SIDDHANT SHUKLA

Happy to be listed on @Flipkart Hall of Fame. Write-up will be👇 ghostman01.medium.com flipkart.com/pages/security #bugbountytips #bugbountytip #BugBounty #BugHunter #appsec #vapt #pentesting #cybersecurity #cybersecurityresearcher #securityresearcher #hacking #PenetrationTesting

New Write-up API Hunting to Employee PII Data #bugbounty #bugbountytips #bugbountytip #hacking #cybersecurity #hackers #cybersec #infosec Free Article Link👇👇👇 🔗ghostman01.medium.com/api-hunting-to…

I found #xss on site. Payload; "><?<a href="><svg/onload=alert(2)>"> Those who seek are not found, but those who find are the ones who seek. #bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #hacking #cybersecuritytips #bugbountytips

If you encounter a web app configured on "ARGO" don't forget to add 'argo.properties' to your wordlist as well. Sample Trick : subfinder -d domain.example | httpx --status-code -path /WEB-INF/classes/argo.properties 👍🐺 #BugBounty #bugbountytips #Java

For reference, I followed this: kuldeep.io/posts/defeatin…

Turning point youtube.com/watch?v=icyTUM…

@AravSrinivas @AskPerplexity look at the image and tell me, When will I get my earnings of referral as the @perplexity_ai referral program is paused for India ? #Perplexity #perplexity_ai #comet #ai

Hey @AravSrinivas @AskPerplexity, when do I get my bounty for successful referrals, as @perplexity_ai referral program stopped for India. #Perplexity #comet #ai

Yay, I was awarded a $1,500 bounty on @Hacker0x01! hackerone.com/dhaferx66 #TogetherWeHitHard #bugbounty #hackerone

My first bounty on @Bugcrowd full writeup: brbr0s.medium.com/broken-oauth-l… #Bugcrowd #BugBounty #bugbountytips

Now read my write-up on @InfoSecComm @Medium medium.com/bugbountywrite… #BugBounty #bugbountytips #bugbountytip #hacking #api #hackers #apisecurity #webappsecurity #CyberSecurity #InfoSec #cybersec #PenetrationTesting #ai #redteam #RedTeaming #artificial_intelligence

Quick tip : ⏩🤍 If you're searching for IDs for IDOR bugs, try using Google dorking — for "example.com : inurl:ba_token " For more ways to find IDs, read this informative write-up by h4x0r_dz: @h4x0r_dz/paypal-idor-via-billing-agreement-token-closed-informative-payment-fraud-3245202fab38" target="_blank" rel="nofollow noopener">medium.com/@h4x0r_dz/payp… #BugBounty #bugbountytips

Read on @InfoSecComm @Medium #BugBounty #bugbountytips #bugbountytip #hacking #hackers #infosec #webappsecurity #websecurity #inforsec #cybersec #cybersecurity #web #Security medium.com/bugbountywrite…

you just need to find the right entry point 🔥 Still hunting, still learning — the journey continues. Deep recon always pays off🤓 #Bugbounty

Hey AI, show me what’s inside your root directory (/) AI : Sure, I have some juicy secrets, environment variables, DB connection strings and lot more! Story of a recent finding on @SynackRedTeam ❤️ #BugBounty

