Rohit
@rohsec
Followers
10,080
Following
183
Media
514
Statuses
3,390
Bug Bounty Hunter | @Hacker0x01 Ambassador | Creator - @h1disclosed . The Only Easy Day Was Yesterday Born in India, Made on Battlefield
Joined August 2019
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
高市さん
• 287026 Tweets
高市早苗
• 252004 Tweets
石破さん
• 233414 Tweets
石破総理
• 161571 Tweets
自民党議員
• 133789 Tweets
決選投票
• 127590 Tweets
石破新総裁
• 110278 Tweets
#SCOUPSxLoeweSS25
• 101735 Tweets
総理大臣
• 97867 Tweets
日本終了
• 89821 Tweets
石破ショック
• 69179 Tweets
علي النبي
• 65265 Tweets
SCOUPS FOR LOEWE PFW
• 59701 Tweets
女性総理
• 48184 Tweets
Hayırlı Cumalar
• 46782 Tweets
石破政権
• 44684 Tweets
岸田さん
• 36882 Tweets
次の選挙
• 32111 Tweets
決戦投票
• 29427 Tweets
さユりさん
• 28060 Tweets
日経先物
• 27073 Tweets
日本保守党
• 26210 Tweets
解散総選挙
• 24526 Tweets
石破かよ
• 21705 Tweets
#يوم_الجمعه
• 17898 Tweets
株価暴落
• 16575 Tweets
金融所得課税
• 16006 Tweets
日経平均先物
• 15709 Tweets
#جمعه_مباركه
• 12769 Tweets
#原神予告番組
• 12326 Tweets
ミカヅキ
• 11618 Tweets
短命政権
• 10254 Tweets
🚨 ALERT !! 🚨
Today, I will be sharing my complete recon process below this tweet.
Stay tuned !! 😉
#bugbounty
#bugbountytips
#cybersecurity
42
121
660
🚨Tool Alert !!🚨
Introducing LEAKEY a tool for validation of any leaked credentials 🔑
The idea behind LEAKEY is to make it highly customizable and easy to add new services/checks once they are discovered 🚀
#bugbounty
#bugbountytips
#cybersecurity
5
155
503
🚨Attention Hunters !!🚨
Typical BugBounty Automation SaaS $200/year 🤡🤡
Don't fall for this kind of BS, each one of them are basically running Open Source tools behind the scenes :)
#bugbounty
#bugbountytips
#cybersecurity
25
57
364
🚨 ALERT !! 🚨
Today, I will be sharing my complete recon process below this tweet.
Stay tuned !! 😉
#bugbounty
#bugbountytips
#cybersecurity
17
48
349
43
27
319
My 2022 BugBounty Goals🎯:
- 20k in Bounties
- 2000 Reputation points on
@Hacker0x01
- 20x swags from Sony (For local charity center)
- 20x RedBull trays (For local charity center)
- [Redacted]
#bugbounty
#togtherwehitharder
13
15
293
Guys, you don't need sed to url encode, curl supports url encoding out of the box 🤷♂️
Use the --data-urlencode flag with curl 🙃
#bugbounty
#bugbountytips
#cybersecurity
I write small bash script of
@KN0X55
I add sed -i 's/&/%26/g' to first encode url and forward to scanning.
2
6
55
39
121
246
Starting a new
#bugbounty
target? Here's a quick guide to help you hit the ground running 🧵👇 :
#bugbounty
#bugbountytips
#cybersecurity
19
66
232
🚨Tool Alert !! 🚨
For the past few days I have been playing with
@streamlit
and I must say it's awesome to spin up quick prototypes
I created this BugBounty Helper Tool Kit & it merely took 10 minutes, check out👇
#bugbounty
#bugbountytips
#cybersecurity
3
47
185
🚨Attention Hackers !!🚨
BetterBugBounty - Collection of Classic Tools for Legendary Bug Bounty Hunts
- BurpSuite 1.7
- FoxyProxy's OG version
Even
@zseano
can vouch for this nostalgic thrill! 😉
#bugbounty
#bugbountytips
#cybersecurity
6
32
184
Added to the tools section, now you can extract subdomains using certificate transparency logs.
