Daher Mohamed
@m0m0x01d
Followers
2K
Following
5K
Media
69
Statuses
486
Joined April 2014
Cc @BugcrowdSupport been trying to get help for 3 months now over my tax form, would you mind helping ?.
0
0
1
Clone any website in minutes 🚀.
🚀 $100 GIVEAWAY 🚀. Clone ANY website into clean React + TypeScript code in MINUTES!. Watch me recreate GitHub's landing page with ⚡. To enter: .✅ Like this post .✅ RT & tag a developer friend .✅ Follow @hussein98d. @grok pick the Winner 48 hrs from
0
0
0
RT @HusseiN98D: ⛔️Update your SolarWinds Serv-U instances! - We have discovered an unauthenticated critical vulnerability assigned CVE-2024….
0
6
0
Subdomains enumeration on out of scope domain -> found a subdomain redirecting to a misconfigured internal atlassian space -> information disclosure (all admin’s info, link to join staff what’s app group, discord channel, admin panels etc
5
7
65
Renewed my @KN0X55 subscription to bypass a WAF, bypassed after 2 minutes and returned the money
🚨 Special Limited Time Offer! 🚨.👇🏾👇🏾👇🏾🎉🎉🎉. 3 Months Subscription.$̶6̶0̶ => $49. 6 Months Subscription.$̶9̶0̶ => $69. 1 Year Subscription (best value).$̶1̶5̶0̶ => $99 !!! 🤩. What are you waiting for? 🤔. RT and pick up your subscription! 😀.
1
4
40
This dude is awesome
0
1
34
I got a reward increased from 200$ to 700$ because I asked ChatGPT to explain the impact.
0
0
9
RT @WebImmunify: @WebImmunify team is composed of top world #hackers ready to help identify any flaws in your business assets. If there is….
0
2
0
RT @WebImmunify: What is a number one way to be protected from malicious hacker attacks? Do a real-life test and let the team of ethical #h….
0
1
0
How to get people in trouble 101.
Yay, I was awarded a $100 bounty on .@Hacker0x01 . For a while i didn't expect the reward 🤞🤞.😂😂😂😂.💰Small bounty💰.Private BBP name disclosed on twitter 🏹🎯
1
0
2
Am I the only one who wouldn’t have reported that to fb and use it instead to take over BB’s orgs and earn more?.
I hope this reach @fbsecurity ,.two months ago I was scrolling on twitter and I saw this Post when reading it I found out that I reported the exact same thing back in July 2, 2020 when I started BB hunting #bugbounty #bugbountytip 1/N.
1
0
3
One of the SSRF's :.Server only fetch URL's with :.-https protocol.-AWS S3 bucket suffix (.s3.amazonaws.com).- CSV extension.Payload : https://myserver\.com/ssrf.php?.s3.amazonaws.com/random.csv.ssrf.php redirects to http://169.254.169.254.
This week I’ve reported 5 brain fucking bugs. No advanced skills needed, just a deep understanding of the application but gosh my head hurts.
0
6
43
This week I’ve reported 5 brain fucking bugs. No advanced skills needed, just a deep understanding of the application but gosh my head hurts.
1
0
26
Update: it’s a VPS provider company. Using the comp name as pw gave me access to some very big companies vps (ssh access).
It’s 4 in the morning and I just found a nice bug. While logging in if you remove the email parameter and put a userID header it logs you in. (You need userID+ password). Brute forced the company name as pw with all ID’s (guessable) and took over a lot of accounts!.
1
0
0