Shehzad Ali

1.3K posts

Shehzad Ali

@ShehSec

Penetration Tester || Security Researcher

169.254.169.254 Katılım Temmuz 2019

764 Takip Edilen916 Takipçiler

Sabitlenmiş Tweet

Shehzad Ali@ShehSec·11 Nis

I just published my first blog. We hacked a web App using logic flaws: OTP bypass, payment bypass, ATO and more. Read the full write-up here ⬇️ 👉 @shehzadinfosec1337/how-we-hacked-a-crypto-website-through-business-logic-bugs-1064c64640f0" target="_blank" rel="nofollow noopener">medium.com/@shehzadinfose… #bugbounty #infosec #websecurity #CyberSecurity #Pentesting

English

255

14.1K

Shehzad Ali retweetledi

obscaries ❘ AppSec@obscaries·2 Nis

Modern apps hide gold in JavaScript: 🔐 APIs & auth logic 🗝️ Secrets 🐛 Client-side bugs waiting to be exploited If you’re not analyzing JS, you’re leaving bugs on the table. 🔍🔥 Level up your recon: 👉 kpwn.de/posts/javascri… #BugBounty #Pentesting #WebSecurity #AppSec #JavaScript

English

101

6.9K

Shehzad Ali retweetledi

Sahil Choudhary@sahilsince2000·18 Mar

No jailbreak. No problem. 🔓 I built a tool that bypasses iOS SSL Pinning using OpenVPN + iptables — works with Burp Suite & mitmproxy out of the box. 👇 GitHub github.com/SahilH4ck4you/… #CyberSecurity #BugBounty #iOS #Pentesting

English

174

1.1K

60.7K

Shehzad Ali retweetledi

zack0x01@zack0x01_·17 Mar

recox.hackerz.space is outperforming most recon tools 🔥🚀: 🔴waybackurls → 10,184 ✅recox → 53,030 🔥 🔴subfinder → 896 🔴subd...c99nl → 896 ✅recox → 901 ⚡ check it out : recox.hackerz.space #bugbounty #bugbountytips

English

119

692

55.2K

Shehzad Ali retweetledi

Nicolas Krassas@Dinosn·4 Mar

SSLPinDetect is a tool for analyzing Android APKs to detect SSL pinning implementations github.com/aancw/SSLPinDe…

English

143

9.4K

Shehzad Ali retweetledi

the_IDORminator@the_IDORminator·4 Oca

I spent a great deal of time #hacking Salesforce Lightning and have learned quite a bit about it. If you ever see endpoints that end in "/aura", you are probably on one. They are almost always vulnerable to some kind of information leak, due to poor configuration. Poorly secured classes, controllers, methods, and input parameters can lead to so many problems. This one dumped out full order information by orderId only, no authentication. Salesforce IDs look random, but they are not. That 8016T0000020JQsQAZ can be easily iterated as the first bit just refers to an order object. OK BYE

English

570

22.4K

Shehzad Ali retweetledi

mrdesoky0@mrdesoky0·29 Kas

this Secure Code Explain page is a goldmine. Super easy breakdowns of common vulns with vulnerable code: securitycipher.com/docs/security/… #bugbountytips #InfoSec

English

279

13.6K

Shehzad Ali retweetledi

Critical Thinking - Bug Bounty Podcast@ctbbpodcast·19 Eki

Gareth Heyes just showed how to smuggle data from the URL hash directly into an event handler by making the element rewrite its own attributes. x.com/garethheyes/st… Let's see how it works:

Gareth Heyes \u2028@garethheyes

Someone asked how to use the payload I previously posted in different events: <svg onload="attributes[0].value=id+URL+id,new onload" id=`> <input onfocus="attributes[0].value=id+URL+id,new onfocus" id=` autofocus> #${alert(1)}

English

12.9K

Shehzad Ali retweetledi

shubs@infosec_au·22 Eki

As a homage to the work of @Blaklis_, our Security Researcher @softpoison_ debuts his first research post on reverse engineering a critical unauthenticated RCE in Magento (SessionReaper) CVE-2025-54236 at @SLCyberSec: slcyber.io/assetnote-secu…

