Mahendra Purbia

Built a JS secrets hunter for my testing workflow 🔍 Nothing new - just a more structured version of existing JS recon tools: ✅ Auto discovery ✅ 40+ patterns ✅ Multi-threaded ✅ Clean output github.com/Mah3Sec/JSHawk #bugbountytips #infosec #CyberSecurity #PenTest

"Dojo #49 - Secret manager"? Pwned! It was a blast on @YesWeHack! Think you can take it on? 🌟 dojo-yeswehack.com/challenge/play… #YesWeHack #ChallengeAccepted

@one33se7en @Hacker0x01

Yay, I was awarded a $10,000 bounty on @Hacker0x01 ! hackerone.com/one33se7en #TogetherWeHitHarder

@Ai_Vaidehi SQL

SQL Basics to Advance Notes 📘 To get it ✅ 1. Like and comment 'SQL' 2. Repost 🌠 3. Follow me so that, I can dm. #SQL

@Fabrikat0r Don’t stop hunting and improving your skills.
Just keep a low profile if it’s a side hustle.
Make sure it doesn’t affect your primary job or violate any rules.
Use your own judgment.

Stopped hunting - Joined Job - Started Learning. Hope this will make sense in few months/years #BugBounty

@Nithya_Shrii It’s not antisocial behavior. Intelligent people just read people well. Once you can easily tell who’s genuine and who’s not (behavior, intent, and patterns), you stop wasting energy. So the circle gets smaller but better. Intelligence gives choice, not isolation.

Why do intelligent people isolate themselves?

After mediation the issue is resolved but still i suggest that triage team should read report first and dont depend on AI based summary as. just depending on AI doesn’t help to become a good triage. And i think im not the only one who faced this issue with triage #BugBounty

Noticed a recurring issue on HackerOne: some triage responses feel AI-generated and reference a different vulnerability than what was reported, despite a clear PoC and category. #BugBounty

@velvynnn Ofcourse; itne me to mere hometown me bhi plot nahi aayega🥲

Yesterday at a family function, a friend of mine told an uncle about me that I make money online and do XYZ stuff. The uncle replied: Beta, show me salary credited in your bank account. Without that, all this online earning sounds fake. Hme salary credit nhi hoti uncle 🤒

I’ve been facing a serious, recurring safety issue with my @VolkswagenIndia virtus car from the very first day of delivery. Despite multiple complaints and service visits, nothing has been fixed and now it has caused a major highway accident. Sharing everything here 👇

@techyfreakk @Hacker0x01 Bro…proud moment✨❤️❤️

Yay, I was awarded a $20,000 bounty on @Hacker0x01 #TogetherWeHitHarder Bounty aside, these words hit different 🥹

Read “Unauthenticated Kibana Dashboard Access — A Serious Security Risk You Can’t Ignore“ by Pratik Dabhi on Medium: infosecwriteups.com/unauthenticate… #bugbounty #infosec #hacking

The @Hacker0x01 Hacking Meetup in Udaipur was 🔥Hackers teamed up, hacked on a live target, and shared tons of knowledge! 💻🤝 Virtual week is still on — bring your A-game! 💪 Top hackers will score exclusive swag 🎁 #HackerOne #BugBounty #UdaipurMeetup

I just published 🔓 BLE Hacking — Dissect. Decide. Deliver medium.com/p/ble-hacking-…

🚗 How I Approach Black-Box Car Pentesting – A Step-by-Step Breakdown From feature analysis to CAN Bus attacks, here’s how I systematically test a vehicle for vulnerabilities! Follow this thread to learn something useful about carhacking!👇 #CarHacking #AutomotiveSecurity

🔓 API Endpoint Turned GPS Tracker! 🚨 Found a public API leaking device statuses & GPS locations—no auth needed! 😱 Could enable real-time tracking of users, fleets & VIPs. 🔗 Read more: mah3sec.medium.com/from-partial-i… #CyberSecurity #BugBounty #APIsecurity #infosec #Pentesting

𝐘𝐨𝐮𝐫 𝐆𝐮𝐢𝐝𝐞 𝐭𝐨 𝐀𝐮𝐭𝐨𝐦𝐨𝐭𝐢𝐯𝐞 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 🚙 🛣️𝗥𝗼𝗮𝗱𝗺𝗮𝗽: github.com/AutoSecurityy/… 📚𝗞𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲 𝗕𝗮𝘀𝗲: autosecurityy.gitbook.io/autosec-knowle… 🏴‍☠️𝟳𝗗𝗮𝘆𝘀 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲(Starts on 1st Feb): nas.io/autosecurityy/… #AutomotiveSecurity #hacking

🚨 Wiz uncovered CVE-2024-43405, a bypass in #Nuclei enabling code execution. Fixed with @pdiscoveryio. Update to v3.3.2+, Run tools in isolated environments!

Automotive Cybersecurity Roadmap 🛣️ nas.io/autosecurityy/…