TheeRaptor

@coffinxp7 your methods works magic thank you.. First of many

I earned $750 for my submission on @bugcrowd bugcrowd.com/h/{id: "theraptor"} #ItTakesACrowd #BugBounty #bugbounty #Jesus

Someone said "Basic bugs gets you basic Bounties and duplicates" I felt that. #Bugbounty #bugbountytips #BugBounty

@torik_1999 @Bugcrowd You can find sql on many targets... You just need to go deep enough

@Wild_Carrd @Bugcrowd Which type of target you choose to find sqli?

Triaged!!!!!!! on @Bugcrowd SQL again. #bugbounty #BugBounty #Jesus

@hunt_n27493 @Bugcrowd Okay

@Wild_Carrd @Bugcrowd @Wild_Carrd Bro can you please ping me am unable to dm you 🙃 actually i want to talk something can't disclose here so please ping me

@Bugcrowd how many p1 for a shoutout... Im a beginner btw

This belongs to all of us.

The Arsenal. Your Premier League champions.

@wanahmadqais007 @Bugcrowd Thank you

@Wild_Carrd @Bugcrowd Nice catch! 👨🏻‍💻

Got Triaged on @Bugcrowd It was really supposed to be a P1 since It Full PII Disclosure.But I'm still thankful.Hopefully they will still still view it as a P1. #BugBounty #bugbounty #Jesus

@Toshusec_ This is supposed yo be a high minimum

Bug - Local file inclusion Tip- Always subfinder ? or any other passive subenum tools i know i know those are great tools but you missing hidden gems, try active subenum using dns bruteforcing puredns bruteforce wordlists.txt domain.tld -r resolvers.txt -w brute-subs.txt

@MiniMjStar @Bugcrowd Choose your wordlist wisely

@Wild_Carrd @Bugcrowd ah about param discovery and fuzzing and stuff, i was doing some of it a bit but failed to find SQLI's, any tips or some? i was working on bmw which is massive but misearbly couldn't find any sqli

Got Triaged again on @Bugcrowd . This month i'm really loving SQL Bugs. #BugBounty #bugbounty #Jesus

@0xwer8 @Bugcrowd Dive into Js... And Turn it inside out... There is always a less secure endpoint there

@Wild_Carrd @Bugcrowd any advise on where to look exactly?

@whats_next9 @Bugcrowd Nah.. Dont Test sql on search bar you will be wasting time they are well protected... Find endpoints that are hidden... You will have better luck there

@Wild_Carrd @Bugcrowd please was this found in a search bar

@taha_marzak20 @GodfatherOrwa @Bugcrowd Dm

@GodfatherOrwa @Wild_Carrd @Bugcrowd if you wanna collab we may get an sqli on a big companie i ve already proved many stuff just could't exploit it

Had to go through this before they Traiged on @Bugcrowd If you Believe your submission is valid to Quit on it.Cost me some points but it's all worth it now. #Bugbounty #bugbounty #ItsnotmeitsJesus

@GodfatherOrwa @Bugcrowd Yeah already submitted... Gave them the sql command

@Wild_Carrd @Bugcrowd You should give a valid payload to extract databases or a valid SQLmap command to make it easy for the triaged team, I can help if you plan to re-submit the reports

@GodfatherOrwa @Bugcrowd No.. Everything was working i just didn't understand why they we not able to reproduce.. And when they did reproduce they said i needed at least to show data extraction atleast a DB name or something and when i did they Triaged

@Wild_Carrd @Bugcrowd 🤔🤔🤔 Is that unacceptable reports, was wrong exploit from you ?

@damian_89_ @Bugcrowd Tried 5submissions with my own title and got tired😂Needed thm to see the impact before the poc😂

@Wild_Carrd @Bugcrowd You really just copied the AI generated title, right? #emdash

Another one on Triiiiiaged @Bugcrowd This was a tough one ngl.#bugbounty #Bugbounty #ItsnotmeItsJesus