Post 16/30 : Quick SQLi OneLiner SQL Injection One-Liner waybackurls target[.]com | grep '=' | sort -u | nuclei -t ../fuzzing-templates/sqli -dast Working: This fetches all URLs with query parameters for the target domain using waybackurls, filters unique parameterized

I found an SQLi on the main app and I was able to execute any SQL function. They “fixed” it in two days and downgraded it to High, saying it was “read-only”💀 Anyway, below how I bypassed the WAF using parameter pollution #BugBounty #bugbountytips

🚨🔴CYBERALERT 🇫🇷FRANCE🔴 | Eurofiber victime d'une cyberattaque : +3600 clients impactés dont SNCF, AXA, ... ⤵️ Eurofiber France a subi le 13 novembre 2025 une énorme cyberattaque. Le groupe cybercriminel ByteToBreach, très aguerri,.a exploité une vulnérabilité (SQLi)

Wallah chui en pleure 😭 on peut clôturer l’année 2025 sur cette vidéo venu tout droit d’la Belgique 🇧🇪

Hey #bugbounty hunters 👋 just got rewarded 5,000💲on a self hosted program for a Sqli vulnerability 😉 #Hacking #cybersecurity #EthicalHacking #infosec

Dropped a couple SQLi’s and slipped past an admin panel. Get a little break from work and find SQLI's this is the best recovery #BugBounty #BugBountyLife #EthicalHacking #CyberSecurity #InfoSec #SQLi #WebSecurity #KeepHacking

You can try the Suggest Attack Vectors feature in rep+. Add your Anthropic key and get quick ideas (IDOR, SQLi, weird params) right in the browser. I also used Bulk Replay to test without leaving DevTools. PS: Always understand what you’re doing. Never trust the LLM blindly.

December achievements finished strong 🥰❤️ I discovered and responsibly disclosed 15 vulnerabilities, including: RCE (Remote Code Execution) 2× IDOR 2× BAC (Broken Access Control) Stored XSS 2× Reflected XSS 4× SQLI Misconfiguration Business Logic flaw Information Disclosure

If you find PHP 8.1.0-dev then try RCE & SQLi User-Agentt: zerodiumsleep(5); User-Agentt: zerodiumsystem('id'); #bugbounty #bugbountytips #rce #sqli

oupsss !!! Eurofiber victime d'une cyberattaque : +3600 clients impactés dont SNCF, AXA, ... ⤵️ Eurofiber France a subi le 13 novembre 2025 une énorme cyberattaque. Le groupe cybercriminel ByteToBreach, très aguerri,.a exploité une vulnérabilité (SQLi) -CVE-2025-24799- dans

🐞Bug Bounty Tips🐞 🕷️How to Find SQL Injection in Registration Page? 🐜Try this in the username/email injection point: #bugbountytips #bugbounty #bugbountytips #sqli #Professor #CyberSecurity #sqlinjection

Let’s keep our country safe. Four types of SQLi in a single shot is crazy 😅

Today I discovered an SQLi vulnerability in a PostgreSQL application where the injection point was path-based with strict length restriction (32 chars). Spaces, slashes, quotes, and parentheses e.t.c. resulted in a 400 Bad Request error and the path wasn't URL-decoded

🚨 BUG BOUNTY TIP: SQLi Login Bypass Payloads! 🚨 A classic SQL Injection attack can completely bypass a login form if the input isn't correctly sanitized. Always test for these when looking at login/auth endpoints: The -- (or # for MySQL) comments out the rest of the query,

Fortinet #WAF #bypass for SQLI ----------------------------------- I recently came to an SQLi blocked by a Fortinet WAF and all my initial attempts to bypass via Encoding was unsuccessful. I finally was able to bypass simply appending more than 1K of junk.

I reported 2 SQLi bugs to an @intigriti public program all accepted and fixed Found 3 more. Submitted one, triager confirmed it, but the company still marked it “internal duplicate” with zero proof. Now I’m keeping the other two to myself no point feeding them free fixes 😂

Always don’t forget to thank @nextjs for the root #BugBounty #BugBountyLife #EthicalHacking #CyberSecurity #InfoSec #SQLi #WebSecurity #KeepHacking

PROJET LAMINE YAMAL EN COURS 🤓🤓🤓

𝗟𝗼𝗴𝘀𝗲𝗻𝘀𝗼𝗿 🕵🏽‍♂️ Herramienta en Python para descubrir paneles de login y escaneo de SQLi en formularios POST. Soporta escaneo de múltiples hosts, escaneo dirigido de formularios SQLi y proxies. 🛡️ 🌐 https://t.co/mPeOVIutYD #Logsensor #SQLI #Pentesting #CyberSecurity