Shakti_
@shakti_sec
Followers
604
Following
823
Media
42
Statuses
1,113
Security Researcher | CEH-Master | learning New things | updating into bug bounty
Joined June 2022
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
UCLA
• 309294 Tweets
#1Mayıs
• 126630 Tweets
Happy New Month
• 89430 Tweets
İşçi
• 73850 Tweets
#LabourDay
• 70761 Tweets
かしわ記念
• 47371 Tweets
Happy Labour
• 44843 Tweets
#LittleLight1stWin
• 31841 Tweets
Paul Auster
• 30268 Tweets
サマソニ
• 29851 Tweets
#DOYOUNG1STWIN
• 21980 Tweets
Adrian Newey
• 21718 Tweets
Polise
• 15345 Tweets
Buon 1
• 14657 Tweets
Transición
• 13805 Tweets
#WorkersDay
• 13632 Tweets
I made a template to detect sqli at header, X-Forwarded-For. This template try 2 different times at a moment to decrease false positive. Like first payload delay with 5sec it's will Again check that payload with 6 sec. If it will delay 2 time it's Vulnerable.
7
29
192
If You Found Database Version Through SUBSTRING. Version will be anything like 5, or 8, etc.. Then use this accordingly to the version.
AND (SELECT IF(MID(VERSION(),1,1) = '8', SLEEP(15), 0))-- It will delay.
Fantastic writeup about SQL
@bug4you
thank you so much sir 💵🙏🙏
3
26
148
I created Blind Time based sqli nuclei template it's my private template. It's takes 15 days to create. It hasn't false positive its only give Current result.
11
11
87
I found s3 Bucket subdomain takeover vulnerability. i am waiting for the response🙄
6
4
72
I found 2 sql injection. 1st got N/A. 2nd is open. Doesn't matter if I will get bounty or dup, or N/A. I just want to make creativity and learning progress. Specially Many many thanks to
@GodfatherOrwa
@nav1n0x
@NahamSec
@fattselimi
@HackTube5
. I am nothing without you all 🙏🙏
7
2
56
Hi To Everyone. My Problems Is Me. I Daily Hunt 3 Hour In A Day. But I Want To Hunt 7 Hours Within A Day. I Made A Time Table To Get Early Mrng And Do Bug Hunting. But I Wake Late Mrng. I Couldn't Follow My Time Tble. Could You Give To Tip How To Be Consistency.
15
1
32
Its really hard time when you got broke up.
no Money
no valid Bugs.
no supportive partner.
ek ladka kya kya kare ga apni zindagi me.
bas kamosh ho jatha hai. 😔😔
11
0
28
Every Where I Go There is WAF And blocked Me. Can any help me to bypass it..
8
2
23
4th Time-based-sql injection. If you want to reduce risk while using sqlmap or ghauri. Just use --test-filter='Time-based' it only give time based payloads only. You can use ur wish boolen, union, error, time-based.
1
7
22
Hi deepak bhaiya
@bug_vs_me
i used kxss and dalfox it seem to reflect parameters. when i try payloads it is giving 400 Request. could you help?
2
0
20
@thebinarybot
@pdiscoveryio
This is Good Idea but is not easy. when we enumerated subdomains Many has WAF they block nuclei speed. first step to find origin IP. Then diresearch, fuzzing, with Bknd TECH. after Open url Fire on burpsuite analyz. sitemap how website is build. then try attack.
0
2
18
@intigriti
find new subdomains. Take 1 sub, Do 1.WBU, 2.FFUF, 3.paramspider 4.arjun tool to find hidden. filter parameters hit by payload
1
0
16
Any one give suggests which program should i hunt. I Hunt specially sqli.
I didn't get valid SQLi yet. All bugs had N/A, dup, out of scope.
Please suggest if you know.
3
0
15
@JPD_1206
@GodfatherOrwa
@af4himi
@nav1n0x
Copy post request and save a file like post.txt then run ghauri tool and give parameter which has a you put single quotes or double quotes ghauri -r post.txt -p for parameter give parameter here.
Ghuri -r post.txt -p --dbs --test-filter='Error-based'
0
2
13
What will you do in this 2 situation?
1. No bounty From last 2 years
2. Someone will tell I think it won't work out. So don't text me 💔
If you have time just add your thoughts.
7
0
12
@nav1n0x
When i see your post about SQLi. I think i found it.😇😁.. Its great Motivate for me sir.
Just little bit doute Mostly WBU has 404 not found pages then How did you found?
2
1
11
will Miracle happen In life?
like will I Found +10 SQLi and Post in Twitter?
