what_web

323 posts

what_web

@jae_hak99

@Hacker0x01 @Bugbounty @Web

Republic Korea Beigetreten Mart 2020

99 Folgt3.2K Follower

what_web@jae_hak99·3 Ara

Level 3 pentesterlab Pro 1 month, @Hacker0x01

Português

228

what_web@jae_hak99·20 Kas

2025 Hack the Challenge 1st 🏆

English

276

what_web@jae_hak99·14 Kas

Joined 3.5K club @Hacker0x01 Thanks

English

197

what_web@jae_hak99·11 Kas

Thanks, @Hacker0x01

English

182

what_web@jae_hak99·15 Haz

I recently found out about a platform called #hackthebox. This platform provides a learning space and information to learn various knowledge such as cybersecurity, web, network, AI, etc. I think it would be very useful for researchers who want to learn more about information security. The content is so vast that this platform seems much better than other educational platforms. #bugbounty

English

878

what_web@jae_hak99·15 Haz

@arshiyaiha @Hacker0x01 private program

144

🇮🇷 Arshiya🇮🇷@arshiyaiha·14 Haz

@jae_hak99 @Hacker0x01 Congrats bro.priv8 or pub?

English

233

what_web@jae_hak99·14 Haz

I have 15 reports Pending program review. :) I hope the final result comes out soon 😃😃 @Hacker0x01 #bugbounty

English

172

8.5K

what_web@jae_hak99·15 Haz

@YourFinalSin @Hacker0x01 🔥🔥

QME

184

3NVZ | Robert S.@YourFinalSin·14 Haz

@jae_hak99 @Hacker0x01 Let’s goo 💪

English

413

what_web@jae_hak99·14 Haz

@0trusts @Hacker0x01 Haha😅

Filipino

207

~$ 𝓔𝓵𝓲𝓯𝓯@0trusts·14 Haz

@jae_hak99 @Hacker0x01 70 open😔

Nederlands

268

what_web@jae_hak99·14 Haz

@badcrack3r @Hacker0x01 I'm looking forward to next weekday

English

454

mhmd berro (badcracker)@badcrack3r·14 Haz

@jae_hak99 @Hacker0x01 Good luck!

GIF

English

476

what_web@jae_hak99·11 Haz

When a token, key, etc. is found in a sensitive repository, we have developed a tool that tests whether the token or key is actually valid and if so, accessible, and automatically lists only the valid values in a .html file. Now you don't have to manually test whether tokens and API keys found in your organization's repository are actually valid. How it works is that we fully automate the validation by connecting to a separate Proof of Concept (PoC) built for each token to check whether the API function is actually accessible in the repository (e.g. GitHub, Slack, multiple DBs). It detects whether the token is actually accessible in your organization. Validated tokens output a live token in a .html file.

English

615

what_web@jae_hak99·6 Haz

Today during fuzzing, I found an employee-only domain within the same domain. The domain was public to the general public and had an email verification process, but it did not exist in the account interface.

English

514

what_web@jae_hak99·4 Haz

@error404sec All found in one domain

English

252

Hugo Picanzo@hugopicanzo·4 Haz

@jae_hak99 Several different subdomains?

Català

330

what_web@jae_hak99·3 Haz

I've been busy for a while. So I took a long break for 3-4 years. I recently started the #Hacker0x01 bug bounty activity again in May, and I found 20 vulnerabilities in the BBP program All are under evaluation and review, and some are already being fixed. Hope it goes well :)