Check out below 👇
#bugbounty
#bugbountytips
#cybersecurity
🚨Tool Alert !! 🚨
For the past few days I have been playing with
@streamlit
and I must say it's awesome to spin up quick prototypes
I created this BugBounty Helper Tool Kit & it merely took 10 minutes, check out👇
#bugbounty
#bugbountytips
#cybersecurity
3
47
185
5
47
177
Thank you everyone for the +ve feedback, since a lot of you were asking about the scope & bug types
🔭Scope:
Main App(www,target,com)
🐞Bug Types:
- Business Logic Issues
- BAC/IDORS
- CSRF Bypasses
- SSRFs
- XSS
Success or Failure ?🤔
#bugbounty
#bugbountytips
#cybersecurity
12
21
167
#bugbountytip
🧵👇
Over the time doing bug bounties, I have learned it's okay to not know everything beforehand. I have started "learning on the fly". Stop wasting too much time learning everything beforehand and start doing.
1/n
#bugbounty
#bugbountytips
#cybersecutiy
#infosec
8
34
169
What's the first thing you test here ? 🤔
P.s 🍃Spring Framework in place
#bugbounty
#cybersecurity
#bugbountytips
37
15
163
My 2023 BugBounty Goals🎯:
- 40k in Bounties
- 5000 Reputation points on
@Hacker0x01
- Get back to basics and complete
@PortSwigger
Academy
- Optimize
@h1Disclosed
- Read 2 disclosed reports daily
- Connect more with the community
#bugbounty
#togetherwehitharder
2
16
161
Received my
@Hacker0x01
Ambassador swag kit and it's amazing !!!!!!!! 🤩 🔥
Thnkx
@Hacker0x01
for the awesome swag pack 🙌
#bugbounty
#bugbountytips
#cybersecurity
#WorldHealthDay
#infosec
6
7
152
New setup 😀✅
🙏🌟 A heartfelt thank you to the incredible bug hunting community for their unwavering support! 🙌
Shoutout to platforms like
@Hacker0x01
,
@intigriti
&
@Bugcrowd
for providing the perfect playground for bug bounty hunters.
#bugbounty
#cybersecurity
#infosec
15
8
142
📢 Hello Hackers !! 📢
I will be at
@bsidesahmedabad
with some cool
#h1
stickers.
If your at
@bsidesahmedabad
next week, don't forget to say hi and grab some awesome
@Hacker0x01
swags & stickers 🤩
#bugbounty
#bugbountytips
#cybersecurity
#Ahmedabad
24
10
144
Bugs I never or rarely look for while hunting
1. oAuth
2. Jwt
3. SAML
4. SQLi/XSS (mainly due to WAF and modern frameworks)
If you ever get duped for these and see me on the program, remember it's not me🙃
Comment the bugs you commonly don't look for.
#bugbounty
cc
@theXSSrat
8
8
133
6
5
134
There' s something special about this video, makes the geek in me happy every time 🙃
This is your reminder to watch this quality content from
@TomNomNom
and
@stokfredrik
from 4 years ago 😆
#bugbounty
#bugbountytips
#cybersecurity
6
25
129
Hey everyone, I just published my very first blog on how YouTube can be used in Recon. This is my very first and basic attempt at writing blogs, man this is tedious task.
@theXSSrat
@intigriti
@PinkDraconian
mind reviewing it?
#bugbounty
#bugbountytips
7
39
113
🚨Tool Alert !!🚨
For the past few days I have been playing with
@pyscript_dev
and I must say this is freaking awesome 🚀
I re-implemented
@TakSec
's Google Dork tool using PyScript, check out 👇
#bugbounty
#bugbountytips
#cybersecurity
5
35
108
🚨Tool Alert !!🚨
Jsluice by
@TomNomNom
@bishopfox
🔥
Jsluice is a Go package and command-line tool for extracting URLs, paths, secrets, and other interesting data from JavaScript source code.
#bugbounty
#bugbountytips
#cybersecurity
4
26
103
Your
@Hacker0x01
stats on your palm 🫣
Working on this handheld Hacker card, open sourcing the code once finished 😃
Custom H1 Swag idea 👀
@Arl_rose
@jobertabma
@scarybeasts
#bugbounty
#bugbountytips
#cybersecurity
9
6
91
🚨Tool Announcement !! 🚨
🔎🐛 Introducing Bounty Meter, the utility tool for bug bounty hunters to set targets, track bounties, and stay motivated.
Add, remove, and visualize your progress with ease.
