hackermater

It's hard to believe, but after a long time I got my FIRST BOUNTY... and yeah: it was a P1 Critical $3.000 !!!! #bugbountytips don't try to automate everything, use Burp Suite and dedicate at least 1-2 weeks to understand the whole application and do manual hacking ;) #bugbounty

@md_kasif_uddin Neovim

Be honest, Which one was your first code editor?

🔥Finally got a $250 bounty on Bugcrowd!! 👉 Initially Triaged as P3 -> Customer downgraded to P4 -> $250 bounty 💸💸💰💰💰 #bugbounty #bugbountytips #bugcrowd

@cyber__razz supply chain attack...

I’m a cybersecurity expert, Scare me with one word

So, do you want to do Bug Bounty in Mobile Apps? 💰📱 🤔 Frida maybe a headache with actual modern RASP protections, so I published my personal method to Bypass SSL Pinning on Play Store Android Emulators WITHOUT Frida!👇 #bugbountytips #bugbounty #hacking mfumis.com/posts/bypassin…

😂😂😅

Yes! P3 Triaged on Bugcrowd! 💯🤞. Another bug in mobile scope, I'm still waiting for the customer response in this new week! 💪🍀. 🧠 Tip: Always try bypass client-side restrictions/blocks via backend API through Caido/Burp proxy interceptions. #bugbounty #bugbountytips #hacking

@Magn4_ the goat 🐐⚡⚡

Here is my intended solution for this small challenge. Please let me know if you have any other ones. I have used 2 screenshot, the first one explains what each part of the code does, and the second one shows the solution, and how it goes through the code. I would like to mention that the application that had this CSPT had a pretty strong WAF that blocked all of my path traversal payloads, so to bypass it i had to put it in the hash instead of using the query param as it doesn't reach the WAF and its still read by window.location.href Also, big thanks goes to @garethheyes for the nice code snippets tool (hackvertor.co.uk/snippet)

@intigriti the Global Search, Match & Replace (IN SCOPE) and filter using Bambdas, (also Race Conditions in Repeater ⚡👌)

what are some cool tricks/plugins within BurpSuite that have helped you find more vulnerabilities? 😎

friendly reminder 🙃

Delete highlight cover IDOR bug in Instagram $3000 Bug Bounty PoC Write-up: adragos.ro/idor-bug-insta…

I've been using Caido since (sadly) my Burp Pro license expired a week ago😂... and WOW! " I l o v e Caido ❤️. " Never have used it before and it's a really game changer 🔥. #bugbounty #bugbountytips @CaidoIO #appsec

@CyberRacheal if the OTP is never stored in the server, then just intercept the response and check it and also the client-side: is a mobile app? then debug with Frida and check logcat. is a web app? use devtools.

Interviewer: An OTP is valid for 60 seconds, but the server never stores it. How does it verify a code it doesn’t even 'know'?🤔

#AndroidSecurity #Pentesting #AppSec #MobileSecurity #BugBountyTips #CyberSecurity

👉 Escalating WebView Vulnerabilities: From Deep Link XSS to Local File Inclusion (LFI)📱 mfumis.com/posts/exploiti…

@F4tM4n2k @PortSwigger @intigriti hey bro, chat with support (they often reply in seconds), with the Intercom floating chat 🙌.

@PortSwigger @intigriti I couldn't find detailed instructions on how to achieve this in the article.

Exciting news: we have teamed up with @intigriti Bug hunters can now earn a FREE 6-month Burp Suite Professional license by hitting 400 reputation points on Intigriti. More power. Deeper testing. Bigger impact. Happy hunting 🐝 #BugBounty #Intigriti #BurpSuite

Is this for real? Yeah it is!! 😎💥 👀 DumpDork has a new version, v1.2.0 and this is huge!! This release now supports GitHub Code Search using Dorks. Hack using dumpdork from your TERMINAL without CAPTCHA limits right now! ⭐ GitHub repo: github.com/mateofumis/dum…

@CyberRacheal That is the case when you're inside an internal network, not the common LAN network, and this could be part of the configuration of the Router or in the worst scenario, you are under almost total network control by someone else!!😅😂..

😂 If you understand this, explain it

I just learned how to perform an XSS via Host Header Injection and via Cache Poisoning (at the same time).. And.. This is a lot... !

@intigriti honestly, I just used "CloudHunter" ;) It was an easy discovery 🔥 github.com/belane/CloudHu…

@hackermater11 how did you manage to find the bucket in the first place? 👀

What was your first valid vulnerability? 😎