himanshumonu

@EvanKlein338226 bro writeups ?

The vuln type that made me the most money is ___ Mine: IDOR. Not the flashiest, but consistent 💰 Yours?

@EvanKlein338226 for how many years you are hunting ?

Controversial take: AI is making bug bounty both better AND worse at the same time. Better: faster recon, pattern recognition, report writing Worse: noise from script kiddies running AI-generated scans, more dupes, lower signal-to-noise Where do you stand? Is AI net positive or negative for the industry?

@EvanKlein338226 keep sharing your thoughts. these are very helpful.

Unpopular opinion: Most bug bounty hunters waste 80% of their time on recon tools when they should be spending that time actually understanding the app's logic. What's your recon-to-actual-testing ratio? Be honest.

@EvanKlein338226 rate limit bug not accept by programme, password change doesnt invalidate session.

Top 3 auth mistakes I keep finding in pentests (thread): 1. No rate limiting on login endpoints - brute force in minutes 2. Password reset tokens that don't expire 3. Session tokens surviving logout (backend doesn't actually invalidate) What's the worst auth bug you've found? 👇

@a13h1_ @Hacker0x01 writeups when

Yay, I was awarded a $1000 bounty on @Hacker0x01! hackerone.com/root_a13h1 #TogetherWeHitHarder

@a13h1_ public or private programme

Several reports submitted this month were paid out today, with more still under review and pending bounty. #BugBounty #CyberSecurity #InfoSec #SecurityResearch

@suslu7616 bro you work for vieh group ? your payload is using by vieh group

I found #xss on #ecommerce site. Payload; ">>>>>><marquee>RXSS</marquee></head><abc></script><script>alert(origin)</script><meta How do you increase the impact? #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

@Atomsmade @Behi_Sec this is my github dork { AWS_SECRET_ACCESS_KEY org:organization name "target" "password/email": "api/v1/users" "example.com" }

@74himanshukumar @Behi_Sec Do you use automation for GitHub dorking

I do not run any JS or subdomain monitoring, but I always monitor: - My target's social profiles - Blog posts - Release notes New features mean new attack surface. This alone gives me constant fresh things to test.

@Behi_Sec google dorking, github dorking also i do

@Behi_Sec I choose target, i run katana and start finding endpoint,api keys leakage in js files, 2nd step fuzzing using ffuf, 3rd step waybackurls. after this i change my target and repeat these steps. what is your approach when you hunt on a target ?

@mooo_sec share some tips about directory fuzzing

Admin Panel Access Scenario I Found • During recon I found a domain with an empty main page • Port scan showed 1950 open • Visiting example.com:1950 revealed an admin login • Default creds worked and gave full admin access #CyberSecurity #BugBounty #bugbountytips

@Behi_Sec tell about user registeration asking phone number and verify code on that number. we dont want to share our phone number. what you do in that case

I find it really helpful to anticipate the behavior of my target when I'm testing for a specific bug type. This often gives me ideas on how to bypass potential protections. Do this, and thank me later.

@Behi_Sec you read all js files manually ?

4 easy ways I discover hidden endpoints: • Waybackurls • Reading all API docs • DuckDuckGo dorks • Digging inside JS files What methods do you use?

@Behi_Sec Ffuf,subfinder,katana,waybackurls

These are the bug bounty tools I use: - ffuf - waybackurls - LinkFinder - Arjun - cloud_enum What do you use?

@ghost__man01 @AxosBank Bhai tum self hosted program pe hunting karte ho ya phir h1,bugcrowd.

Hey @AxosBank, I want to report a vulnerability on your website. Please guide me how can I report it so that your customers remain safe and trustworthy of their data. Thanks. #BugBounty

@Behi_Sec Just share all important things related to access control

If you have any questions regarding Access Control vulnerabilities, feel free to ask!

@Behi_Sec Very helpful.

Bug Bounty Tip: If you have a UUID-based IDOR and can't find a valid UUID of other users, do this: Search the endpoints that hold UUIDs on GitHub! You will usually find that other users have left their UUIDs in their sample codes/scripts.

@Ganofins @Hacker0x01 All private program

In July, I submitted 40 vulnerabilities to 5 programs on @Hacker0x01. #TogetherWeHitHarder hackerone.com/last-month

@a13h1_ @Hacker0x01 Private program?

In July, I submitted 10 vulnerabilities to 1 program on @Hacker0x01 and get paid 5,550$ in bounties for 8 reports #TogetherWeHitHarder hackerone.com/last-month

@impratikdabhi @grok 19