APIArmor

I loved this article by @iamgk808. Read it, it’s inspiring, and it’s honest about the time and effort involved. Honestly, it inspired me. Thanks for writing it, Ganesh! 😎 infosecwriteups.com/from-failure-t… #bugbounty #cybersecurity

— yes, this NFT did $0-$200 and I know a lot of you missed this because you couldn’t mint from contract directly and I’ll show you how, do well to bookmark incase of next time. 🔻How to Mint Directly from Etherscan: so when next you see an nft project say “mint directly from Etherscan”, they mean use the “Write Contract tab” and here’s how to: 1. Go to the Contract on Etherscan Paste the contract address into etherscan.io like the one linked in this tweet. 2. Navigate to the Write Tab Click Contract → Write Contract 3. Connect Your Wallet Click the “Connect to Web3” button at the top of the Write Contract tab. It’ll prompt MetaMask (or whatever wallet you use) and approve it. 4. Find the mint Function From the screenshot, the interface shows: function mint(uint256 id) external; so you’ll see a mint field with one input box asking for a uint256 id. 5. Enter Your ID and Submit. you need to type a number in the id field (usually 0, 1, or your wallet derived number check the project’s instructions for what ID to use) in the case of this mint, you needed the ID of any nft that hasn’t been already minted then click Write and confirm the transaction in your wallet easy. 🔺here is a quick summary of what you need to do next time. 1. you need the nft contract on ethersacan 2. locate the “write contract option” connect your wallet to the “connect to web3 option” 3. Look for “mint function” and put in the required input and click “write” and boom you’ve successfully minted after txn confirms. would have dropped a video guide but there’s no time. don’t be left out next time incase you’re looking for a fancy website with mint button and graphics design. you’re welcome.

Best Resources for IDOR

Sleeping together is Not love. Talking 24/7 is NOT love. Laying up is NOT love. Going on dates is NOT love. Love is someone seeing the absolute worst side of you & still loving you the same. It's someone making stuff happen for you when you can't. It's someone holding you & calming you down while you're pouring your eyes out. It's someone voicing all the good things about you when all you see is bad. It's someone making sure you're okay, someone praying for you every day & night. It's someone that makes you laugh/ smile when you feel down.

To guys who are struggling to get their first valid bug/bounty this is a list of Self hosted Bug Bounty Programs that paid me for reporting Vulnerabilities : - liquidweb.com/policies/bug-b… - vivid.money/en-eu/bug-boun… coinfinity.co/bug-bounty - docs.digiteal.eu/Policy/Digitea… More in comments

Made it simpler yandex-dork.lovable.app @Shabosec Reference: hackware.ru/?p=6045

Every JWT writeup online covers 2–3 attacks and stops. I got tired of jumping between 40 blog posts, so I wrote the whole thing. All in one place. rmrf.tips/en #infosec #appsec #bugbounty #websec #jwt

I built this Dorking checklist: claude.ai/public/artifac…

Writeup for this supply chain attack is out @arshadkazmi42/how-i-simulated-a-supply-chain-attack-on-thousands-of-servers-and-made-25k-7d36647cbf36" target="_blank" rel="nofollow noopener">medium.com/@arshadkazmi42…

Bro to bro, If your partner’s vagina always tightens during penetration, don’t force yourself on her. You’re hurting her. 1. Take your time with foreplay until she reaches orgasm. 2. Use a water based lubricant. 3. She should practice Kegels and reverse Kegels. 4. Gently massage the external vaginal area. 5. She should also drink enough water. 6. Get her some pineapple juice. 7. Make her feel relaxed, comfortable, and calm. You can now enjoy your safe sex!

this is really an interesting attack,should be kept in mind. another attack similar to this is: 1.send the req to change UR email to emA,save the otpA (race condition): again send a req to change ur email to emB , on another request past the otpA to verify emB **can be scaled**