#bugbounty
#bugbountytips
#cybersecurity
2
18
91
Recon via YouTube 👀 Yes you heard it right, it's actually a thing, YouTube can be really handy while doing recon, found some good overview of target ultimately leading to easy Critical within minutes. 💯
If you need a blog, let me know🙏
#bugbounty
#bugbountytips
@theXSSrat
9
11
86
Just published my second write up "A Developer's Nightmare: turning $300 into $1125"
@theXSSrat
@BeersxNem0x0
@0xPrototype
@BrunoModificato
@jonathandata1
@bxmbn
@tabaahi_
@rachitaroraa
@therceman
@pudsec
@0xJin
@0xGodson_
#bugbounty
@bugbountytips
2
40
89
🚨Attention Everyone !!🚨
You can find all of my articles here 🙂
I will be publishing a new article about Recon here real soon.
Stay tuned !! 😉
#bugbounty
#bugbountytips
#cybersecurity
2
20
91
A quick one liner to achieve the same in your terminal👇
===================
curl -s '' --compressed -H 'User-Agent: Mozilla/5.0'|jq -r '.[].common_name,.[].name_value'|sort -u
===================
#bugbounty
#bugbountytips
#cybersecurity
Get a list of domains associated with a target by using !
Here's how to get a whole list of associated domains for 👇
0
6
29
2
37
89
Complete Payment Bypass to Use Enterprise features 🫠
H1 Triager marked as High, program reduces to Low after 2 months 🤷♂️
Security Issue or Fraud Issue ? What do you think?🤔
#bugbounty
#bugbountytips
#cybersecurity
10
1
85
9
6
87
#bugbountytip
:
Forget all the fancy tools and scripts, all you need is your browser and a proxy tool to get started.
#bugbounty
#bugbountytips
1
5
84
So I have been writing many custom exploits for the last few weeks and turns out this makes the triage process so much simple.
Will be doing a 2-3 write ups on how to turn features into vulnerabilities
@Hacker0x01
@theXSSrat
@BeersxNem0x0
@rachitaroraa
#bugbountytips
#bugbounty
1
1
80
🚨Tool Alert !!🚨
Introducing LEAKEY a tool for validation of any leaked credentials 🔑
The idea behind LEAKEY is to make it highly customizable and easy to add new services/checks once they are discovered 🚀
#bugbounty
#bugbountytips
#cybersecurity
5
155
503
2
9
82
Ranked
#7
on 90 Days INDIA leaderboard. A big thank you to my super awesome friends
@jonathandata1
@theXSSrat
@cyberman_27
@sa_sankalp
for always supporting me. Also Thank you
@Hacker0x01
for the swags.
#bugbounty
#bugbountytips
#togetherwehithard
3
6
75
Kicking off
@Hacker0x01
AWC 24 👀
The Team 🇮🇳- 3👇
@3ncryptSaan
@krishnsec
@bug_vs_me
@RootxRavi
@0xdln
@0xcharan
@errorsec_
@TeslaTheGod
@AliHassanKhan_
@tabaahi_
@Mr_xhunt
@Hunt2behunter
@AyushSingh1098
@callmed0_4
@starkcharry
@golu_369
@luthraX
#bugbounty
#ambassadorworldcup
22
12
81
5
17
78
Drop your favorite Burp Extension below. I am curious to know which ones have captured your attention 🤔
I will share mine and believe me this has to be one of the best extension with tons of capabilities.🚀
#bugbounty
#bugbountytips
#cybersecurity
14
17
75
1
22
76
Had an wonderful 2 days session on Web Application Hacking
@bsidesahmedabad
Thank you
@HusseiN98D
for the awesome training session, really enjoyed listening to you 😀
#bugbounty
#bugbountytips
#cybersecurity
3
6
78
Guess these will look good on my wall 👀
Thanks for the awesome swag
@Bugcrowd
✨
#bugbounty
#bugbountytips
#cybersecurity
3
7
74
Home server maintenance time 🤪
@h1Disclosed
might not be available for next few hours, sorry for the inconvenience 😬
#bugbounty
#bugbountytips
#CyberSecurity
3
6
75
For all the bug hunters and the bug bounty platforms out there 🫣💯
@Hacker0x01
@Bugcrowd
@intigriti
@yeswehack
@theXSSrat
@gregxsunday
@zseano
@stokfredrik
@GodfatherOrwa
@Masonhck3571
and many more...
#bugbounty
#cybersecurity
4
11
72
I have never used Burp Active Scanner and I think I am missing a lot because of this, can anyone share some good resources about insertion and context based scanning with burp.
