Mohamed Ahmed

116 posts

Mohamed Ahmed

@mooo_sec

Need money for 812

Beigetreten Aralık 2021

166 Folgt1.4K Follower

Mohamed Ahmed@mooo_sec·1d

@professor_xa1 Shodan

English

111

Professor_xA1@professor_xa1·2d

@mooo_sec What is your recon methodology for reaching such points?

English

301

Mohamed Ahmed@mooo_sec·2d

🚨 Another critical vulnerability 10/10. #bugbountytips #bugbounty #cybersecurity

English

176

5.9K

Mohamed Ahmed@mooo_sec·1d

@bugoverfl0w User: admin Pass: (empty)

English

119

bugoverflow@bugoverfl0w·2d

@mooo_sec Congrats bro. What is user:pass default? Thanks

English

307

Mohamed Ahmed@mooo_sec·17 Mar

@4osp3l Congratulations

English

Gospel@4osp3l·16 Mar

🔥

Gospel@4osp3l

MSRC HOF 👀

QME

3.8K

Mohamed Ahmed@mooo_sec·15 Şub

@Gl1tchhx Yes

Gl1tch@Gl1tchhx·13 Şub

@mooo_sec admin:admin?

Indonesia

146

Mohamed Ahmed@mooo_sec·13 Şub

How I accessed a Grafana admin panel during my recon process: • Chose a target with all assets in scope • Used Shodan (SSL search) and Google dorking ("Copyright © target") to discover related domains outside the main domain

English

277

14.3K

Mohamed Ahmed@mooo_sec·28 Ara

Got paid even though the vulnerability was duplicate 💸 Because of the way I exploited it. #BugBountyTips #BugBounty #CyberSecurity

English

110

7.1K

Mohamed Ahmed@mooo_sec·28 Ara

@fahadkhan__101 It depends on the day It's pretty random and based on my mood and whether I have college or not so I don't have a fixed number of hours per day

English

106

Fahad Khan@fahadkhan__101·28 Ara

@mooo_sec Amazing work 🔥🔥 Can you tell me, how many hours you hunt on daily basis?

English

109

Mohamed Ahmed@mooo_sec·26 Ara

🚨 40+ Vulnerabilities Found This Month, including 10+ critical issues: RCE, Mass PII Exposure, Unauthorized Access, ATO, LFI, Information Disclosure #CyberSecurity #BugBounty #BugBountyTips

English

339

13.1K

Mohamed Ahmed@mooo_sec·28 Ara

@crypto_profit1 Check my YouTube soon i will do writeups

English

Ari Crypto@Ari_crypt0·26 Ara

@mooo_sec when writeup ?

English

391

Mohamed Ahmed@mooo_sec·28 Ara

@Younis_J_ I will share here and on my YouTube

English

Younis Jabr@Younis_J_·26 Ara

@mooo_sec Thinks for sharing if you can share tips will be great

English

483

Mohamed Ahmed@mooo_sec·27 Ara

@OX0DAYS Check my YouTube video

English

HUNTER@OX0DAYS·26 Ara

@mooo_sec Can You Share Your Github Dork List!

English

Mohamed Ahmed@mooo_sec·29 Haz

New Video – I found admin panels & leaked credentials using just one GitHub dork! 🚨 Watch here: youtu.be/3sfe8U-f_zk #BugBounty #GitHubDork #CyberSecurity

YouTube

English

2.5K

Mohamed Ahmed@mooo_sec·26 Ara

ZXX

1.6K

Mohamed Ahmed@mooo_sec·26 Ara

ZXX

1.6K

Mohamed Ahmed@mooo_sec·26 Ara

ZXX

1.5K

Mohamed Ahmed@mooo_sec·24 Ara

@pent0ss Dm me if u need a help

English

268

أسامة 🇵🇸@pent0ss·23 Ara

If i find the RSA private key should i report it immediately or show an impact and how can i do that? #bugbountytips #BugBounty

English

Mohamed Ahmed@mooo_sec·24 Ara

@pent0ss Firstly verify whether this is a production RSA key or only a test/example key as test or placeholder keys are usually not accepted. Then verify whether the key is valid or not.

English

320

Mohamed Ahmed@mooo_sec·17 Kas

@Steiner254 Yeah

English

103

It's Steiner254@Steiner254·16 Kas

@mooo_sec nice catch.... admin-admin?

English

117

Mohamed Ahmed@mooo_sec·15 Kas

Admin Panel Access Scenario I Found • During recon I found a domain with an empty main page • Port scan showed 1950 open • Visiting example.com:1950 revealed an admin login • Default creds worked and gave full admin access #CyberSecurity #BugBounty #bugbountytips

English

120

2.9K

Mohamed Ahmed@mooo_sec·16 Kas

@74himanshukumar Ok

146

himanshumonu@74himanshukumar·15 Kas

@mooo_sec share some tips about directory fuzzing

English

235

Entdecken

@professor_xa1 @bugoverfl0w @4osp3l @Gl1tchhx @fahadkhan__101 @Younis_J_ @OX0DAYS @elonmusk