Keyur

@_jensec @_jensec I had same issue, but now it is working fine for me. What I did was: I Gave program detail, what I want to achieve in Claude Web UI, and ask to create me CLAUDE.md and relevant file. I had copy it in my Claude Code CLI. And it work fine.

Seeing Claude Usage Policy banner despite being a part of Claude Cyber Verification Program, anyone else seeing this?

@NFSU_Official Covering: Claude Code + Burp Suite MCP + Shodan + Censys + IP Recon An Upskill Initiative by NFSU Alumnus #PenTest #BugBounty #AI #CyberSecurity #ClaudeCode #EthicalHacking #NFSU

What if AI could do your recon, analyze Burp traffic, and write your pentest report — all from one terminal? I'll show you exactly how this Sunday. Live demos, real findings, no slides-only fluff. 📅 5th April | 11:00 AM 🔗Registration Link: lnkd.in/d4KGGdPw

Let’s STOP ignoring WebSockets  There are P1s to be found. Here we go.👇🧵

@Ravenzbb @8kSec Congratulations Ishwar!

Solved it in 1st try!! Thanks @8kSec for the challenge💪🥳

@kyrian_cyber Your Welcome !

@Keyur_K_P Thanks man 👍

Does anyone know where I can learn and master wireshark, I can't just understand anything on it🙏🙏

🔥 Guess who’s back and bringing the heat to the Cyber Party 🤫💥 @Hacker0x01 is now the official Bug Bounty Sponsor for BSides Ahmedabad 0x06! 🕵️‍♂️💥 Not only are they bringing their A-game to the world of bug bounties, but they're also helping us make this the Finest Cyber Security Conference Around. 🤩 Ready to flex those cybersecurity skills? 🧠💻 And yes… that must-have t-shirt and the coolest swag in town? It’s making a comeback too — and you better believe it’s gonna be 🔥 this year! 😎🧢👕 Feeling excited? You should be! 👀 Tickets drop soon – don’t let the bugs (or the FOMO) get you! 🏃‍♂️💨 #HackerOne #BugBountySponsor #BSidesAhmedabad #Cybersecurity #CyberHunt #HackTheWorld #NextLevelCyber #FOMO #CyberPower #Innovation

@bhavukjain1 My Authentication Bypass report was mark as Not Applicable on Shopify😅.

Shopify isn’t for the weak!

We’re beyond excited to launch the BSides Ahmedabad 0X06 new website landing page – it’s officially LIVE! 🎉🚀 Go check it out now at bsidesahmedabad.in🔥 Get ready, the CFP is just around the corner! 📝✨ More updates coming your way, stay tuned! 👀📲 #bsidesahmedabad #websitelaunch #bsidesahmedabad0x06 #cybersecurity #techcommunity #ahmedabadevents #newwebsite #staytuned #pentesting #ethicalhacking #securityexperts #hackerprevention #cyberawareness #cyberdefence

@tabaahi_ And another was something related to blood change.

@tabaahi_ Hi Mohsin, Recovery from GBS takes time, depends upon multiple factors. Ranging from 6 months to may be 1 year. I would suggest start the treatment as soon as possible. There was 2 types of treatments, one was injection which cost 16k - 17k in 2022

Has anyone been affected by the #GBS virus? How was your recovery experience, and what treatments helped the most? Looking for real experiences and insights. #GuillainBarreSyndrome #GBSRecovery

🚨 Big Announcement! 🚨 🥁 We’re thrilled to unveil the official dates for BSides Ahmedabad 2025! 🕶️🎉 🗓️ 12-13 September 2025 🔥 Mark your calendars🗓️, rally your squad🫡& prepare for two incredible days packed with groundbreaking talks😎, hand-on workshops🤩,unparalleled networking🛜& of course,the coolest swags to take home.💼✌️✨ #bsidesahmedabad #ethicalhacking #infosec #techevent #cybersecurity #bugbounty #cyberdefense #conference #dataprotection #pentesting #securityawareness #cloudsecurity #cyberthreat #securityresearch #networking #workshops

🚨 Yay, we were rewarded with $20,000 on our @Hacker0x01 submission for a SSRF bug discovered in collaboration with @Shlibness! 💰🎉 🥳 We uncovered a Critical SSRF vulnerability, turning it into unauthorized access to internal admin endpoints, leading to PII leaks and administrative access! Here’s how we escalated a simple SSRF to a $20,000 bounty. 💰🛡️ 🔍 Step-by-Step Breakdown: 1️⃣During our testing, we found an endpoint accepting an "url" parameter. 2️⃣To confirm it was vulnerable to SSRF, we passed a Burp Collaborator URL and received an HTTP pingback, indicating a potential SSRF issue. ✅ 3️⃣We then attempted to escalate this Issue by accessing localhost and AWS metadata. 4️⃣It turned out the endpoint was part of an AWS Lambda function. By hitting http://localhost:9001/2018-06-01/runtime/invocation/next, we retrieved Lambda function details. 💡 5️⃣At this point, there were no sensitive credentials or Information leaked. But since the SSRF allowed partial read, we wondered: "What if we could access internal services whitelisted for this Lambda?" 🤔 6️⃣Next, we identified two categories of targets across all subdomains: Externally resolving but not directly accessible via HTTP Internally resolving and obviously not accessible via the Internet🌐 7️⃣We used Shub's @infosec_au Surf tool (github.com/assetnote/surf) for discovering potential Internal targets and found 5000+ viable subdomains that were inaccessible from the internet. 🎯 8️⃣Chaining the SSRF further, we searched for Swagger endpoints on all these targets Identified by the surf tool, we ended up looking for endpoints like: http:///swagger-ui/swagger.json http:///api/v1/api-docs http:///api/v2/api-docs etc We discovered that the Lambda function had whitelisted access to internal hosts exposing Swagger API documentation. 🚀 9️⃣The Swagger docs revealed administrative endpoints. Chaining the SSRF again, we accessed these Internal API endpoints, leading to PII leaks and unauthorized access to other internal administrative functionalities. 🔓 ⚠️ Impact: This vulnerability allowed attackers to access internal administrative endpoints, leaking PII and exposing other critical business risks. 🚨 💡Lesson Learned: Don’t stop at confirming SSRF! Always think outside the box and explore ways to escalate for maximum impact. Creativity wins the game! 🧠✨ #BugBounty #HackerOne #BugCrowd #YesWehack #Intigriti #bugbountytips #security Y

Slides of my talk in @bsidesahmedabad I hope you like it and found it a little bit useful #slide=id.g2fe50fbe464_0_0" target="_blank" rel="nofollow noopener">docs.google.com/presentation/d… #bugbounty #bugbountytip #bugbountytips #infosec Thanks for support for all of you and @bsidesahmedabad & @Bugcrowd

check my new tools for #bugbounty its just came public now github.com/orwagodfather/… github.com/orwagodfather/… and dont forget to check my updated wordlists Thanks @bsidesahmedabad @Bugcrowd #bugbountytip #bugbountytips

Blind Command Injection Leads to Nothing!! @kush.kira/blind-command-injection-leads-to-nothing-ea56f6662a58?source=rss------bug_bounty-5" target="_blank" rel="nofollow noopener">medium.com/@kush.kira/bli… #bugbounty #bugbountytips #bugbountytip

Top 10 #XSS Payloads By @RodoAssis rodoassis.medium.com/top-10-xss-pay…