2
0
10
@NinadMishra5
Subfinder
Assetfinder
Findomain
Amass
Burpsuite
Ffuf
Sqlmap
Ghauri
Nuclei
Anew
Httpx
Waybackurls
0
3
9
@intigriti
Sqlmap and ghauri. First check Manually then try automate process. But there is always has WAF 😁😁
0
1
9
@krrohit210302
There is already created sqli template includes all database fingerprints.
. This link has many templates you can find error based sql injection.
0
0
8
Where to find new programs to hunt?
Mind isn't working have to capability to hunt bugs but what if haven't new programs to hunt. 😔😔.
2
0
8
@th4m1_hacker
If you found Time based with manual mode. Its is in scope. As we as try manual to extract database information. If you could find database information then submit. Or If you couldn't find database. Then submit as Time based SQLI. It will be valid bug 👍🏻👍🏻
0
0
7
@c4ng4c3ir0
Is this real money $9,250.00?
I have been hunting from last 2 years I did not get any valid bugs. All bugs are gone Dup, out of scope, N/A
2
0
5
@krrohit210302
When I run nuclei on all subdomains my laptop has disconnected internet access 🤣🤣🤣
3
0
5
@0x_Akoko
@Hacker0x01
Congratulations. Great writeup. I found 10 SQLi but all goes Out of scope, NA, and Informative 😂😂
1
0
5
@being__aman
@Hacker0x01
Sayad sahi kaha apne. Mera sher ko bol dunga wild scope me shikar karne ke liya 🤣😁😁
2
0
3
Yesterday. i did subdomains enumerated after i sorted and run nuclei -l sub. txt http/takeovers
after result i found 10 Fastly subdomains takeover. but it has already takeover by someone. i wish i was the one 😔
4
1
5
Excited to hack on
@hacker0x01
,
@bugcrowd
and
@intigriti
for the 5 Week Program with
@NahamSec
!
#nahomies
1
0
6
@Gotcha1G
Congratulation private or public?
How did you found could you explain it.did you face WAF?
0
0
4
@adrielsec
Before you automate tool. First try to understand about target. Analyze parameters endpoints how is working post and get request. After you can you tools according to ur analysis list..
0
0
4
@NinadMishra5
@naglinagli
cat host.txt | while read url; do ffuf -w <wordlist> -o <output-file> -u $url/FUZZ; done
cat host.txt = all subdomains
This script fuzz one by one subdomains through wordlist. If you want dirsearch word list then just modify wordlist and run it.
0
0
3
@fattselimi
@ElS1carius
@Hacker0x01
Congralution.. Just little bit could explain it?
Error or time did you faced waf. Manul or automate.?
0
0
4
@lohigowda_in
@SunonFurniture
@greensoulergo
Its looks fantastic🤩🤩. could you give the link of table, chair, and Monitor?
1
0
4
@0x_rood
You can use like sqlmap -u "url" when you didn't add "" double quote it will check only first paramter. If you add double quotes it will test all parameters
0
0
4
@AlHomaidNoor
3.
How to data working how login functionality working, give 3 or 4 hour daily. Use waybackmachine to campare present url to old url look what is the difference then try to hunt like sqli,xss, IDORs, etc Happy hunting 👍👍
1
0
4
@AlHomaidNoor
1.
Before you buy vps. Don't use like this way. First collect all api key add into subfinder config file. Theb run subfinder -all -d | httpx -silent | nuclei -s but remember why testing automate you will miss lots of bugs
0
0
3
Hey.. I used ghauri tool to find sql injection time based. Few minutes I got result this.. Is this false positive? Please help me?
2
0
1
@JPD_1206
@Microsoft
@GodfatherOrwa
@af4himi
@nav1n0x
Congratulations. How did you approach the target?
1
0
3
@mOhamedd7w
Congratulations. 💐 Could you explain how did you got the login.php. Subdomain enumeration or shodan, or censys, or origin ip?
1
0
3
@nav1n0x
Hi navin sir How did you found sql injection day by day. Your are my Idor inspirational. It's been to long over 2 years I have been seen your reports and writeups. Where do you hunt? Which platform. I stuck as a beginner behind WAF 😔😔.
1
0
3
😔It's really hard to think positive about our self. Life isn't easy. What we think it will never happen. we won't get the person who loved so much, we won't get enough money. We won't get family love. What we think positive it won't happen . It's always give hard time.
1
0
3
@being__aman
@Hacker0x01
Ky badiya sekhar kiya bhai apne kon sheer palthe ho bhai.
