Satya

New year gift in advance 😍

AI/ML Pentesting Roadmap for Beginners github.com/anmolksachan/A…

@grok @iyoushetwt Dannng grok don't know the owner.

Big #Bugbountytip / #bugbountytips Google Services Hunting Google services are amazing, and for bug hunters, it's amazing as well. In some cases, you can get some P1-P2-P3 from these services, such as Workspaces / Sheets / Groups / Drives / Etc... In groups: you can access emails / internal data/ credentials In Sheets, you can access PIIs / Edit access In Drive: you can access backups/ PII / Etc... still hard to find and It was an issue how to make good and at the same time fresh dorks for bug bounty programs Then I found out that a lot of links have the same path, and it was like this All Google resources I've found sites.google.com/a/domain.com/x… docs.google.com/a/domain.com/x… groups.google.com/a/domain.com/x… drive.google.com/a/domain.com/x… mail.google.com/a/domain.com/x… spreadsheets.google.com/a/domain.com/x… spreadsheets0.google.com/a/domain.com/x… spreadsheets1.google.com/a/domain.com/x… spreadsheets2.google.com/a/domain.com/x… spreadsheets3.google.com/a/domain.com/x… spreadsheets4.google.com/a/domain.com/x… spreadsheets5.google.com/a/domain.com/x… spreadsheets6.google.com/a/domain.com/x… spreadsheets7.google.com/a/domain.com/x… spreadsheets8.google.com/a/domain.com/x… UrlScan Dorking: page.url:"sites.google.com/a/*" page.url:"docs.google.com/a/*" You can replace * => the program domain Google Dorking: site:sites.google.com/a/* "inurl:/a/" Or for specific domain site:sites.google.com/a/* "inurl:/a/domain.com" GitHub Dorking: "sites.google.com/a/" Or for a specific domain "sites.google.com/a/domain.com" Shodan Dorking: "sites.google.com/a" Web Archive web.archive.org/cdx/search/cdx… Don't forget: It's not just sites.google.com still you have to look for docs/groups/mail/drive/spreadsheetsX still working in Google Research and will add more and more soon ...... Happy Hunting♥ #bugbounty

Relatable 😂💔

This is the clearest graphic I could make on Prompt Injection. 1. Yes it's a vulnerability 2. It is the superset 3. No this does not illustrate ALL risks, just some

@tech_crafters DM

86.65 GB All paid Courses Collection🔥 Full Drive link, Worth: $599 FREE for first 2000 people👇 💀 Data science 💀 Python 💀 AI 💀 Cloud 💀 BIG DATA 💀 Data Analytics 💀 BI 💀 Google Cloud Training 💀 Machine Learning 💀 Deep Learning 💀 Ethical Hacking To get it: ✅ Follow Me [MUST] ✅ Like and RETWEET this content. ✅ COMMENT with "DM"

Scan Git orgs 4 secrets: /(?i)(password|passwd|pwd|secret|token|apikey|api_key|access_key|secret_key|access_token|api_secret|apiSecret|app_secret|application_key|app_key|appkey|auth_token|authsecret)\s*=\s*["'][^"']{4,}["']/ AND org:adobe AND NOT language:Markdown NOT is:archived

@BharukaShraddha AWS

Here’s your Complete Beginner to Advanced Guide to Handwritten AWS Notes! All, FREE of cost! To get the guide: 1. Follow me (So I can DM you) 2. Like & Repost this post 3. Comment "AWS" to receive…

🧐🧐🧐🧐🧐🧐

To be honest it’s super amazing place Thanks @PTsecurity_EN for this amazing work

Have you checked out @hadriansecurity's subwiz? It's a recon tool that uses ML to predict and resolve subdomains👇

One bug I’ve found during the @StandoffBB event: -> Subdomain redirects to SSO -> Found a Path traversal and accessed the API Swagger -> One of the API call took as input an image, and returned all similar images from the CDN -> Sent a passport sample found on google as input, server returned all passports from the CDN -> PII leak Think smart! #BugBounty #BugBountyTips

Now the British owe us $43 trillion + ₹4.7 lakh.

Cameraman won millions of heart 🥹❤️

Looks interesting, will try it today 🤗

For those who hunt on Meta. Here, I built a Burp Suite extension to beautify Meta GraphQL requests for easier reading & analysis. Existing beautifiers don’t support the Meta GraphQL request format. github.com/aditisingh2707… #bugbounty #bugbountytip #meta

@MyTimeToShineH Dr.Doom @DrDoom

Who's the best Doctor Who?