Preetham Bomma

Playful, my first box. I'm glad that you liked it @Surfinerd @ServmorUk

a new write-up on how to pentest NextJs framework apps Enjoy #security_tips_with_daoud deepstrike.io/blog/nextjs-se…

@zseano Very sorry for your loss. Lost my dad in Feb this year and it's horrible.

Unexpectedly lost my dad early hours this morning… completely out of the blue. He was fit & healthy and now he’s gone 😭 lost for words on how I feel. RIP Dad ❤️❤️ love & miss you forever

@sunilyedla2 Yes

@CristiVlad25 I add some request headers like Notes: IDOR-Fail

How do you effectively use Burp Suite's Repeater for manual testing? Me: When I test for BAC, I remove headers one by one until I isolate the ones responsible for session management, and then I use what's left for extensive BAC testing. You? #pentesting #appsec #cybersecurity

@imranparray101 Nice one!

When targeting small-sized apps, the application logic should itself be treated as one of the primary attack surfaces. Here's how we exploited a normal workflow of an application and proved it can be used as a backdoor in their application. #BugBounty snapsec.co/blog/Abusing-B…

@kenjoe41 @Burp_Suite You can add a header like `Note: Tested for IDOR, failed` in the Request. I read this somewhere and I use this sometimes.

So is it me making a feature request of does @Burp_Suite somehow allow to add notes to Repeater windows.

@OmarHashem666 Excellent. Thank you for sharing.

Hello everyone, as promised, this is a detailed write-up on how I was able to get an account takeover in HubSpot Public Bug Bounty Program omar0x01.medium.com/4e2047914ab5 #BugBounty #bugbountytips #Pentesting #cybersecurite #infosec ATO

@grumpzsux Happy birthday! It's just 12 SQLis for 36k :p😛

@Virdoex_hunter @TheOfficialSBI @SBI_FOUNDATION I never trust SBI. Had a lof of bad experiences with it.

@0x__4m @TheBugBot @c0nqr0r nice one! thanks for sharing

Me & @c0nqr0r Just scored Critical Error Based SQL-Injection with manual WAF bypass at main domain of old Bug Bounty Program at HackerOne Writeup link : c0nqr0r.medium.com/error-based-sq… #bugbounty #bugbountytips #security #hackerone #sqlinjection #bugbountytip

@Tink2hack @SynackRedTeam @synack Way to go! Congratulations

The dream begins and I would like to thank @SynackRedTeam @synack who gave me a chance to learn and grow. I got my first premium segment vehicle and presented to my parents on their anniversary which is today.

@SMHTahsin33 Nice one!

Not every web application stores session in the cookies, this a story of one of that kind of XSS! smhtahsin33.medium.com/stored-xss-to-…

@anshuman_bh Awesome article

I've had an itch to write for a while now & I finally did it after 6 years. I also changed the entire look of it and learnt React along the way. First post is about building ProdSec programs. Feel free to read & rip it apart! - anshumanbhartiya.com/posts/building… #appsec #prodsec #security

@kuldeepdotexe @SynackRedTeam Congratulations!!

Got featured in the @SynackRedTeam's monthly newsletter as SRT of the month 🙌🏻

@ManasH4rsh @ADITYASHENDE17 mass recruiters....

@ADITYASHENDE17 3.2 LPA zindabad

I never sat for campus placements in india 🥸

@tabaahi_ Excellent journey. I always believed bug hunting is truly life-changing, and you proved it once again. Good luck brother.

I watched nahamsec talk, here is my story. How #bugbounty hunting changed my life. I was born in a poor family. Born on 11 sep 2000 in a small village where nobody knows how to use the computer. Even in today 2022 they don't know how to use the computer. 1/n

@johnjhacking this is still my fav

@Yassineaboukir @thaivd98 Nice one! Thanks for sharing

Blogged about an SSRF vulnerability on a BBP that @thaivd98 and I recently exploited against EC2 IMDSv2 to exfiltrate AWS security credentials. You'll read how this new metadata endpoint works and takeaway on how to exploit CVE-2019-8451 against it. yassineaboukir.com/blog/exploitat…

3rd edition of #IWWeekly has got some interesting articles by some of our amazing writers and bug bounty hunters like @cyber01_ , @proviesec, @h_martos to name a few. To get the #newlsletter every week, Subscribe here weekly.infosecwriteups.com #hacking #bugbounty #cybersecurity

@sudhanshur705 @Aditya_a24 Done

My friend's mother (@Aditya_a24 ) Is Suffering From Kidney Disease. We Need Your Help To Provide For Her Treatment. Please help by donating any amount you possibly can. ketto.org/s?id=rm-614533