English

181

19.1K

Shehzad Ali retweetledi

Mohsin Khan@tabaahi_·12 Eki

I asked 10+ top bug hunters who made over $500k+ about their secrets. Here’s what they said: 1. They work insanely hard (280+ hrs/month) even after earning millions. 2. They master 1–3 programs deeply. 3. Speed matters. Never break your momentum. 1/n

English

168

972

68.4K

Shehzad Ali@ShehSec·26 Ağu

@mujtabasec Missing HTTP Security Headers

English

M U J T A B A@thegh0stvz·24 Ağu

Hello Hackers 👋 Share your favorite bug class! Mine: Business Logic #infosec #bugbounty #websecurity #pentest #hackerone

English

3.1K

Shehzad Ali retweetledi

Critical Thinking - Bug Bounty Podcast@ctbbpodcast·21 Haz

Prompt injection works a lot better if your message sounds like the data the model was trained on. Some prompt formats that have worked in real bugs:

Critical Thinking - Bug Bounty Podcast tweet media

English

129

11.4K

Shehzad Ali retweetledi

Md Ismail Šojal 🕷️@0x0SojalSec·19 Haz

Using Objection Framework, how to perform iOS apps penetration testing 📱 Part I :-blog.securelayer7.net/a-run-time-app… Part II :- blog.securelayer7.net/a-run-time-app… #infosec #cybersec #bugbountytips

English

1.1K

Shehzad Ali@ShehSec·14 Haz

ATO via OTP Bypass on Android Application Just published a new write-up, check it out! #AndroidSecurity #Pentesting #CyberSecurity #ATO #bugbounty @shehzadinfosec1337/account-takeover-in-android-app-otp-bypass-81d4428f0bc2" target="_blank" rel="nofollow noopener">medium.com/@shehzadinfose…

English

282

Shehzad Ali@ShehSec·9 Haz

@ghostlulz1337 Would be great if you start Thick Client Apps pentesting or game hacking

English

104

ghostlulz@ghostlulz1337·9 Haz

Sometimes I get tired of only posting bugbounty and web app hacking content. I might start posting more stuff related to internal hacking, game cheats, , maldev, and hacking AI. Hopefully you all like these topics as well.

English

2.4K

Shehzad Ali@ShehSec·9 Haz

@TheMsterDoctor1 I’m ready to earn my OSCP

English

Shehzad Ali retweetledi

Het Mehta@hetmehtaa·9 Haz

BRUTAL TRUTH: 83% of Pentest candidates fail interviews despite having solid technical skills After conducting 50+ security interviews and helping dozens land their dream roles, here's why most fail (and the exact fix) 🧵 #CyberSecurity #InfoSec #TechCareers

English

102

603

76.9K

Shehzad Ali@ShehSec·9 Haz

Hey! I just published "How a Simple Git Leak Led to AWS Keys & Database Credentials" medium.com/p/how-a-simple…

English

2.2K

Shehzad Ali@ShehSec·16 May

@burhangee Hi please DM

English

Burhan Rana@burhangee·11 Oca

Please check out my channel: youtube.com/channel/UCVb96… and if you like my work, leave me a sub and like :)

English

Shehzad Ali@ShehSec·25 Nis

@XHackerx007 Legend never die

English

266

Abdullah Nawaf (HackerX007)🇯🇴@XHackerx007·25 Nis

A little story I hope will motivate you: I hadn’t been hunting for almost two months. I was busy with house repairs and building my new setup. As a full-time bug bounty hunter, it was super hard for me because I depend on bug bounty to live! Last week, I felt really down. I was depressed and scared. I kept thinking, "What if I go back to hunting and find nothing? What if I’ve lost my skills?" Two months felt like a long time away from the game. But today, my new setup was finally done. I turned on my PC, still scared of failing, still unsure. To get back into it, I decided to start by retesting some of my old bugs and the subdomains where I found them before. For me, this is always the best way to start after a break. And guess what? Just two hours in, I found a P1 Account Takeover! I was shocked! What I want to say is simple: * Never give up. * Always re-test your old bugs and the subdomains where you found them. * Always try response manipulation on password reset functions that use security questions. (I just changed the API JSON response from 403 to 200, which bypassed the security question and let me change the admin’s password!) This new setup was powered by gifts from @Bugcrowd ! Thanks, and good hunting! #BugBounty #BugBountyTip #BugBountyTips #Bugcrowd #HackerOne #SOC #CyberSecurity #infosec