alienisgrinding

@mchklt @offsectraining mbrok the goaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaat

Happy to share that I’ve successfully passed the OSWE (Offensive Security Web Expert) exam by @offsectraining #OSWE #cybersecurity #hacking #bugbounty

@hamidonsolo 🔥🔥🔥

Bug bounty tip most beginners don't know: Don't hack Google. Don't hack Apple. Don't hack Facebook. Start with small startups on HackerOne that have 0-5 hackers looking at them. Less competition = faster first bounty even public programs. I found my first bug in a program after 1 month full tiem Paid $2500. Next post: how to find YOUR bug type — the one thing you get so good at that money becomes inevitable subscribe to be alerted when it comes .

Had a lot of fun writing this one, so don't forget to check it out.

New research just dropped by @alien2exe on hijacking OAuth popups via predictable window. open() targets. The chain uses iframe name collision forcing the auth flow into a controlled context, eventually linking an attacker-controlled addon to leak workspace PII and config data lab.ctbb.show/research/can-a…

@AmirMSafari interesting

Can you spot the XSS vulnerability? 👀 Test it out live at: pwnbox.xyz

I had the best time networking, learning, and sharing insights with my fellow hunters. @OriginalSicksec @Yassineaboukir @thelitesecurity @wld_basha @mchklt @Magn4_ @m4ll0k @nasserwashere @HappyKira9 and every other awesome hacker who took part in the event.

Last week I had the privilege of joining NullHat the first live hacking event of its kind in Morocco hosted by UM6P University Mohammed VI Polytechnic and 1337 Coding School and organized by The Elites' Security in collaboration with HackerOne. Huge thanks to the organizers

@AAsserMouh1 hey can you give me ur discord i have an idea i want to share with u

@abumaryamrahmat type of bugs u focus on ?

Looking for bugs on LinkedIn in early November 2022, Alhamdulillah the achievements for one year: - Ranked 2nd all-time - 1209 Reputation - 50+ Paid reports If you want to hunt there, LinkedIn has a lot of issues on access control and logic errors :) #hackerone #bugbountytips

@imranHudaA @Hacker0x01 @iambouali username: alienisgrinding

We are running a promotion for our private program at @Hacker0x01 New bounty range: Critical $3000 (1.5x) High $1125 (1.5x) Medium $500 (2x) Low $200 (2x) Feel free to ping @iambouali or me for an invite. Cheers.

@0xhavit damn

This is absolutely crazy! HackerOne's new feature allowed me to see that this report is a duplicate of a report that was reported just 1 minute before me... looking at the report number... unlucky me 🥲 #bugbounty #ethicalhacking #hackerone #TogetherWeHitHarder #infosec

@sachinnthakuri @Hacker0x01 alienisgrinding

Just launched a new private program on @Hacker0x01 if you're interested in hacking on fresh scopes, please comment your h1 username and i will add you to the program. #BugBounty

@Bugcrowd xss

What’s the most common bug of 2023? Tell us your prediction below and be entered to win a Bugcrowd shirt and stickers.

@bxmbn What makes you bypass all of those wafs for xss ?

I was rewarded $9.600 bounties 2day and achieved what seemed to be impossible for a long time Top 100 All-Time ✅

@Bugcrowd real

What's on your mind? 💭 hacking нΛㄈҚɪЛƓ h4(k!n9 ɥɐɔʞınƃ ₕₐ꒝ₖᵢₙg 𝕙𝕒𝕔𝕜𝕚𝕟𝕘

@Mr_Robert20 @Bugcrowd idors are the best

I got a Gift from bugcrowd in my birthday $$$$ 🤑🎁😃 Tip: 1. account have delete/disable users feature 2. admin disabled user 3. noticed no sync between accounts 4. as user noticed in post request param called "Enabled":False Thread 👇🏼 Thanks @bugcrowd❤️🙏🏻 #ItTakesACrowd

@bxmbn Why you love hunting on akamai even if you need to bypass the waf when performing cache poisning to xss?

This program rewards bounties even on weekends This program’s dedication is the reason why I’m having success

@Interne53746736 @HackenProof W

@HackenProof No, I want the bug to be fixed and user data to be secured and I want you to say thank you for help. Money is an optional side perk, real dopamine hits come from knowing that you made a tiny bit of difference in the world and might have stopped apocalypse.

@rez0__ 11/stop crying for dups

10 (very) short tips for bug bounty:

@krishnsec 4971

Thank you everyone for following ❤️ I have 10k friends now , Will send 10 gifts🎁to first 10 randomly generated numbers just comment a number out of 1-10,000 👇 and 11th gift to last follower #Giveway