Mere pass jo sher hai usne abhi sare out of scope bug found kiya hai 🤣🤣🤣
1
0
3
@GodfatherOrwa
@g4ur4v_mishr4
In your case origin ip response was 404. After you replace with vulnhost. How does it work? Just curious
0
0
3
My Bugs Reports I submitted 5 Sql injection. 4 sqli Not applicable. 1 sql injection out of scope.😐 But I won't give up.
0
0
3
@AlHomaidNoor
2. Don't rely on automate tools. Take subdomains 3 or 4. Then analyze technology behind the website. Fuzz according to technology. Open burpsuite and open 1 subdomains in browser capture and add in scope then understand functionality. Like parameters, endpoints,,,
0
0
3
@Barbarossa404
@AlQa3Qa3M0x0101
Congratulations. Could explain how did you found 3 sqli from starting point. Don't ignore please just explain sir
1
0
3
@eagle_0408
@araselmir
@Bugcrowd
There are thousands of urls but you can choose PHP, JSP, html, asp, suppose you have urls file called urls.txt the use cat urls.txt | grep.php
PHP always has MySQL database. Loook old file through waybackmachine then compare two file try to understand and try ', ",
0
0
3
@Amr_MustafaAA
Hi brother I was hunting whole day which through Google dorking program like. Inurl responsible disclosure. After I got some programs but it has Cloudflare WAF. Every program has cloudflare. I got very frastation.. Litte tip bro where to find wild scope programs.
3
0
3
@ott3rly
Yess this is 10000% current. Bug bounty is consistency. Its so hard but if you love the Passion nd journey. You have to give time on laptop until you find bug. 👍🏻👍🏻👍🏻
1
0
3
@CHEBBAHKha50779
@AhmedMa07846126
There are lot of tools but manually doing is good. Shodan, censys, securitytails. I will find through shodan..
0
0
3
@iAnkitKapoor01
@NahamSec
@GodfatherOrwa
What a fantastic stream with
@nahamsec
@GodfatherOrwa
... Leart lot. 😎🤩
0
0
3
@nav1n0x
Congratulations sir. It's been long time. I read your writeups and found 2 "sql injection". Give little tip sir. Please, did you face WAF?
0
0
3
@GodfatherOrwa
@bsidesahmedabad
@niksthehacker
Fantastic conference sir 🤩🤩. You deserve it. You are really amazing 🤩🤩🤑
0
0
2
0
0
3
@eagle_0408
Sorry bro but you are over thinking. And don't demotivate your self. Its real every subdomains doesn't has Orgn ip. But same has. You have 2 method find orign ip or try to bypass manually. I just wanted to know beginners who started recently. Like me.
0
0
3
@Arourmohamed01
more subdomains enumeration. used httpx -title i saw there is title like: No buckets. after i opened url to check manual i confirmed this could be s3 takeover. i created account and takeover it.
2
1
3
@PlatasSec
@intigriti
Congratulation. Public or private? I have been trying on public program to find SQLi. But i couldn't
2
0
3
@GodfatherOrwa
@Hacker0x01
@intigriti
@Bugcrowd
Congralution sir 🥳.could you explain little bit about 2 sqli injection how did you found?
0
0
3
@wadgamer10
Is this real?. How can you find this kind of config files. Public or private program?
1
0
3
Today is 27th May. It's been 1 year. I had started my journey into bug bounty. I have been trying to find bugs from last 1 year till now i didn't find yet any bugs. I used all tools which has bug hunter use.
I have financial iusse. I droped my job. Now I have no idea.
0
0
2
@haxor31337
Time based sql injection possible when using nuclei template. Everyone scan just 1 time that's why lots fasle positive. If you can make template like consistency of time. If payloads 5sec then try again that payload with 6sec if it's delay then it's vulnerable.
0
0
3
@bugoverfl0w
@SirBagoza
If target will give me 100000 urls. I first split -l 50000 from 100000 urls like this i will split and make many list. After you httpx -fcdn to filter out WAF subdomains. I will filter only php, ASP parameters then I run
0
0
2
@GodfatherOrwa
@Bugcrowd
Congratulations sir. It's Fantastic. I just Loved SQLi. And your tips and Idealogy is great it help me found sqli 🤩🤩😎
0
0
2
@hetmehtaa
go to front of mirror. identify wht mistake you did in past. Never repeat mistake. its really hard really hard to overcome. just cry . Agar kisiko pyar ki kadar hogi tho kabhi chood ke nahi jayaga. Kuch nahi khar sakthe akela rone ke alava
0
0
2
@bug4you
I have a doute. Let's Assume A is company but it changed Into B company. Just name changed. I found sqli On A company through intext:copyrights. Will it in scope or out of scope?
2
0
1