Aditya Singh

@PingCAP Dear pingcap team, I have identified several high and critical vulnerabilities on your domains and responsibly reported them to security@pingcap.com  on March 8 2025. Unfortunately, I have not received any response which is why I am reaching out again via x .

@keydropcom Dear Key-drop team, Can you please look into my dm? It's urgent. Thank You

@keydropcom Dear Key-drop team, Can you please look into my dm? It's urgent. Thank You

🎮 BLAST Open Lisbon 2025 🏆 How to join: 1️⃣ Like ❤️ 2️⃣ Repost 🔄 3️⃣ Comment your winning team and MVP of the tournament 🏅 💸 Three lucky winners will get $5 USD each. Good Luck!🔥

@Amitlt2 bro i have many good self hosted programs which are unique and pays well. let me know if you're interested in program exchange.

🚨 Reflected XSS Alert! 🚨 Discovered a filter bypass using CSS & JavaScript tags to trigger an alert on document.domain! Payload breakdown: --%3E%3C/style%3E%3C/scRipt%3E%3CscRipt%3Ealert(document.domain)%3C/scRipt%3E #bugbountytips #bugbountytip #InfoSec #XSS

📚 Cloud Security - Penetration testing/learning #bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity #securitycipher #technology #coding #code #recon #ai #llm #owasp

Lol, today I learned how to open IPV6 address in a browser. 🤯 IP: 2600:1xx4:bxxx:2xx::3xxx URL: https://[IP] Note: IP needs to be put inside square bracket.

@sudo_jeli @Hacker0x01 Congratulations bro 💯💸

@Multi_mike01 Please check dm

@CyberBeast10100 See dm for further details

@Multi_mike01 Hi, I reported one high and one critical bug on your platform two months ago. However, I haven't received any validation response yet. Please look into this. Thank you.

@ShentuChain Hi, I reported one high and one critical bug on your platform two months ago. However, I haven't received any validation response yet. Please look into this. Thank you.

🔊New Bounty Alert! 🔛Solend is offering rewards of up to $1,000,000! 🔎OpenBounty has announced a new bug bounty opportunity for Solend: ✔️Rewards up to $1,000,000 ✔Target Type: Smart Contract 🚩Solend is an algorithmic, decentralized protocol for lending and borrowing on Solana. Its bug bounty program covers the Solend smart contracts (no UI bugs) and is focused on preventing thefts and freezing of funds. 🛡️Click for more details openbounty.shentu.technology/bountyProgram/… 🔗To explore more projects, visit openbounty.shentu.technology/allBounties OpenBounty, a decentralized Web3 bug bounty platform, connects Web3 projects with white-hat hackers, ensuring mutual benefits for security and rewards. openbounty.shentu.technology #ShentuChain #Web3 #BugBounty #OpenBounty #Solend #ethicalhacking

Race Condition Payload newEmail : attacker[@]local newEmail : victim[@]redacted #bugbountytips #bugbounty

GitHub - asharbinkhalil/gumshoe: OSINT tool for username, email and domains github.com/asharbinkhalil…

@sudo_jeli 🥂💸🤝🏻

🤔Many people have often asked me how to search for "ivanti", for shodan you can search as title:"Ivanti Connect" hostname:"target.*" credit: @ynsmroztas #bugbountytip #bugbounty

HackerOne disclosed a bug submitted by xklepxn: hackerone.com/reports/2442008 #hackerone #bugbounty

I just published How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR :D link.medium.com/kp9FE6VGaJb #bugbountytips #bugbountytip #CyberSecurity #Pentesting

Files Containing Juicy Info inurl:"/.vscode/sftp.json" #bugbounty #bugbountytips #bugbountytip #cybersecurity #ethicalhacking

There may be services where geoserver vulnerabilities are still not updated, so you can search /geoserver/ows with gau or wayback and try your luck. ~ waybackurl domain[.]com | grep '/geoserver/ows/' github.com/win3zz/CVE-202… #bugbountytip #bugbounty

I have found a new method for account takeover, almost all websites are vulnerable to it. #bugbounty

@arshadkazmi42 Can you please look into your dm the tool is looking like a static page it's not scanning

@CyberBeast10100 Just checked in my settings, the DM was set to allow from only verified users. This is fixed now, my DM is open for all. Sorry about this, I wasn't aware that this setting is by default set to verified users only.

Release a simple but powerful feature in iScan.today Now you can enable "Verified Secrets Only" which will show only the verified secrets found and will hide all the noise of unverified or false positive secrets. #bugbounty #buildinpublic