Just a 6'5 feet curly hair guy looking into the code assuming that he'll find bugs. (And he does😌)
Security Researcher
@techfund_inc
( We're comingggg.... )
Hello,
#Infosec
people😁, I hope you are all doing well, As you know, I am learning
#web3
and I want to share my knowledge in the form of threads. So here, I will explain about Basic fundamentals of Web3 i.e
#Cryptography
.
Title ~ CRYPTOGRAPHY FOR WEB3
~ 1/n
Found a bug in the Live Contract where I was able to claim all the funds.
Currently Funds at risk: $520,000(on Ethereum), $760,000(on BNB)
It's 3:48 A.M here and the hype is killing...gonna report it and let's see how it goes.
#infosec
#SmartContracts
The wait is over!🔥 I personally wrote about all my methodologies and also answered some FAQs at the end! Do check it out and let me know :)
#infosec
#bugbounty
#bugbountytips
:
What a month it is!!! Such a Great Start as I earned $1200 on the First day of the month🔥.. With this, I officially crossed $11,000 mark in last 6months 1day😌. Much more to come🌊
#bugbounty
#infosec
#cybersec
Will this remain as a dream?💔I felt that Kohli is playing under captaincy pressure which results in Poor Batting. Now, Expecting some magic to go on so that India Can qualify for Playoffs. Missing you mahi
#missingdhoni
#captaincy
#MentorDhoni
#INDvENG
#Kohli
Vulnerability: Race-condition leads to Memory Corruption and Partial ATO'😉
Thanks to
@ADITYASHENDE17
for teaching Memory Corruption attacks 🔥 Special thanks to
@AkashHamal0x01
for motivation.
Tip ~ Find out some ways to damage
the resources😅
#bugbounty
#infosec
Got my B1/B2 US Visa approved and stamped in my passport yesterday.
Glad to announce that I'm invited as a Judge for
@HackMIT
2024 happening at MIT University! 🙌🏽
Flying to Boston on September 12th.🫠
Here is the Blog, I promised to share community❤️😁
I am eagerly waiting for your reviews on this blog. See you in the next tweet🔥❤️
#bugbounty
#hacking
P1 Vulnerability: How I chained Logical-Error to Account-Takeover Vulnerability 😈🧑💻that No-One…
Some People Said, "You're too young to achieve this". But they never saw the story behind.
It's been 7055 days since I was born. And I always wonder what I've done so far. Because I always feel there's something I still need to do and this is the only thing that keeps pushing
SCAM IN BUG BOUNTIES!🤬
Fuck
@c0insbit
. Almost 135days, I reported a serious vulnerability where I can log in to any user account and can able to transfer their whole funds into my wallet without user injection. I reported it to the security team,
1/n
@annieSteeph
Felt the same. But I've not removed my jersey because I don't want to.
I truly admire true RCB fans but these toxic traits spoil the culture.
Peace.
I would hire a group of
#BugBounty
hunters instead of people who had done certifications especially while doing a Web-Application pentesting. Everyone will follow OWASP Top 10 but you need that BugBounty mindset to actually compete with other
#cybersecurity
firms.
#infosec
Well, My prediction never went wrong🥲. If you don't believe in you and your methodologies, nothing works out. So happy to find ' Medium ' Level Vulnerability in
#metaverse
kind of Company.
Thanks to
@LiveOverflow
[you know why🥲], I ended up giving an detailed report
#infosec
First Day of the week and I ended up getting back to back "Duplicates". Still somewhere I feel like, I will find P2 or P1 within next few days...... [ On leave from 7th June ~ 10th June ]
#bugbounty
#infosec
You're my initial inspiration when I started into cybersecurity. Thanks for all the contributions and the stories that you've shared.
#RIP
Kevin Mitnick
Everyone loves black dress, black car, and everything that was in black,
But when it comes to people why do you prefer white? Why are you showing no interest towards dusky people? Why are u showing discrimination?
Colour doesn't matter, Character does❗❗❗
This is unexpected🥺Thank you so much! 1000 Followers on Twitter mean a lot to me. I will be contributing more stuff from my side in the near future. Thanks once again. 💖
It’s been an amazing year! I just got to know that bounties from
@immunefi
and
@HackenProof
make up “66.27”% of my total bounties this year🔥
Current ranking at Immunefi ~ 213th
Current ranking at HackenProof ~ 66th
1/2
I am considering to write a blog soon,React with appropriate emoji’s😊
🔥 - How I earned $10,000+ within last 7months at the age 17. [ My Methodology and My Target Choosing tips ]
⭐️ - My Key-Takeaways on Race-Condition Vulnerabilities.
