PandyaMayur
@pandyaMayur11
Followers
650
Following
10K
Media
134
Statuses
1K
Joined September 2019
If you finds any Swagger ui endpoint try following payloads for xss+html injection. /index.html?configUrl= /index.html?configUrl= /index.html?config= /index.html?configUrl=
15
190
579
RT @Xbow: Sometimes the most illogical approach wins. XBOW discovered XSS in Salesforce Aura by testing aura.format=JSON - which counterin….
0
47
0
RT @BugBountyDEFCON: Big news: For the first time, Bug Bounty Village is hosting a CTF competition with our partners @CTFae! Get ready for….
0
7
0
@ASUSIndia @ASUSIndia . I know now my laptop is our of warranty but I want on site(at home) service to fix this issue. I don't have any problem with any fees that it will take. But please issue any engineer to fix my problem with parts replacement asap. .
1
0
0
RT @msftsecresponse: At just 13 years old, Dylan Ryan-Zilavy became the youngest security researcher to collaborate with MSRC. What started….
0
11
0
Vulnerability research != bug hunting, and bug hunting != vulnerability research.
I’ve been getting asked a tonne of questions about XBOW and bounty hunting. Von and I did a security flash last week after a CVE in PANW firewalls found by XBOW was adapted into a Nuclei template, prompting a TONNE of discoveries and submissions across the Internet… In this.
0
0
4
Disclosed. June 16: .
@pandyaMayur11 reveals how 2,000 healthcare tenants were hijacked via a broken SAML auth flow.
0
0
3
RT @OriginalSicksec: 🎉 Since it’s my birthday, I want to give back to the community! 🥳.I’ve got 5 one-month PentesterLab vouchers to reward….
0
37
0
🔥🙌.
Hacking Windsurf: I asked the AI for the shell, it said yes. new video’s out. I show how I could’ve hacked you… just by getting you to click my link. Link posted below.
0
0
1
RT @RogueSMG: Seen some discussions around this lately, the idea/wish to be an "Ultimate Hacker" - master of web, mobile, cloud, IoT, hardw….
0
4
0
RT @bsidesahmedabad: 🚨 OSCP GIVEAWAY ALERT🚨. We’re giving away 3 OSCP vouchers to supercharge your pentesting journey – proudly sponsored b….
0
601
0
RT @infosec_au: IP whitelisting is fundamentally broken. At @assetnote, we've successfully bypassed network controls by routing traffic thr….
0
235
0
RT @HacktronAI: Takeaway: Legacy enterprise apps + modern AI auditing = good security. Your "quiet" endpoints aren’t safe just because they….
0
3
0
Do check it out. i just published this writeup on APISEC|CON CTF 2025 Challenges.
0
0
3
Drone attack on India means they want FULL scale war. India should retaliate!!. And fuck them all!! . Go India Go!!.
0
0
2
RT @BugBountyDEFCON: 🚨New giveaway alert🚨 We are giving away some vouchers for @offsectraining.* 1x PEN-200 Course and Cert exam bundle (OS….
0
382
0
