Hello everyone, as promised, this is a detailed write-up on how I was able to get an account takeover in HubSpot Public Bug Bounty Program. #BugBounty #bugbountytips #Pentesting #cybersecurite #infosec ATO.

One of my favorite things i love to do is browsing team leaders profiles on LinkedIn and Twitter to understand their infrastructure priorities and discover backend technologies that I may not have discovered through enumeration with a black box approach. #bugbounty #bugbountytip.

Some time ago I found about 5 full ATO(0-click and 1-click) and PE while hunting on HubSpot at @Bugcrowd, some of the vulns have interesting attack chains, fortunately, I found some of them fixed, so stay tuned for some juicy write-ups soon.#bugbounty #bugbountytips #bugbountytip

Hello guys, I end this year by sharing with you a new article about how I found a SQL Injection Zero Day (CVE-2022-38627) via static analysis.Research:. Exploit:. #BugBounty #bugbountytips #Zeroday #0day #redteam #Pentesting.

Hello guys, I'm sharing with you a new article about how I found a Stored XSS 0-day (CVE-2022–42710) via static analysis.Research:. Exploit:. #BugBounty #bugbountytips #Zeroday #0day #redteam #Pentesting.

Exploits:. #BugBounty #bugbountytip #bugbountytips.

1/2.Hello guys,.I'm sharing with you some new zero-days that I found recently that can allow an unauthenticated attacker to ATO of admin or other users accounts with one click you can scan bug bounty programs or your company assets right now using nuclei. #bugbounty #bugbountytip

2/2.including (Paypal, Hyatt Hotels) and much more, (MSRC team) fixed the vulnerability after being reported within 5 days, and right now there are no more companies still affected, but I will share it with you as the scenario will still be helpful for your future bug hunting.

#BugBounty #bugbountytips .1/2.While doing bug hunting on Microsoft I found an open redirect, Microsoft was not the only affected company but it was affecting other bug bounty programs that use Microsoft services.

I'm really happy to see a bunch of people who found bugs in bug bounty programs after reading my write-ups.and glad to see that we have crossed +30k views and +10k reads in the last month only on my blog ❤️. #BugBounty

Hello everybody, I Found an interesting vulnerability while hunting on one of the @Hacker0x01 programs, enjoy reading it😀. #BugBounty #bugbountytips #bugbountytips.

Winner winner, chicken dinner 😁, They were expecting path traversal vulnerability but I got RCE 😄.Take a look at my solution for the @yeswehack security source code review challenge you might learn something new. #BugBounty #bugbountytips #bugbountytip.

Inspired by @ghostlulz1337 bug bounty playbook, I published a new write-up about a technique that helped me to get more than 10 RCE in different companies. #BugBounty #bugbountytips #bugbountytip #Pentesting #cybersecurity #bugbountywriteup #redteam.

Hi everybody, Inspired by @_zwink @Zigoo0 file upload videos, I published a new write-up about a P2 vulnerability found while bug bounty hunting.Enjoy 😀. #bugbounty #bugbountytip #bugbountytips #informationsecurity #infosec #bugbountywriteup #Pentesting.

Inspired by the @brutelogic @rodoassis XSS bypasses, I have published a write-up about a filter that I bypassed to get multiple XSS. #BugBounty #bugbountytip #bugbountytips #xss #cybersecurity #infosec.

Inspired by @GodfatherOrwa SQLI tips | I have shared a new write-up about my way of finding some SQL Injections vulnerabilities. #BugBounty #bugbountytip #cybersecurite #infosec #Pentesting.

RT @tbbhunter: How I abused the file upload function to get a high severity vulnerability in Bug Bounty.

Hello hunters,.If you are interested in bug bounty hunting you can watch my PoC videos on my YouTube channel maybe help you to find your first vulnerability.Enjoy 😀. #bugbounty #bugbountytips #bugbountytip #infosec #cybersecurity.

RT @Jhaddix: == Trademark and Copyright Recon ==. How to find assets no other bug hunters have found. One of my simple "secrets" for year….

RT @0x_rood: nuclei templates collection. h….