Critical: Client-Side Encryption Collapse site.com ↓ some_javascript.js ↓ Line no 80519 → encObj + base64 key ↓ atob(val) → "Encoded_Password" ↓ CryptoJS.AES.decrypt(encObj, passphrase) ↓ 55 configuration properties → 107 operational secrets exposed → Azure AD client_secret → OAuth client_credentials flow → RSA public keys → Forge encrypted /enc/ API requests → HMAC key → Backend-accepted payload signing → Direct Line token → Production chatbot access → Monitoring / RUM keys → Telemetry manipulation → Auth0 + reCAPTCHA config → Auth flow manipulation → 31+ encrypted authentication endpoints mapped ↓ Use extracted Azure AD credentials ↓ Request token from Microsoft OAuth endpoint (client_credentials) ↓ Receive valid JWT with high-privilege role (e.g., AllAccess) ↓ “Super token” accepted by backend across protected API routes (No user interaction required, role-based authorization granted) ↓ All sensitive authentication and account endpoints were wrapped in client-side hybrid encryption → Every request payload encrypted in browser → AES-256-CBC used for body encryption → RSA-OAEP used to wrap per-request AES key → Server accepts any request that decrypts successfully → Decryption success treated as implicit authorization ↓ Reverse-engineer encryption module (@**6246) → Algorithm: AES-256-CBC + RSA-OAEP (SHA-512) → Random 32-byte AES key per request → IV derived client-side → AES key wrapped with embedded RSA public key (promocode_pem) → Final format: { "key": base64(RSA_key), "body": hex(AES_ciphertext) } ↓ Hook JSON.stringify + XMLHttpRequest ↓ Capture plaintext BEFORE encryption (credentials, OTPs, tokens) Capture encrypted wrapper AFTER encryption Capture correlated server responses ↓ Analyze MFA implementation ↓ IP-based rate limiting only (lockout resets on IP change) OTP expiration not strictly enforced server-side Encrypted payload fields trusted after decryption ↓ Mass takeover method ↓ 1. Trigger MFA or password reset 2. Rotate IP to bypass rate limiting 3. Reuse or brute-force OTP under weak enforcement 4. Complete password reset flow 5. Authenticate as victim 6. Capture decrypted OTP and auth tokens via runtime hook 7. Reuse valid 2FA tokens for subsequent authenticated requests ↓ Full attack chain achieved: → Extract secrets from client bundle → Generate high-privilege JWT (“super token”) → Read any plaintext request (credentials, PII, tokens) → Forge any encrypted request the server will accept → Bypass MFA protections via IP rotation → Reset victim passwords → Decrypt authentication flows in runtime → Mass account takeover

I published one of the techniques that I've been using against OAuth providers, honetly, it's led me to discover many flaws, and recently I used it to find a 1-click ATO on one of the most widely visited websites,I hope you find it useful :-) blog.voorivex.team/story-of-abusi…

Don't participate in P2P MetaDAO sale. NFA: - Why does a P2P business even need a token? Governance? Even Aave had issues, Tally recently shut down. - They're doing TGE on Solana when the product launched on Base. - Their Dune shows total volume was $29,668,370. Why not take a cut to fund operations? - They're banned in India, their biggest market. Every other market is harder. Do the math. - Crypto-powered hawala is still hawala. ZK proofs don't change Indian law. FEMA Section 3 is a law. - The merchant receiving your UPI payment has no idea it came from crypto. When their account freezes, that's on them. - Their monthly ask is $175K. $75K for 25 team members, but who are these people? Can you even verify them? $3K/month per person is 6x what an average person makes in India. - $50K/month in marketing. Find me one campaign. - The team unlocks at price milestones, not revenue milestones. They just need to manipulate the price up. TLDR: the exit liquidity is you.

Spent a week testing AI for vulnerability research. 14 confirmed bugs in 20 min on one target. 5% hit rate on a hardened one. Same AI, same setup. 4 approaches, what worked, what failed, why target selection matters more than model sophistication. xclow3n.github.io/post/7

If you really wanna know how bugs in public programs are possible read this!! BETTER THAN FAKE MEDIUM WRITEUPS reddit.com/r/bugbounty/s/…

Discovered 3 HTTP request smuggling vulnerabilities and 1 cache poisoning vulnerability in Cloudflare’s Pingora reverse proxy, all exploitable under the default configuration. These issues resulted in 2 Critical CVEs and 1 High-severity CVE. xclow3n.github.io/post/6

Instead of Netflix, watch this masterclass on OpenClaw for TradingView to upgrade your trading game

90% of vibe coded apps have security issues Here's the full playbook to fix that : > Validate everything on the server > Sanitize before database queries > Use libraries like Zod or Yup for schema validation > Create a middleware that checks auth on every protected route > Don't rely on client-side checks > Use JWT tokens or session-based auth properly > API keys, database URLs, tokens go in environment variables > Never commit .env to GitHub > Add .env to .gitignore immediately > Never concatenate user input into SQL > Use ORMs like Prisma or prepared statements > Prevents SQL injection attacks > Prevent brute force attacks > Limit API calls per user/IP > Use tools like express-rate-limit or Upstash > Use bcrypt or argon2 > Never store plain text passwords > Never use weak hashing like MD5 > Don't use `origin: "*"` in production > Whitelist specific domains only > Configure proper HTTP headers > Use SSL certificates (free with Vercel, Netlify) > Redirect HTTP to HTTPS > Enable HSTS headers > Use CSRF tokens for state-changing operations > Verify origin headers > Use SameSite cookie attributes > Run `npm audit` before deploying > Update packages with known vulnerabilities > Use tools like Snyk or Dependabot

I finally let Claude do my pentest this week. Full 5-day engagement, zero human input. Here's what the client got: 😏 clawd.it/posts/10-repla… #bugbounty #pentesting #AI #cybersecurity #infosec #claudeai