Fares
@_2os5
Followers
1,966
Following
161
Media
137
Statuses
2,291
Explore trending content on Musk Viewer
HAPPY 3RD BINIVERSARY
• 152327 Tweets
Ciotti
• 92053 Tweets
#TimnasDay
• 45251 Tweets
うたコン
• 31219 Tweets
刀剣男士
• 27335 Tweets
オリックス
• 27276 Tweets
ライエモ
• 20375 Tweets
VIVA CARNIVAL
• 13222 Tweets
ジャクソン
• 13173 Tweets
Thom Haye
• 11525 Tweets
Pinned Tweet
وَاتَّقُوا يَوْمًا تُرْجَعُونَ فِيهِ إِلَى اللَّهِ ۖ ثُمَّ تُوَفَّىٰ كُلُّ نَفْسٍ مَّا كَسَبَتْ وَهُمْ لَا يُظْلَمُونَ (281)
0
0
7
The new cve is really cool
Shodan dork
Ssl:”domain” 200 http.title:”citrix gateway”
#bugbountytips
5
85
318
I liked these resources *Business Logic Issues* about
1-
2-
3-
4-
most bugs:
#bugbountytips
#bugbounty
5
106
232
6
6
164
how can I exploit this? using terminal
@GodfatherOrwa
@ArmanSameer95
@RelentlessT7
@OriginalSicksec
@kenansec
#bugbounty
#bugbountytips
19
26
128
yeah, I just found my first High vuln on
@Bugcrowd
for a Full account takeover
the severity changed from P1 to P2 bec my bug wasn't on the main version
#BugBounty
#bugbountytip
9
7
107
Tips:
the app was using JWT on resetting the password so I copied my JWT and paste it here
the JWT contains email info so I changed my email to victim's email and I copied the JWT (with victim's email)
1/x
#bugbountytips
#BugBounty
yeah, I just found my first High vuln on
@Bugcrowd
for a Full account takeover
the severity changed from P1 to P2 bec my bug wasn't on the main version
#BugBounty
#bugbountytip
9
7
107
10
17
109
I earned $$$ for my submission on
@bugcrowd
#ItTakesACrowd
SALESFORCE STILL ALIVE
just do recon
10
7
86
I found an IDOR leads to leaking PII via profile id
but the profile id is unpredictable UUID
does HackerOne accept it?
#bugbountytips
#BugBounty
17
1
76
stored xss via PDF file upload.
and the file will be stored on (s3. amazonaws. com)
is it informative?
#bugbounty
14
5
70
one month ago I reported a bug and I got N/A
one week ago I reported the same bug to the same program and I got Triaged
#BugBounty
never give up
9
0
53
I found this page at phpmyadmin/setup BUT I don't know is it enough to say it is critical?
#bugbountytips
#BugBounty
8
9
49
4
1
43
I found this config.js file leaks many api_key and client_id and secret id
I tried to connect to the service using Curl, but it didn't work
@GodfatherOrwa
@MrTuxracer
@HusseiN98D
#bugbountytips
2
7
38
when I put (resultsPerPage=20) I got this
but when I put (resultsPerPage=')
what do u think about this
#BugBounty
5
6
34
even it is informational I got a reward
thanks
@Bugcrowd
BTW ( it is a valid bug)
#bugbountytips
#BugBounty
2
1
34
I have a Txt file with full of URLs
How can I extract all endpoints?
any tool or a command?
#BugBounty
#bugbountytips
11
4
31
الحمدلله
default credentials: test/test
information: endpoint has (token-secret and other things)
#BugBounty
#bugbountytips
3
1
32
@0xRh1d0Y
@GodfatherOrwa
normal dork :
1-ssl:"target{.}com"
2-found a valid IP
3- 2x FUZZ
Information Disclosure
5
1
29
organization has a limit to add users (email) only 4 users
I tried race conditions but I can't put something like $$ as in the intruder
any suggestions
#bugbountytips
#BugBounty
5
0
28
I found two valid bugs on two programs
they accept it and now both two programs are CLOSED
1 report status: Triaged
2 report status: UNRESOLVED
BBP
@Bugcrowd
#bugbountytips
#BugBounty
4
1
24
1
4
22
he really didn't even read the f POC
just close it as N/A and everything is clear
and request mediation is not allowed
wow
@Hacker0x01
I don't usually hunt on HackerOne and that is why
4
0
23
The internal team downgraded the severity from P2 to P3 and paid the minimum P3 :)
#BugBounty
1
0
22
How can I escalate cache deception that leads to leaks victim information like email, username etc.
any suggestions
#bugbounty
@bxmbn
1
1
21
I have been trying to understand HTTP request smuggling
it is as complex as >>>>
any suggestions
#BugBounty
2
0
21
Is cache deception considered to be social engineering?