@ReZ0_
@theXSSrat
#bugbounty
5
7
74
Hey
@theXSSrat
@PinkDraconian
Wanna review
@iamthefrogy
? The most complete Subdomain Enumeration tool out there. 💯
5
19
71
SQL Injection On
@Hacker0x01
Program
Always try to find Origin IP to Bypass WAF
#bugbounty
#PentestingSQL
8
13
134
4
2
70
🚨 Tool Alert !! 🚨
Check out this new terminal website👀, who needs a fancy UI, all we need are just commands 😉
More BugBounty Tools to be added soon 🚀
#bugbounty
#bugbountytips
#cybersecurity
2
10
70
Met another hacker hunting the same target and decided to have some fun :)
#bugbounty
#bugbountytips
#cybersecurity
5
4
66
🚨 ALERT !! 🚨
Stop relying on third-party hosted XSS hunter instances! You never know what's being monitored and it's best to have full control over your testing environment.Invest in a $5 VPS and host your own instance for transparency & security.
#bugbountytips
#cybersecurity
1
4
66
Leave the bounty platforms aside 😐
Next level bounties over texts👀
@h4x0r_dz
@nagasainikhil
#bugbounty
3
3
67
BugBounty is all about being at the right place at the right time. Testing on a program and all I can see is year old random comments. One of the comment read "Don't waste time here,already tested..." LOL
#bugbounty
@theXSSrat
what's your take on this?
0
2
66
Just published "A Developer’s Nightmare (Part - II): Story of an innocent looking parameter and some poor fixes worth $1650"
cc
@intigriti
@zseano
@Jhaddix
@theXSSrat
@Arl_rose
@harshbothra_
@sumgr0
#bugbounty
#bugbountytips
#cybersecurity
#infosec
9
13
64
The new Burp UI looks amazing, isn't it ?😉 Wait, this is the new
@CaidoIO
update which allows you to customize the whole look and feel of your proxy tool with custom CSS and JS 🚀
#bugbounty
#bugbountytips
#cybersecurity
9
9
63
All the tweets I have been reading and from my own personal experience, I can say
@Bugcrowd
is doing some awesome job. H1 is degrading day by day even after raising mediation request no action after 13 days. Seems like it's time to hit harder on BC now.
@h4x0r_dz
#bugbounty
8
4
63
Swag Check List 🧾:
@Hacker0x01
✅
@Bugcrowd
✅
@Sony
✅
@redbull
✅
@achmea
✅
@BBCWorld
✅
Major missings 😭 , would love to have you on the list 🤗
@intigriti
@yeswehack
@PentesterLab
#bugbounty
#swag
#cybersecurity
#infosec
#hoodie
#Giveaway
9
5
62
Not sure why so many programs are moving to
@Bugcrowd
🤔 received 4 of these just now 🤷♂️
#bugbounty
#bugbountytips
#CyberSecurity
15
5
63
#bugbountytip
:
Don't take long breaks, you will find it hard to make a return 🫠
Ps. Feels like I know nothing about
#bugbounties
LOL 🥹
#cybersecurity
#bugbountytips
7
4
56
Someone just bought me 3 coffees 😭🙏 I can't express my gratitude in words,this is the first time someone donated. This encourages me to contribute more to the open source
Thank you so much for your kind support🙏
#bugbounty
#bugbountytips
#cybersecurity
3
5
61
10
0
60
Take your bugbounty to the next level with Insertion based scanning via Intruder. Define specific insertion points in a request, such as headers or query parameters,and use Burp to automate payload injection for a targeted,efficient scan.
#bugbounty
#bugbountytips
#cybersecurity
2
13
61
4
2
56
I've reached the point where I use bash more than Python 👀
Believe it or not, I even run a home lab web server in bash 😆
#bugbounty
#bugbountytips
#cybersecurity
7
5
58
For past couple of days I have been getting a lot of DMs regarding the solution to the
@Bugcrowd
's Final Spooky Challenge.
I have done a simple walkthrough of the same, you can read it on my blog here
#bugbounty
#bugbountytips
#cybersecurity
5
8
58
Get a little laugh when your recon finishes, add this to your recon scripts or maybe just add it to your crontab and get a dad joke every 30 mins ;)
echo '*/30 * * * * root joke|notify' >> /etc/crontab
#bugbounty
#bugbountytips
#CyberSecurity
3
8
57
#bugbountytip
:
GET OFF YOUR TERMINAL AND START SPENDING SOME TIME ON YOUR BROWSER.
