pt200

Just unlocked achievement swag from @YesWeHack 🎉🔥

@Aes_le drink to die 😆

I’m happy to share that I successfully reported three RCE vulnerabilities to Red Bull. I received 18 boxes of Red Bull to keep the energy going during long hunting sessions ⚡😄 Huge thanks to Red Bull for running an awesome bug bounty program. Time to keep hunting 🔥 #BugBounty

RCE Bug On T-Mobile's Custom Header Vulnerable Header: X-Export-Format: pdf ; Payload Tip: Always test your payloads on custom headers, as the header may be vulnerable, as in this case #BugBounty #bugbountytips #redteam #cybersecurity #Developers #pentest

The first-ever "Flysec Hack Trip" #FSHT49, has ended, and what an incredible 10 days it was! This #FSHT49 was just for Flysec members only and our members embarked on a journey to the beautiful city of Da Lat, Vietnam where they combined their passion for hacking with the serene landscapes and cool weather: ⚔️ This exclusive event brought together Flysec members to compete in teams, focusing their skills on a single, challenging target: a product from Zoom. Over the course of the trip, participants demonstrated incredible collaboration and ingenuity. Their hard work paid off with a remarkable total of 33 submissions, a testament to the high level of talent and dedication within our community. ❤️‍🔥 But it wasn't all just hacking. The trip was filled with joyful moments—from team outings to exploring the city's scenic spots. In short, the Flysec Hack Trip is more than just a competition. It’s a chance to build a community, solve complex problems, and create lasting memories with other cybersecurity enthusiasts, all while traveling. 🚀 The next "Flysec Hack Trip" event will come soon and open for more hackers/bug bounty hunters. Waiting for our announcement!

🥳 I'm in the Top 10 on @yeswehack for May 2025! This community makes hacking fun and meaningful — thank you all! Let’s keep hacking happy 💻✨ yeswehack.com/ranking?year=2…

It was an amazing experience in Prague. Although we didn’t make it to the next round, I’m grateful for the effort of all teams and the fantastic events. Big shout-out to Team Spain for giving it your all! Stay tuned for more in the next #AmbassadorWorldCup #Vietnam #Flysec

Hello everyone ♥ a little bit write-up of #bugbountytip #bugbountytips I am going to write here ..... Title: getting unauthorized access on 3rd party's/workspaces & and building your checklist for quickly locating bugs there via massive recon we know that its helpful to look for google groups/docs/etc.. Slack as well just like when the amazing @h4x0r_dz shared days ago .. Use google dork "site:join.slack.com" so I was not in a good mode the last months to doing Google Dorks, so what I did was build a checklist ready for me & very huge one for EX: groups.google.com docs.google.com join.slack.com and here is just an example you can add more similar workspaces for your checklist thin I extracted all internet endpoints and as example here join[.]slack[.]com otx.alienvault.com/api/v1/indicat… virustotal.com/vtapi/v2/domai… web.archive.org/cdx/search/cdx… you can use the ready tools to do it such as waymore important note: you have to keep your checklist updated every week and from here I just keep looking for the company name or domain name to see if there's anything connected and mostly the company name or domain name in the URL it self EX: tesla join.slack.com/t/Tesla-Intern… Ex For Bugs found: 1 unauthorized access to the workspaces (PII | Information disclose) 2 account takeover as Ex: valid signup employee link 3 account takeover as Ex: valid reset password employee link now about Slack, as an example if you found an invitation link for tesla Tesla join.slack.com/t/Tesla-Intern… and that link was not valid, don't stop here it will redirect for Ex: tesla-internal[.]slack[.]com here back and start looking manually for endpoints of this subdomain as well EX: web.archive.org/cdx/search/cdx… now there are a lot of 3rd party's/workspaces I just shared here slack & Google Docs/groups What I wrote is a bit long and annoying to some, so I apologize. I hope, as usual, that this will be useful to all who follow me here. #Bugounty don't forget to retweet if you like it ♥♥♥

Congrats🇻🇳squad's good win with 2nd highest score in the 1/8 finals of the #AmbassadorWorldCup, secure a spot in the Elite Eight round at Prague, 🇨🇿! 🔥Flysec has a great hacking experience in AWC 1/8 finals being in Top 1 of Report Leaderboard! Fighting for semi-final spot!

