Bug-Bounty Tip :- Want to find Sensitive Information Disclosure vulnerability...Try this -> https://t.co/nK5yVC6uTY<target name>/ This might help you reveal some juicy information about the target.

I found a critical vulnerability @Hacker0x01 Tips: - Don't forget to try scanning all IP's ports and Fuzz all results #bugbounty #hackerone #Cybersecurity #Critical #InfoSecurity #Vulnerabilities #hacking #cybersecurity #bugbountytips

🫂

I discovered several High vulnerabilities and one vulnerability of medium severity on HackerOne #bugbounty #hackerone #Cybersecurity #Critical #InfoSecurity #Vulnerabilities #hacking #cybersecurity #webappsecurity

Do you remember when you joined Twitter? I do! #MyTwitterAnniversary

LFI Trick: /fileRead.jsp?fileName=/etc/passwd (406📛) /fileRead.jsp?fileName=/?tc/?asswd (200✅) /fileRead.jsp?fileName=/??c/??sswd (200✅) #infosec #bugbountytips #BugBounty

Blind xss everywhere ✌️🔥 #bugbountytips #infosec

.. 🤩🔥

Bug-Bounty Handy Repository :- https://t.co/zIwdECEimj #bugbountytips #BugBounty #CyberSecurity

🤩🔥 https://t.co/FEQ3iowKyD

Hall of fame - University of Taxes 😎🔥 https://t.co/hy2TF9Q6Un #bugbounty #bugbountytips #infosec

Thanks @Sprinklr for the awesome swag ❤️ #swag #hackerone #bugbounty

Payloads for Hunting Payloads All The Things- https://t.co/R2dwBdntk6 XSS Payloads- https://t.co/tW7kJijDdJ XSS Payloads - https://t.co/2yoemcM6Kv SQL Injection Payloads - https://t.co/mcp4PZa5vO #bugbountytips #infosec #CyberSecurity

It's going to be a great week 😎✌️ #bugbounty #hackerone #infosec

This Blog cover about, - SQLi, - XSS, - CSRF, - RCE, - IDOR, - XXE, - SSRF, - CSV Inje., - Bruteforce, - Outh Bypass, - File Upload, - HTTP Header Inje., and lot more. https://t.co/phmq7QrGyb #bugbountytips #bugbounty #bugbountytip #infosec #cybersecuritytips

حمدلله تم الحصول على المركز الثاني على مستوى المملكة بعد نهاية الربع الثاني Apr-Jun2022 في منصة @Hacker0x01 #bugbountytips #bugbounty #hackerone

Yay, I was awarded a $750 bounty on @Hacker0x01 #BugBounty #CyberSecurity #bugbountytips

Methods To Find Sqli : Command Line Tools Like a Pro 1. sublist3r -d target | tee -a domains 2. cat domains | httpx | tee -a alive 3. cat alive | waybackurls | tee -a urls 4. gf sqli urls >> sqli 5. sqlmap -m sqli.txt --dbs --batch #BugBounty #CyberSecurity #bugbountytips

Bug-Bounty Tip : Got Ping back for SSRF when fired up Burp collaborator, but what to test after that Try these :- 1. Internal Port Scanning 2. Internal Asset leakage 3. Internal File fetch vulnerability If you get the third one, try LFI. #bugbountytips #CyberSecurity #infosec

Bug-Bounty tip Some interesting path to be in your findings after an RCE (if possible) :- -> /var/log -> /var/spool/crony -> /etc/cron.* -> /etc/group -> /etc/passed -> /var/log/btmp #bugbounty #bugbountytips #bugbountytip #cybersecurity #offensivesecurity #infosec #Linux #OSINT