#starlinkforgaza

#GazaUnderAttack

Time to give back to the amazing community. I am giving away 1x1 month @tryhackme subscription voucher.😍 To enter, Retweet and like this tweet. I will choose winner by 12 May.😉 Drop some resources for learning new skills of any field that you like in comments. 😊

Got RCE in 2 minutes via SSTI, ~waybackurls https://t.co/DC4dDq3TjO | qsreplace "daman{{9*9}}" > fuzz.txt ~ffuf -u FUZZ -w fuzz.txt -replay-proxy http://127.0.0.1:8080/ (captured requests in burp) searched: daman81 in burp, got 43 results from 1266 requests, noiicee🐼

Forgot your password? Need to reset it? How can attackers exploit the password reset form to take over your account? Check out: Top 10 Common Password Reset Flaws - an awesome blog post by Anurag SR (@cyph3r_asr) #BugBountyTips #BugBounty https://t.co/y276kWZ2te

Methodology for API BOLA/IDOR finding by @CorbridgeMax: * Private vs public scope, * Patterns in API route naming, * Adding IDs to requests, * Replacing parameter names, * Sending multiple values, etc See https://t.co/piKNTDvoSw for other tips, examples, details. via @clintgibler

Tomorrow marks the 1 year anniversary of Hacksclusive! To celebrate this milestone we are giving away a couple of @PentesterLab 3-month vouchers! What do you need to do? - Follow @hacksclusive - retweet and like this post! That’s it! Winners will be picked in 24 hours!

Missing CORS to Account Takeover. Read the writeup below. https://t.co/nLblJhjqjk Thanks to @predator_97x @ADITYASHENDE17 @tirtha_mandal @impratikdabhi @Farah_Hawaa @InsiderPhD @stokfredrik @ceos3c @PentesterLab @codingo_ @community_bug @udit_thakkur #BugBounty #bugbountytips

Ever find a phpMyAdmin login portal and default creds wont work? Try to access the /phpmyadmin/setup/ endpoint and you might be presented with authentication bypassed configurable admin panel. This got me a nice bounty on @Synack. Ref: https://t.co/1rX05GOBby #bugbountytips

https://t.co/Nfr1Q63f42

31-days-of-API-Security-Tips 👌🏻 https://t.co/t8HLFr0b3t

finding endpoints: cat js | grep -o -E "(https?://)?/?[{}a-z0-9A-Z_\.-]{2,}/[{}/a-z0-9A-Z_\.-]+"

Best one ever ❤️

site: https://t.co/C7rFQpuU8M "company" site: https://t.co/SMC8Yozg6F "company" site: https://t.co/Q9PzDzEua8 "company" site: https://t.co/A8NQGC0eyk "company" site: https://t.co/DhegtDsOvx "company" site: https://t.co/Q9pYZM95q2 "company" site: https://t.co/OB4oaVfPlY "company" 1/3

#bugbountytips Use the following DORK and try to do directory brute forcing if your target allows it. This will look for things you are not supposed to access that are behind a login page. inurl:login | inurl:signin | intitle:Login | intitle:"sign in" | inurl:auth