DeepStrike
30 posts
DeepStrike
@DeepStrike_io
Replace outdated PDF pentest reports with a human-powered penetration testing approach that delivers unmatched intelligence and continuous security testing.
Katılım Nisan 2023
1 Takip Edilen343 Takipçiler
My honor to join @DeepStrike_io team.
Please if you have a company website to pentest, don’t hesitate to reach out.
Thanks to the CEO @Khalad0x0 and the team members.
DeepStrike@DeepStrike_io
🚀 Welcome aboard, @Alra3ees ! We're thrilled to have you join the DeepStrike family. Your skills and expertise will be a great addition, and we can’t wait to achieve amazing things together! 💪🔥 #WelcomeOnboard #NewTeamMember
English
🚀 Welcome aboard, @Alra3ees ! We're thrilled to have you join the DeepStrike family. Your skills and expertise will be a great addition, and we can’t wait to achieve amazing things together! 💪🔥 #WelcomeOnboard #NewTeamMember
English
Here we talked about most Important tips you need to change your game for finding IDOR vulnerabilities
Want more tips ? Follow us @DeepStrike_io ☝️
#bugbounty #bugbountytips
English
10/ Some recon to Find more IDs
- If the application uses GraphQL, you can test for ID leaks using Introspection Query
English
Want to find high-paying IDOR bugs in Web & Mobile apps?
Follow the thread 👇🧵
English
These are just the basics.
For a deep dive into OAuth vulnerabilities and how to secure your apps, check out my full blog:
deepstrike.io/blog/oauth-fro…
#bugbountytips
English
10. No Token Revocation Mechanism
If tokens can’t be revoked after logout or suspicious activity, compromised tokens remain valid.
Implement real-time token revocation and monitor for unusual token use.
English
Here are some common OAuth vulnerabilities and ways to secure your apps from authorization attacks and token theft.
🧵👇
#bugbounty #bugbountytips #infosec
English