@bxmbn
#bugbounty
How can I escalate cache deception that leads to leaks victim information like email, username etc.
any suggestions
#bugbounty
@bxmbn
1
1
21
3
1
21
I got duplicate report of my report
first report the bug was on () Traiged.
second report bug was on () Duplicate of first.
{since the fix is the same} right?
#BugBounty
7
0
21
after coping the JWT I went to the reset password page and I wrote a new password and intercept the request
the JWT was verified on GET request but NOT ON POST request
so I changed the JWT(has my own email) with JWT(has victim's email)
and forward the request and yes full ATO
1
3
20
I found two paths have the same parameter (url)
it is vulnerable to ssrf
should I report them in one report?
#bugbountytip
#BugBounty
6
1
19
An application that can create a project and add user to my organization
I found xss in a project and once the user enter that project the xss will execute
Is this stored xss?
#BugBounty
1
2
17
If the program blocks me when I fuzz.
How can I bypass this block so I fuzz the directory?
#bugbountytips
#BugBounty
5
0
17
1- try to post a blog and intercept the request
2- make HTML file for csrf
3- send it to the victim, once he opens it he will post a blog with the attacker's content
4
1
17
weird thing on reset password If I want to reset my password, it will change my password and send it to my email without verification so in this situation, I can change anyone's password! does this consider a bug? because it is developer's fault
#bugbountytips
#BugBounty
5
0
17
I was able to use paid features even though the 7 days expired. And still works
Does this consider a bug!!?? I got N/A from it on
@Bugcrowd
#bugbountytip
8
0
15
I have access to a site on Chrome that has 2FA (I Bypassed it)
I can't do it again as it required social eng
how can I access it on Firefox?
I have the creds but 2FA!
#BugBounty
2
1
15
I found a (low) bug that affects the main domain and the whole subdomains, they have the same path and they have the same bug
main domain + 25+ subdomains are affected!
should I report it in one report right?
#bugbounty
@Hacker0x01
3
0
14
I faced this situation where I could only login.
via email and password or via Google etc.
but there is no signup function
so I tried to login with Google which it is not a registered account
is it a normal thing?
#BugBounty
3
0
13
While signup there is email verification, after login I can change the email to any email without email verification.
So I bypassed the email verification
Why it is P5
@Bugcrowd
#bugbounty
1
1
11
3
0
9
TIP: using nuclei if you got anything like this here tips to try if there is email spoofing or not
1- go to and Enter Target Website E: (Do Not add https/http or www) and Hit Check SPF(IF ANY)
1/2
3
5
8
I found IDOR yesterday, after reporting it I tried to test it again I found that this issue has been fixed! = Duplicate
Welcome to
#BugBounty
0
0
7
@GodfatherOrwa
@XHackerx007
@Bugcrowd
that payload works in every endpoint?
target,com/{payload here} ?
1
0
5
@s3c_krd
@Hacker0x01
congrats, but something is not good here.
you added
#bugbountytips
BUT I see no tips here!
1
0
7
@Bugcrowd
must add CVSS calculator as
@Hacker0x01
this is unbelievable to get rewarded with the minimum range they put!
the range for P3 is 200-700! and I got rewarded as the internal team feels to reward?
@Bugcrowd
please put CVSS calc
#bugbounty
#bugbountytips
2
0
7
@BountyOverflow
I know Authentication Bypass via Response manipulation or brute force
but where do you use these headers to bypass?
5
0
6
Has anyone tried Heroku subdomain takeover?
I claimed the subdomain
But I am struggling with deploying.
#bugbounty
0
1
6
@nayeems3c
@Bugcrowd
check:
كل عام وانتم بخير
انتهيت من برمجة CirrusGo
أداة موجهة لفحص واستغلال بعض أنواع
التطبيقات في الكلاود تمت برمجتها بلغة Go
بدأت بأشهر تطبيق SAAS
الخاص بشركة Salesforce
بإذن الله بفصل
عن اختبار اختراق تطبيقات SAAS
#امن_المعلومات
#BugBounty
13
43
185
1
2
5
@GodfatherOrwa
where do you inject Time-Based payloads?
do you write them or use a wordlist with intruder?
how do you know that you have to try SQLi in a specific parameter?
1
0
5