Want to hack mobile applications? 📱. We’ve just published the ultimate guide to building an Android #BugBounty lab with emulators, real devices and proxies (featuring Genymotion, Android emulator, Magisk, Burp, Frida & Medusa) 👇. #BugBountyTips .

Just 7 days until Berlin turns into a playground for hackers ⏳. At @nullcon, we're hosting an exclusive #LHE where:.🔍 A secret target will be revealed.💰 Valid vulns will turn into bounties.🏆 Hackers will battle for the top of the leaderboard. More 👉

Join millions who have switched to Grok.

📢 Caido users: a reminder that our new YesWeCaido plugin enables you to fetch all your YesWeHack programs from within @CaidoIO and to add targets to your scopes tab with a single mouse click 🔥.

🇸🇬 Big thanks to @N0H4TS for inviting us to the #BugBounty community meetup on Monday evening!. With 130+ cybersec enthusiasts in the room, our Lead APAC Security Analyst, @alehresmann led a hands-on session demonstrating how to analyse a target, experiment with payloads and turn

Remember when @LouisVuitton welcomed hunters to its Paris headquarters for a groundbreaking live hacking event? 👜 Watch highlights from last year’s successful ‘Hack Me I’m Famous’ edition 👇.

A new Dojo challenge - Hardware monitor is released!. Seems like a LFI is presented in this Ruby application, but will you be able to exploit it to capture the flag? 🚩. Try it now: #YesWeRHackers #CTF #BugBounty

Our latest hacker roundup stars nonce CSP bypasses from @J0R1AN, a ‘quiet’ request smuggling side channel, an Amazon Q self-destruct saga, a Gemini CLI hijack (CC @tracebit_com), & an IDOR that could leak 64m McDonald’s job applications (@iangcarroll) 👇.

🏆 Dojo #43 – CCTV Manager is officially closed, and we have our winners!. This challenge revolved around a predictable token combined with insecure YAML deserialization - leading to RCE and. flag capture 🏁. Here's the write-up 👉 #CTF #BugBounty

Bitcoin’s on fire at $112K! Time to flip the charts on BTCC!.Exploring Cryptocurrency with Jaren Jackson Jr.🏀.

RT @_CryptoCat: My writeup for the July Dojo challenge on @yeswehack - CCTV Manager 🎥. 1️⃣ Predict the correct token to access the CCTV man….

In the latest #TalkiePwnii, @pwnwithlove takes on a Dojo challenge about predictable tokens & YAML deserialization in Python 🐍. From predictable tokens to achieving RCE via unsafe YAML load - watch the full exploit 👇. #BugBountyTips #YesWeRHackers.

Path traversal opens doors to secrets, source code and even RCE when chained with other exploits 📂 Level up your #BugBounty hunting skills with our practical guide to path traversal and arbitrary file read attacks 👇.

👥 Heading to @rootconorg next month?. Drop by Booth G1 on 24–26 Sep to see how @yeswehack helps organisations uncover vulnerabilities faster and more efficiently. Whether you’re a security leader exploring #BugBounty or a hacker looking to level up, we’d love to meet you. 📍

The evolution of ethical hacking was a big theme in our interview two years ago with @_godiego__ 🇪🇸 Read/watch the Q&A to hear what our all-time #12 hunter had to say about #BugBounty trends and his own career so far 👇.

Why is Rabhi so dominant atop our #BugBounty leaderboard – month after month, year after year? 🏆 In case you missed it, read a Q&A with our all-time #1 hunter in our first-ever #BugBounty report 👇.

🔐 We’re halfway through Swiss Post's 2025 Public Intrusion Test!. 🕵️ Since the launch, Swiss Post received 15 reports from different hunters (examination for acceptance is on-going).🆕 For the first time, write-in fields are in scope – a great opportunity to explore new areas of

Episode #1 of our collab with @soyel_mago has landed! 🎥. First published on his own channel, the video (in Spanish) sees the YouTuber explore #Dojo - our hands-on training platform for burnishing your #BugBounty skills! 🐞. Watch it now 👇.

SQL injection vulnerabilities remain widespread – and potentially lucrative for #BugBounty hunters 💉Our ‘Vulnerability Vectors’ series kicks off with techniques – such as blind SQLi, time-based attacks and OOB callbacks – for this classic CWE 👇.