Jeti

Here's a write-up on a Browser-Powered Desync bug that I discovered in the Azure CDN service known as Front Door. The entire concept is built upon the excellent research by @albinowax. Initially identified within the @intigriti program. blog.jeti.pw/posts/knocking… #bugbounty

Knocking on the Front Door (client side desync attack on Azure CDN) - @0xJeti blog.jeti.pw/posts/knocking…

I created a tool called "Creatures Of Habit" which accepts a GitHub username/organisation finds all public repos and extracts endpoints from popular web frameworks github.com/BuildHackSecur…

I plan to expand this by listing all the org repo, finding all the contributors and then scanning their public repos

When researching Palo Alto PAN-OS, @assetnote's Security Research team discovered an authentication bypass due to flaws in its architecture. Our team digs a lot deeper than surface-level CVEs; this research is an example. slcyber.io/blog/nginx-apa…

@_zwink Yes, like every good hacker, she has some tricks up her sleeve. In this case it's called autostereograms

@intidc @zseano @0xStrawHat Yes, that is not true... stored XSS is sometimes High. But reflected/DOM XSS is always Medium ;)

@zseano @0xStrawHat That is not true - I know because I wrote our policy on it.

HackerOne, Bugcrowd, YesWeHack The top 3 bug bounty platforms you'll ever need. Hundreds of public programs, wide scopes, web apps with lots of features... THERE ARE BUGS OUT THERE. Invest the time and have fun~

With 12h more of hacking (and A LOT of reports to be processed, so it's all subject to change), we're 3rd as a team 🇵🇱 of the H1 Ambassador World Cup qualis Plus individually, we occupy 2 out of top 3 spots for bounties with DrBrix absolutely killing it in the 1st I'm so happy!

🔥🔥🔥 #HackerHideout0524 #hh0524

I recently found a decade old Server-Side Browser on a #BugBounty program. Exploiting it was a bit of a ride. I wrote up the experience so others may learn from my (many) mistakes! blog.ajxchapman.com/posts/2024/05/…

Today @bugcrowd, we're expanding our product line to offer VDP's for free bugcrowd.com/blog/introduci…, marking the next evolution of our VDP product, following our removal of incentives some time back. This marks a change in the industry, providing a no cost entry point for customers to build up reporting portals, to support hackers in bringing vulnerabilities to them, in a fast, and effective manner. It also allows customers to build exposure to the value of the hacking community, and then pursue other offerings in the managed bug bounty space, or pen testing space, in a paid model, that incentivises findings and discovery, whilst VDP is intended to capture existing known findings. Also, hackers, we hear you, we love you and we know there's more to change around VDP's. This isn't our only change. We're aware of the need to change terms for them, and it's currently an active discussion, as well as better separating VDP from MBB which we've done by removing incentives, and having this offering not list in our program portals. If you've other feedback, we would love to hear it, and welcome it - my slack is always open and you can reach me on HIVE, Bug Bounty Forum, or here over DM

Hey, Polish hackers! 🗣️ The first meeting of the Poland HackerOne Club is tomorrow, April 23! Join @gregxsunday and @_pkusik for an exciting agenda of lectures and networking. RSVP here to reserve your spot: bit.ly/49NCGfT

Browser-powered desync #bugbounty #bugbountytips #bugbountyhunter

@gregxsunday Wow, my blog post featured in BBRE, thx @gregxsunday

@vict0ni That sucks. Maybe fitting those 3 requests into a single packet in Burp would help with jitter?

I was successful only once, probably by luck. The triager wasn't satisfied though (and I can understand that). The result? Secured by unstable code! #bugbounty

I was so close to a sandwich attack on a reset password functionality that could let to an ATO but that damn backend server took its time #BugBounty

I'm proud to be the H1 ambassador for Poland🇵🇱 All the polish hackers interested, DM me to join to hack and have fun together😏

Poland has now a H1 Brand Ambassador! Congrats @gregxsunday

I'm really close to 50k subscribers on YouTube and it's my birthday🥳 Can we make it to 50% of the silver button today?😏 Subscribe if you haven't already, RT if you have! youtube.com/channel/UCZDyl…

@SecGus github.com/assetnote/surf ?

Any good SSRF hackers for an escalation? Payload must start with “//“ and HTTP outbound is blocked. Tried finding internal IPs and hosts to no avail. Should be full read SSRF if I can find a host to prove it.

@Jhaddix @InsiderPhD tbhmlive.com!

Ok fam. I’m giving away TWO free tickets to my course which takes place in two/three weeks. All you have to do to win is like, retweet this tweet, and reply with “tbhmlive.com!” I’ll pick winners next week! If you haven’t seen my course, check out the link!