#infosec
#bugbounty
#bugbountytips
[Harsh Truth]: Why only
#bugbounty
people are getting more rewarded? Why not internal pen testers? Red Teamers, Blue teamers or etc? Don't get scammed by the money you look in
#bugbounties
. It's not easy to survive in bug bounties.
#infosec
#cybersecurity
Bounties all the way!!!
Tip ~ Read as many blogs as you can and test them on your targets and Try to escalate it.
Vulnerability ~ Race Condition
Bounty ~ $ XXX 🥲secret saar.
#infosec
#bugbounty
#bounty
A huge shout out to all my
#infosec
guys who had supported me on Medium.I achieved 150Followers only for 2 blogs till now. I never expected it😭. My next blog will be coming soon and it will be damn interesting for sure, I promise
#bugbounty
#bugbountytips
#hacking
#cybersecurity
The best bug bounty tip that I can give is: “Revisit all the old programs that you hunted on, developers are making changes frequently and there is a high chance of exploiting it again.”
#bugbountytip
#infosec
I’m giving away one pass to attend
@bsidesahmedabad
…A Random Winner will be chosen on 19th September, 6PM IST.
Comment why you started your journey into
#infosec
[Honest Answer Only] - A Random Comment wins.
❗️Don’t say I wanna secure this world 🤣]
#bugbountyjourney
How can we bypass 2FA i.e Google Authenticator? Need some tips badly.
Things I tried:
✅Tried Response Manipulation
✅Tried Changing the password of user in order to get new token [ usually there is link b/w token and 2FA]
BUT NOTHING WORKED
#bugbounty
#infosec
#cybersecurity
Heyy Fam,
We're looking for Security Researcher who can join us at
@techfund_inc
to help us in making this
#web3
more secure.
At
#TechFund
we provide industry-level compensation and you'll have lot to learn as we're a Startup accelerator company.
#infosec
#jobs
#hiring
Bought
@PrettyRecon
Subscription today😅, I and
@IamRenganathan
spent some hours on some programs and reported vulnerabilities to VDP programs on
@Hacker0x01
🙃Still a lot more to go......A great start after a short break🔥
#bugbounty
I am considering to write a blog soon,React with appropriate emoji’s😊
🔥 - How I earned $10,000+ within last 7months at the age 17. [ My Methodology and My Target Choosing tips ]
⭐️ - My Key-Takeaways on Race-Condition Vulnerabilities.
#infosec
#bugbounty
#bugbountytips
Giving a small break to
#bugbounties
and gonna start Focusing on other areas! I earned $2000 dollars only in January,2022 and it really helped me a lot❣️Thanks to everyone who supported and helped me! It's time for learning new things and meeting new people 🔥
#bugbountytips
Believe Me! Hacking into a company worth crores in monthly revenue is so fun and concerning at the same time.
From ATO to Database Dump and the story continues...
Will be publishing a blog about it soon.
Note: I'm hacking with permissions.
#infosec
#hacking
Don't call yourself a Bug Bounty hunter if you just rely on automation and simple script Kidde tools.
It's all about understanding the program's functionalities and testing in a hacker mindset.
I don't use automation and solely hunt on logical bugs.
#infosec
#bugbounty
I am so happy❣️ Thankfully majority of people recognised me from
#twitter
and
#medium
blogs. And it was super fun to interact with people, solving their doubts on Race-Conditions, Showing some POCs, and much more. Thanks to everyone and I will see you in
@dc_9111
0x06😅
It was my privilege to attend
#defcondelhi
#0x05
, I really appreciate the
@dc_9111
whole team who are so supportive and thanks for the event. I started feeling nostalgic 🥺, my sincere thanks to
@DotSlashTX
for making this possible and also for your concern during the event❣️
My target is to “Find at least 1 vulnerability “ within next two days (Medium or High or Critical).
I’ll update you guys again on Monday. (5th June, 2023).
#challenge
I'm so glad to receive these gifts and a special message from the CEO of
@BlockSecTeam
.
