdomain or github fixes the takeover issue via implementing dns verification for custom domains ?? #bugbounty #bugbountytips.

Currently its main source of income , but hope so this year it will be 2nd or 3th source ,. Just wanna to drop it to do I part time instead of full time hunting ,. Full time trauma = full time hunting.

if you ever encounter a internal salesforce instance which is restricted for external user and allowed /sfsites/aura. just change the endpoint to /aura and use random descriptor with a wrong aura.token will leads to internal configuration file leakage #bugbountytips #bugbounty