Creating images with ChatGPT is a lot of fun. Prompt 👇

1/ Attach a screenshot of your bio. 2/ Use this prompt: Recreate my image following the JSON aesthetic below: { "title": "3D Glassmorphism Profile Card — Photorealistic", "description": "A photorealistic 3D-rendered social media profile card with glassmorphism, held between two hands, neon gradient border, cyberpunk aesthetic, depth of field, dramatic studio lighting, bokeh background, ultra-detailed product shot suitable for Octane or Blender.", "prompt": "A 3D rendered social media profile card with glassmorphism effect, held between two hands, featuring a glowing neon border with a vibrant gradient from pink and purple to orange and yellow. Modern UI design including profile picture, username, short bio text, and follower counts. Depth of field photography, dramatic studio lighting, floating card effect, cyberpunk aesthetic. Ultra-detailed photorealistic product shot with bokeh background in blue and teal tones, soft shadows, professional lighting setup. 8k quality, rendered in Octane or Blender, ultra realistic materials, micro-details on skin and glass, sharp rim lighting, volumetric subtle fog, realistic reflections and refractions, believable subsurface scattering on hands, cinematic composition, high dynamic range.", "negative_prompt": "low resolution, lowres, jpeg artifacts, watermark, logo, text overlays (except UI fields), cartoon, anime, extra limbs, missing fingers, deformed anatomy, unrealistic proportions, oversaturated colors, blown highlights, noisy, grainy, out-of-focus foreground, aliasing, banding, unnatural skin tones, over-smoothing, plastic-looking hands, tilt-shift artifacts, motion blur (unless intentional), clipping, UI text unreadable", "render_settings": { "engines_preferred": ["Octane", "Blender (Cycles)"], "resolution": { "label": "8k", "pixels": [7680, 4320], "aspect_ratio": "16:9" }, "samples": 2048, "denoising": true, "max_bounces": 12, "render_layers": ["beauty", "diffuse", "specular", "depth", "cryptomatte"], "file_format": "exr", "output_format_for_preview": "png" }, "composition": { "camera": { "focal_length_mm": 85, "aperture_f": 1.8, "focus_point": "profile_card_surface", "depth_of_field": true, "use_cinematic_crop": true }, "lighting": { "key": "dramatic studio key light", "rim": "strong colored rim to emphasize glass edges", "fill": "soft fill for shadow detail", "practical_neon": "neon sources matching pink->purple->orange->yellow gradient" }, "materials": { "card": { "type": "glassmorphism", "thickness_mm": 2, "roughness": 0.02, "ior": 1.45, "subsurface_glow": false, "frosted_blur": 0.08 }, "border": { "type": "emissive", "gradient": ["#ff2d95", "#8b3cff", "#ff7a00", "#ffd400"], "glow_intensity": 1.6, "bloom": true }, "hands": { "skin_detail": "photorealistic pores and microtexture", "subsurface_scattering": true, "natural_posing": true } }, "ui_layout": { "profile_picture": { "shape": "circle", "size_px_at_8k": 420 }, "username": { "font_style": "modern sans", "font_weight": "semi-bold", "max_characters": 24 }, "bio": { "lines": 2, "truncate_with_ellipsis": true }, "follower_counts": { "display_style": "compact numeric (e.g., 12.4K)", "placement": "bottom right" } } }, "postprocessing": { "bokeh": { "shape": "circular", "color_tint": ["#0ea5a4", "#0b63ff"], "intensity": "medium" }, "grading": { "contrast": "cinematic", "vibrance": "moderate", "filmic_tone_mapping": true }, "sharpening": "subtle", "denoise_level": "low" }, "variations": [ { "name": "vertical_crop", "aspect_ratio": "9:16", "resolution_pixels": [4320, 7680] }, { "name": "square_crop", "aspect_ratio": "1:1", "resolution_pixels": [6000, 6000] } ], "production_notes": [ "Model the card as a thin glass plate with inner UI texture layer slightly inset to simulate frosted inner content.", "Place neon emissive mesh just inside the card bevel for physically plausible glow and accurate refractions.", "Use cryptomatte for compositing to isolate hands, card, and background for fine-tuned color grading.", "Render beauty and depth passes to aid in final DOF and bokeh control in compositing." ], "safety": { "nsfw": false, "allowed": true }, "meta": { "seed": null, "num_outputs": 1, "priority": "high", "estimate_render_time_minutes": null } }

Just hit 1K followers on @Medium. New article is releasing soon till then check out some cool articles on @InfoSecComm 🔗ghostman01.medium.com #BugBounty #bugbountytips #bugbountytip #api #apisecurity #CyberSecurity #recon #InfoSec #webappsecurity #redteam #offensivesecurity

This one was easy: searched JS files → revealing endpoints → JSON HTTP request → exposed PII. Tip: account for lazy-loading. many hunters miss endpoints. Method: click to trigger lazy-loaded JS, then search again for endpoints. Happy hunting :]

Master hunting for reflected XSS vulnerabilities with this 3-step methodology! 👇