Would love to contribute more to the community! And special thanks to the team
@MetaDockTeam
.
Let this be the starting point! I'll be explaining about the smart contract challenges in simple terms in my blogs.
I'll try to complete this series within next few months😅🥲. Hopefully we can learn together and earn together 😜.
#blockchain
#infosec
@sayharshit
In my personal opinion, He meant that he is unavailable. you can have simply asked him to do remote research internship if possible and if you're really determined.
But yeah, he could have replied in more positive tone though.
Yesterday, I've been deep diving to the utter basics of ECDSA to learn more about Signature Malleability and here are the best resources I found: (in order)
1)
2)
3)
1/2
Officially taking a 3months break from all social-medias…I will come back stronger and contribute more to the community.
If you wanna connect with me, Mail me and that’s the last option. :)
I got my first 50 followers on
@Medium
after posting my first blog. It's a huge moment for me. Thanks to everyone who supported me till now❤️My 2nd blog will be coming too soon and definitely you will enjoy it.
My profile -
#infosec
#cybersecurity
Episode 120: Voulnet by
@Voulnet
on
@DarknetDiaries
is one of the most interesting stories that I had ever heard. It was really fascinating and terrific at the same time.
Must listen if you are in
#infosec
or in
#cybersecurity
Heyy
#infosec
people, Been long time huh….
So during my exams days, I
#hacked
into an “Hacking Company” which basically finds vulnerabilities in Smart Contracts and in
#Blockchains
. Typically it is an
#CyberSecurity
Company for WEB3.
Here my question, Should I write a blog?
On July 2nd, 2022 I got my first 1000 followers and within the next 1month, we gained 500 followers❣️🔥. I am so happy to hear Appreciations along with some valid feedbacks(even though those are harsh).
It's all about improving day by day. Thanks for your utmost support 🤩🤩
What a vibe🔥It was so fun to talk with
@Naina_2728
who is so determined about her stuff. I love the way she talks and explains❤️Thanks for giving your precious time😅Would love to build more things with you🫂And All the very best to
@tweepsbookcom
😉
Hey
#Infosec
and
#WEB3
people, I need a help…If I can stop any person from withdrawing the funds for next 24hrs[assume we run this in loop]…what will be the severity of this vulnerability?
Will it be “ H I G H” or “ C R I T I C A L “? Please let me know
Going through some old Audit reports from
@trailofbits
and saw that they reported the possible front-running attack of Initialisation functions.
And I'm just thinking what's the better way of fixing this issue?
1/2
We are done with
#defcon0x05
guys🔥. Lots of engagement and energy..I am grateful for everyone who inspired me in some way or the other. See you next time.
@dc_9111
This is so true! That's the reason why you need to stick with the program for a long time. I know this person
@AkashHamal0x01
who is so consistent in one program and earning a lot🥲.
Don't fall for low-hanging fruits, Escalate it...
reel: There are millions of bug hunters on platforms. So much competition. No bugs left etc.
reality: Less than 500 hunters are making money every month (who do consistently). Less than 5 people in each program are hunting consistently.
1/n
Hack into a crypto company and earn millions of dollars. ( Illegally )
Report legally and get paid 4digit figures. ( Legally )
It is what it is. You might get a low bounty but it is worth reporting. Someday or the other, the world will recognise you for sure.
#infosec
#web3sec
Officially my last day in
#Goa
and it's time to Go Home...I got Lots of memories here and it was super fun.
Thanks to everyone who contributed to
@nullcon
in some way or the other.
1/3
Life has no guarantee. No One Knows when you gonna leave this Earth. “Enjoy Every Moment” - “Stop Spreading Hate, You won’t gain anything Out Of It”.
Instead, “Spread Love and Educate them, People will at least remember you every year”.
#infosec
#truth
I'm not a firm believer in
#AI
tools who claims to yield better results as compared to traditional auditor. But,
Today I spoke to the COO & Co-Founder of
@TRUSTBYTES_X
,
@JonasIndepen
who is super curious (Damn, he asked tons of questions🥲) about Security in Web3 aspect as
Hello
#infosec
#CyberSec
, I am looking for some internships. I need to get some real-life experience. If u know any internship offers please let me know and also share them here so it might help others❤️
[NOTE] - I won't care whether it's free or paid,All I need is Experience 🔥