Avinash Kumar

Writeup Published:- @avinash_/hacking-the-hackers-saving-the-hackerone-from-data-breach-75e313fa4898" target="_blank" rel="nofollow noopener">medium.com/@avinash_/hack…

Great find, @itsAvinash_ !! 🙌 This tweet has reached 8.3K users and gained over 196 likes, making it one of the most liked disclosed report tweets on @h1Disclosed @Hacker0x01 @jobertabma #bugbounty #bugbountytips #cybersecurity

⚡ The /reports/:id.json endpoint discloses potentially sensitive user attributes when reporter summ... 👨🏻‍💻 @itsavinash_ ➟ HackerOne 🆘 Critical 💰 $25,000 🔗 hackerone.com/reports/3000510 #bugbounty #bugbountytips #cybersecurity #infosec

This was a great find and had a super interesting root cause: hackerone.com/reports/3000510

Yay, I was awarded a $25,000 bounty on @Hacker0x01! hackerone.com/avinash_ #TogetherWeHitHarder

Yay, I was awarded a $5,000 bounty on @Hacker0x01! hackerone.com/avinash_ #TogetherWeHitHarder

It's a good time to repost this: rez0.blog/hacking/cybers…

Stealing passwords from infosec Mastodon - without bypassing CSP portswigger.net/research/steal…

Instagram email confirmation bypass, Bounty:$3000 @avinash_/email-confirmation-bypass-at-instagram-cc968f9a126" target="_blank" rel="nofollow noopener">medium.com/@avinash_/emai… @fbsecurity @Meta

@PortSwigger Yes It has been resolved, Thanks for your quick assistance :)

@itsavinash_ Please see your account portal for your license key.

I created a guide to give direction to folks interested in hacking and to talk about mental issues that people often face. Skim through it and let me know how it can be improved. Thanks. github.com/s0md3v/be-a-ha…

Thread: over the years, I had countless infosec newcomers ask me how to build a successful career in the field. I don't have a recipe for success; but there are several things I learned over the years, and they're a bit different from the usual career advice you hear. (Thread)

Microsoft Account Takeover! 😊😇 Thank you very much @msftsecresponse for the bounty! 🙏🙏🙏 Write up - thezerohack.com/how-i-might-ha…

Finally, the Most awaited write-up is here , SSRF (Server Side Request Forgery) worth $4,913 | My Highest Bounty Ever! Kudos to @TechFenixSec Red team for helping me throughout the research Retweet if you like it.🙂 #bugbounty medium.com/techfenix/ssrf…

I wrote a post on @assetnote's blog about hacking in bug bounties for the last four years. This should give you a good idea on what I've been reporting and how I find bugs and incorporate them back into our platform. blog.assetnote.io/2020/09/15/hac…

Zero-day in Sign in with Apple - bounty $100k bhavukjain.com/blog/2020/05/3…

@achillean @sachincyb @shodanhq Thanks for clarification :)

@sachincyb @itsAvinash_ @shodanhq it's the same as the membership which currently has a limit of 200 searches via the website per day. Note that you can still browse images.shodan.io and use the API/ CLI

10 years ago @achillean launched the Shodan website! To celebrate a decade of discovery and growth we're going to offer the membership for $1 (marked down from $49) for the next 24 hours (0:00 UTC to 24:00 UTC): shodan.io/store/member

🎉🎉we are #announcing our long awaited project for the community projectdiscovery.io, it’s a cloud based platform for continuous recon and monitoring, please have a look on product video and blog and give a thought about it. @projectdiscovery/reconnaissance-the-way-it-should-be-edb44accc77" target="_blank" rel="nofollow noopener">medium.com/@projectdiscov… youtube.com/watch?v=xxV-wS…

@prakharprasad @NahamSec @PentesterLab Bug bounty industry gave me an amazing brother like you. Thanks 😊 @prakharprasad

Let’s do another giveaway! Collaboration plays a big role in learning and becoming a better hacker, especially when it comes down to bug bounties. Reply to this tweet and mention (@) a friend you want to learn with for a chance to win a @PentesterLab subscription each!