Looking for a quick and easy-to-use tool to help with file upload vulnerabilities? 😎 Upload Bypass is a simple Python tool that performs checks for several file upload vulnerabilities! 🤑 Check it out on Github 👇 buff.ly/3VSWoTH

🇻🇳 are trying our best and enjoy hacking at #AmbassadorWorldcup @Hacker0x01 ! Great to collaborate with all 🇻🇳 members !

Congrats our great member @LamScun on being selected as a new HackerOne Ambassador representing Vietnam 🇻🇳 along with @haxor31337 ❤️‍🔥@LamScun and @flysec_corp try our best to hack/secure harder together with 🇻🇳 hackers!

@cyberx00t @Bugcrowd @flysec_corp No gold bro 😅

@_pt200 @Bugcrowd @flysec_corp This is GOLD Coin ?😮

Thanks @Bugcrowd HackerCup2023 Try our best @flysec_corp 👨🏻‍💻

Check out this RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements Credit: github.com/ihebski/A-Red-… #BugBounty #bugbountytip #bugbounty #bugbountytips

Cool swags 🤓 Thanks @Hacker0x01

🐛 Bug Bounty Tips: Unlocking GraphQL's Hidden Potential 🌐 When it comes to GraphQL, it's easy to assume that all operations are accessible through a target app's functionality. But by limiting your research, you might miss out on valuable opportunities. Today, I'll share steps to expand your attack surface on GraphQL target apps, gaining a competitive advantage in finding and reporting security issues that could lead to some rewarding bounties! 1️⃣ Identifying GraphQL Targets: Start by identifying GraphQL targets using the powerful Nuclei Scanning: nuclei -l -t graphql-detect.yaml You can find the nuclei template at raw.githubusercontent.com/projectdiscove… 2️⃣ Retrieve the GraphQL Schema for hidden Query/Mutations: If Introspection is enabled, you can obtain the GraphQL Schema, revealing hidden GraphQL Operations and Mutations using the following GraphQL Query: {"query":"{__schema{queryType{name}mutationType{name}subscriptionType{name}types{...FullType}directives{name description locations args{...InputValue}}}}fragment FullType on __Type{kind name description fields(includeDeprecated:true){name description args{...InputValue}type{...TypeRef}isDeprecated deprecationReason}inputFields{...InputValue}interfaces{...TypeRef}enumValues(includeDeprecated:true){name description isDeprecated deprecationReason}possibleTypes{...TypeRef}}fragment InputValue on __InputValue{name description type{...TypeRef}defaultValue}fragment TypeRef on __Type{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name}}}}}}}}"} 3️⃣ Visualize with GraphQL Voyager: To visualize the GraphQL Schema effectively and craft your attack vector, use GraphQL Voyager—a powerful tool to help you navigate the schema: graphql-kit.com/graphql-voyage… 4️⃣ Retrieve Hidden Queries and Mutations: Retrieve GraphQL Queries and Mutations from JavaScript files when Introspection is disabled. These files may list hidden methods not accessible via the app's regular functionality. Try making direct requests to these. 5️⃣ Craft Your Attack: Craft your attack using the identified GraphQL Queries and Mutations. These methods are often vulnerable to various bug classes, including IDOR, RBAC, Race Condition, SQL, and more. If you can't find more GraphQL Queries and Mutations, don't worry! Stay tuned for upcoming insights on how to brute force and discover hidden ones. Takeaways: Don't hit a dead end with GraphQL apps. Dive deeper, find those concealed GraphQL Queries and Mutations, and unlock unimaginable functionalities that can lead to significant bounties! 💰🔐 #Cybersecurity #BugBounty #GraphQL #HackingTips #InfoSec #Hackerone #Bugcrowd #GraphQL #SecurityTips #BugBountyTips

I have got an awesome badge "Hacking Hackers" from @Hacker0x01 Great collaboration with my team 😋😋 @flysec_corp

Our 1st month bug bounty full-time 😋😋 Work hard, play hard together!!! #flyseccorp #BugBounty #pentest

Our Flysec team mascot - Psychic bug hunters