Recently I have found an RCE via file upload thorough path traversal in tomcat server. Found that tomcat automatically deploys war when uploaded in webapps folder. blog.defmax.io/rce-via-war-up…

English

184

490

Shield India@india_shield·5 Mar

#infosec #bugbounty

Ninad Mathpati 🇮🇳@Ninad_Mathpati

Want to kick start in a bug bounty? Added some notes here that worth reading. info.ninadmathpati.com/bug-bounty/how… Hope this helps 😁 @chaskar_shubham @sonumohapatra92 #bugbountytips #cybersecurity #codereview #infosec #sast #bugbounty

QHT

Shield India@india_shield·5 Mar

#sourcecodereview

Ninad Mathpati 🇮🇳@Ninad_Mathpati

Added some resources on code review here info.ninadmathpati.com/resources/sour… Thanks to @sonumohapatra92 @chaskar_shubham for working on this #bugbountytips #cybersecurity #codereview #infosec #sast #bugbounty

QHT

Shield India retweetledi

Kathan Patel@KathanP19·8 Şub

Try It Yourself leaked DB search. github.com/davidtavarez/p…

English

136

355

Shield India retweetledi

Emad Shanab - أبو عبد الله@Alra3ees·2 Şub

Mobile App Pentesting collection:- CC @0Init github.com/kyawthiha7/Mob… github.com/tsug0d/Android… github.com/997509/pentest… github.com/OWASP/owasp-ms… github.com/SnollyG0st3r/a… github.com/SnollyG0st3r/a… github.com/jdonsec/AllThi…

Français

137

252

Shield India@india_shield·11 Oca

Do check out the API Pentesting course, its really worth it 🔥🔥😄😄

Vikash Chaudhary@OffensiveHunter

Gear up for the most awaited course API Penetration Testing live on HackersEra app. Begin the new year by adding a new skill set. If you are already subscribed Hunter 2.0 course you will get an awesome offer, for discount email - info @hackersera.com Download HackersEra APP

English

Shield India@india_shield·7 Oca

Hard work always pays off! Many Congratulations to our very own @Ninad_Mathpati for joining in the @cobalt_io core. Best Wishes :)

Ninad Mathpati 🇮🇳@Ninad_Mathpati

Whats could be a better start for 2k21, joined @cobalt_io core. #infosec #cybersecurity

English

Shield India@india_shield·28 Ara

@tirtha_mandal @d3tonator @_smile_hacker_ @shreyasrx @u1tran00b @snake_hackers @fatrat_v2 😄😄

Ninad Mathpati 🇮🇳@Ninad_Mathpati

Grateful to build my confidence that whatever might be the situation tomorrow I know I will be able to survive that. Thanks to @infosecsanyam @9thplayer @tirtha_mandal @india_shield team and many more.

QME

Shield India retweetledi

shubs@infosec_au·21 Kas

I've just added an API routes wordlist containing 953011 possible API paths from the HTTPArchive dataset. Download it at wordlists.assetnote.io - all paths which start with "/api/", "/v1/", "/v2", or "/rest/". Good luck hacking! Thanks for requesting this, hope it helps.

English

283

Shield India@india_shield·12 Kas

#bugbounty #bugbountytips #appsec #infosec #pentest

Ninad Mathpati 🇮🇳@Ninad_Mathpati

Instead of writing continous blogs, thought of writing down my points and merging all the pentesting tips by awesome community here, still in progress not completed, will be updating it regularly. Hope you like it. Maintainers me and @chaskar_shubham Info.ninadmathpati.com

QHT

Shield India@india_shield·19 Eki

One of our team member's birthday today @tirtha_mandal help us celebrating his bday.😁😁😁 @d3tonator @Ninad_Mathpati @u1tran00b @shreyasrx @_smile_hacker_ @gauravnarwani97 @snake_hackers

GIF

English

Shield India retweetledi

RogueSMG@RogueSMG·7 Eki

[Shortcut to #BugBounty] [Become #Haxor fast] Watch: 1. @stokfredrik & @hakluke to get motivated and START 2. @theXSSrat & @impratikdabhi to learn what stuff is 3. @farah_hawa01 to go a bit deep into those 4. @InsiderPhD to deep dive even more! - Now that you know stuff:

English

105

362

Shield India retweetledi

Michael Skelton@codingo_·25 Eyl

Learn how I've streamlined my bug bounty reporting in this video, using a recent release from my toolkit, BBR. Video: youtube.com/watch?v=uUMtzN… Tool: github.com/codingo/bbr #bugbountytips

YouTube

English

252

Shield India@india_shield·21 Eyl

@d3tonator @SynackRedTeam

GIF

QME

Shahrukh Rafeeq 🇮🇳@d3tonator·21 Eyl

Leveled up to 0x02! via @SynackRedTeam

English

Shield India retweetledi

Harsh Jaiswal@rootxharsh·13 Eyl

Sat down with @iamnoooob and worked on the recent Mobileiron MDM RCE by @orange_8361 and what a great find, Here's an RCE PoC using JNDI Injection via local classloading reference triggered using Hessian deserialization as stated in the blog. github.com/iamnoooob/CVE-…

English

274

799

Shield India retweetledi

Hack3rScr0lls@hackerscrolls·6 Eyl

Incredible mindmap about hacking iOS applications by @hd_421 Pay attention, we have prepared two versions: 1. Full Security Assessments 2. Shorter BugBounty version XMind source: github.com/hackerscrolls/… #CyberSecurity #BugBountyTip #BugBounty #iOS

English

323

696

Shield India retweetledi

JS0N Haddix@Jhaddix·19 Ağu

Simple but impactful tip for content discovery. Always use the subdomain as a path. Often it is the root of the application #bugbountytips #bugbountytip : kvothe.target.com try: kvothe.target.com/kvothe/ and then do content discovery kvothe.target.com/kvothe/FUZZHERE

GIF

English

148

483

Shield India@india_shield·11 Tem

Team Shield India will be speaking today at Fergusson College about Bug Bounty in Cyber Security. #bugbounty #infosec #Cybersecurity @u1tran00b @shreyasrx @fatrat_v2 @_smile_hacker_

English

Keşfet

@shreyasrx @OffensiveHunter @tirtha_mandal @d3tonator @fatrat_v2 @u1tran00b @0Init @Ninad_Mathpati