Davar

@rootxpauras17 Thank you. Business Logic.

@dvrahmr Congo man! Which bug?

The program had two separate double-bounty promotions. It turned out that this bug was eligible for both of them. So they quadrupled my bounty!

@vivekramac Check out @inspectiv

Any recommendations for a good Bug Bounty management website? I feel Hackerone, Bugcrowd, etc., have a very high setup fee which does make sense for startups. Are there any vendors who have a more pay-when-bug-found pricing? or a very small setup fee (< USD 1K)?

SQLMap could not detect this injection while I knew the endpoint was vulnerable. I had heard about Ghauri. I decided to give it a shot; It worked like a charm. #BugBounty #bugbountytips #sqli

@bug_vs_me @Hacker0x01 Congrats!

Yay, I was awarded a $2,000 bounty on @Hacker0x01! hackerone.com/bug_vs_me #TogetherWeHitHarder First critical submission on @Hacker0x01 Bug/vulnerability :- secret key exposed in Code ! #bugbounty #Hacking

@zseano Hands down.

burp 1.7 was the best version

@bug_vs_me Congrats!

Thanks to bug bounty community! 2022 was good, but 2023 would be better New year New opportunities Just live it! Happy new year to all 🎇 #HappyNewYear2023 #BugBounty

@wiseconnector It is duplicate.

@DangerEnd3 I am not sure about their disclosure policy, so I prefer to be cautious here. I'm looking forward to get their permission to publish a write-up about it.

@dvrahmr Bug?

@TsvetkovOffice No.

In November, I found 20 XSS vulnerabilities from a single application, all of which were accepted, and most of them led to the victim's account being taken over.

@basmatal3t Thanks! I do manually most of the time.

@dvrahmr Great work keep it up 🤍was wondering how did you find them

@_Aniket_Akhade_ For Reflected I start with filtering out requests that have reflective parameters with text/html content-type in response. There are tons of tools for that. For Stored I do everything manually as it relies on where you can get the injected payload executed.

@dvrahmr How you automate your testing flow? For rxss or for anything?

@one_Devanshu Hopefully soon

@Tamer__Mahmoud Thank you so much!

@dvrahmr Amazing work! Keep it up

@bug_vs_me Thanks brother. The fetch() function in javascript can sometimes do the job. You can call it in your payload to issue an authenticated request on behalf of the victim.

@dvrahmr Wow great 🙈, any tip for XSS to account takeover when cookies were http only?

@bug_vs_me @GodfatherOrwa @hamzadzworm @martenmickos @akincibor1 @krishnsec @Virdoex_hunter @Hacker0x01 @AkashHamal0x01 If you are able to steal user sessions when they are on mobile, then it can be more than Informative IMO.

Hackers what's your opinion on this? @GodfatherOrwa @hamzadzworm @martenmickos @akincibor1 @dvrahmr @krishnsec @Virdoex_hunter @Hacker0x01 @AkashHamal0x01

Today i found xss on a private program on @Hacker0x01 So xss only trigger on Mobile browser and not on windows browser because of some windows size issue if i resize windows to 120% xss execute But on Android browser (all) it execute without any user interaction,

@inspectiv Great job! USDT payment for the next feature would be awesome.

Payoneer is now available as a payment option to all researchers on @inspectiv. Go to "My Profile" to update your Payment Method. What feature do you want to see next? #bugbounty #SecureTheInternet #security

@Shelledlizard4 Yes.

I am working on this BBP and it turns out all the requests (hundreds) are vulnerable to CSRF. Here is how: -All requests have anti-csrf header but it does not get validated server-side, as you can remove the header and still get response from the server. 🧵1/2 #bugbountytips

-Change the content-type header value from "application/json" to "application/x-www-form-urlencoded". -Change the format of the body parameters from JSON to regular parameters: {"p1":"v1",} ==> p1=v1& -Create CSRF PoC using Burp Suite CSRF Generator. Done. #BugBounty