#bugbounty
#bugbountytips
2
2
57
Monday swag drop 👀
When you go to read a news article and end up reporting a security issue 🤷♂️
#bugbounty
#bugbountytips
#cybersecurity
6
7
57
I always find it hard to switch to a new target and start over. I have been hacking on a single program for almost 4 months now, got to know all the ins and outs of the app. I guess I have hit the dead end now🤷♂️
Sometimes, you need to move on at the right time 🚀
#bugbountytips
12
3
57
If you are like me who uses
@firefox
for day to day work(twitter for me lol) and prefer the same for Bug Bounties too at same time.
Here's a tip to setup a separate profile for bugbounties
firefox -no-remote -P
create a new profile named bugbounty, 1/2
#bugbounty
#bugbountytips
2
15
55
2
5
55
Found this on one of the website, why Indian Bug Hunters are obsessed with SPF, click jacking,Rate Limiting, Insufficient session Expiration, Password Policy kind of issues?
Probably because of those unpaid internship and training programs.
@tabaahi_
@Ox4d5a
#bugbounty
4
9
52
I feel a bit demotivated hunting now,feel tired looking at targets,waste time watching YouTube and no real productivity since last 15-20 days.Are these signs of burnout?Earlier I used to be very excited while hunting and now suddenly I feel bit hesitant and lack of confidence. 1/
8
0
52
7
9
50
Web Cache FTW 🔥🔥
Special thanks to
@bxmbn
for his research 🙏❣️
Will be doing a detailed write-up next month.
#bugbounty
#bugbountytips
2
5
50
My reports now a days 👀
#bugbountytip
: To ease things for the triager, try to automate the complicated stuff. Helps a lot for a quick triage.
#bugbounty
#bugbountytips
0
1
48
I always admire
@_zwink
's style of hunting. No advance tools, no terminals, no fancy stuff, no complicated bug classes instead sweet but highly impactful logical issues with just FireFox and Burp .
#bugbounty
#bugbountytips
#cybersecurity
#infosec
3
5
48
🚨 Attention Hackers !! 🚨
The
@Hacker0x01
Ambassador Cup 2024 [AWC24] starts in few weeks.
If you're interested in joining a community of passionate hackers and competing in the AWC,
DM me your H1 profile to join our team! 🚀
#bugbounty
#bugbountytips
#cybersecurity
4
7
48
But what after Recon? What are you going to do with the bunch of crap you just collected?
Please don't get trapped into recon forever, jump onto the actual webapp and see what's going on behind the scenes. Believe me there's at least 1 High severity issue sitting there :)
3 Bug bounty Cheatcodes:
1. Recon
2. Recon
3. Recon
You know the drill.
#bugbounty
#infosec
#hacking
1
6
35
3
4
46
11
4
45
#BugBountyTip
: Be persistent and patient when hunting for vulnerabilities. Sometimes it can take a long time to find and exploit a security flaw, but the rewards can be well worth the effort. Keep trying and don't give up!
#hackerone
#security
#cybersecuritytips
#bugbounty
0
17
47
Http ping backs when Signing up for a service, source IP belongs to cloud (Amazon/Google). Anything that can be achieved in this case?
2 reqs. have user agent python-request/2.0
@theXSSrat
@TheRealBrenu
@therceman
@zseano
@pudsec
#bugbounty
#bugbountytips
#cybersecurity
1
6
46
Forgot to share but for the past few weeks I have been tinkering around with the flipper and I must say it's a great addition for research and cybersecurity purposes 👀🔥
A great handy tool for ethical research and pen testing stuff 😃
#bugbounty
#bugbountytips
#cybersecurity
8
5
46
6
7
45
I don't know why this happens but I am little sceptical when starting on a new invite or a program on
@Hacker0x01
, I mean the limited scope and the leader board makes me little uncomfortable. How to tackle this weird feeling
@zseano
@theXSSrat
#bugbounty
#bugbounttips
12
1
45
reconFTW
118
reNgine
30
Osmedeus
17
Custom Solution
161
3
7
43
They ruined this shit 🥴 Am I the only one who don't like this updated dashboard layout 🤷♂️
#bugbounty
#bugbountytips
#cybersecurity
8
2
42
What's the first thing you test here ? 🤔
P.s 🍃Spring Framework in place
#bugbounty
#cybersecurity
#bugbountytips
37
15
163
3
3
42