xAbraham

67 posts

xAbraham

xAbraham

@Exploit_000

Security Researcher | Bug Bounty Hunter | Competitive Programmer

Katılım Mart 2024
128 Takip Edilen31 Takipçiler
xAbraham
xAbraham@Exploit_000·
Huge thanks to @garethheyes . If you want to build confidence with WAF bypasses and better understand client-side vulnerabilities, this book is a must-read. I recently got rewarded for a Stored XSS, and the knowledge from this book definitely helped. Highly recommended!
xAbraham tweet media
English
4
3
14
1.4K
Krigshaw
Krigshaw@krigshaw·
@Exploit_000 @garethheyes Thanks for the reminder I need to pick one of these up too. I'm pretty sure Ars0n aka rs0n_live one of my mentors recommended it during one of his trainings.
English
1
0
3
60
xAbraham
xAbraham@Exploit_000·
Sometimes the difference between authorized and unauthorized is just changing a parameter from true to false. Access control bugs never get old . Reported. Let's see how it goes ⏳ #bugbounty #hackerone
xAbraham tweet media
English
2
0
33
1.7K
Bahar
Bahar@baharkarakrt·
Bunu çözebilirsen IQ seviyen ortalamanın üstündedir. xy kaçtır?
Bahar tweet media
Türkçe
11.2K
150
2.9K
1.6M
xAbraham retweetledi
Critical Thinking - Bug Bounty Podcast
Try treating a piece of scope like you're in a live hacking event. Maybe suddenly you see way more than you thought was there. Part 2 of episode 179, on how to keep yourself motivated!
English
0
2
34
2.4K
xAbraham
xAbraham@Exploit_000·
Found an interesting bug where a single PUT request led to multiple operational BOLA vulnerabilities, while also exposing sensitive user information such as email addresses and phone numbers. #BugBounty
xAbraham tweet media
English
0
0
3
155
karim
karim@mountainaddict0·
Guys, I know bug bounty can be frustrating, but believe me, when you see your first report getting accepted, you’ll feel 10x more energy and motivation to work harder and smarter the next day. Don’t quit, please.
English
12
13
226
10.7K
xAbraham
xAbraham@Exploit_000·
Anyone else noticing a shift from responsible disclosure to irresponsible disclosure these days?
English
0
0
0
78
xAbraham
xAbraham@Exploit_000·
@DarthKermi72747 We all know these systems are terrible when it comes to security, but don't post such sensitive information leaks. It involves the sensitive data of thousands of people. We all know black hats are faster than the fixing team :) they'll reach it first
English
0
0
1
2.2K
Rylen Anil
Rylen Anil@DarthKermi72747·
JEE Advanced 2026 candidate/result infrastructure (cdata.jeeadv.ac.in/result2026/) had a public cloud storage misconfiguration exposing bulk candidate data without auth. This exposed ~179.6k result records and ~187.3k admit-card PDFs, including candidate names, DOBs and mobile numbers.
Rylen Anil tweet mediaRylen Anil tweet media
English
88
429
2.4K
184K
xAbraham
xAbraham@Exploit_000·
A single POST request exposes all tenant user emails, and with hundreds of publicly accessible tenants. Reported, let’s see :)
xAbraham tweet media
English
0
0
0
165
Douglas Day
Douglas Day@ArchAngelDDay·
Thanks Claude.
Douglas Day tweet media
English
9
3
224
15.7K
xAbraham
xAbraham@Exploit_000·
Another Stored XSS 👀 javascript: and alert() were blocked, but javascript:confirm() slipped through 😶 #BugBounty #XSS #StoredXSS
xAbraham tweet media
English
0
0
0
266
xAbraham
xAbraham@Exploit_000·
Bypasses most common filters: • input.includes('javascript:') • input.match(/javascript:/i) • input.replace('javascript:','') Fuzzed & verified in DOM. START position even more lenient :) all 0-32 control chars allowed.
English
0
0
0
67
xAbraham
xAbraham@Exploit_000·
Browser normalizes javascript: URLs meaning [\t,\n,r] can be inserted between ANY two letters of the word and the browser still treats it as a valid protocol. So instead of javascript:alert(1) you can write- j%09a%09v%09a%09s%09c%09r%09i%09p%09t%09:alert(1) ✅ #BugBounty #XSS
xAbraham tweet media
English
1
0
1
173