karkisec

@roohaa_n thanks mate

@kaks3c @Bugcrowd Welcome back bro🙌

Just bypassed akamai for xss and also showed full ATO Reported to public program on @bugcrowd XSS ato sounds impossible on prod apps, but it is not. #bugbounty

@SuyashS91823422 login and access sensitive info

@kaks3c have you verfied it by login with that credintails or just reported ?

github finding #bugbounty

@srsoumyax11 misconfigured opencart api endpoint

@kaks3c What ? Can you explain it please 🤔

s3 full access #bugbounty

@HuynhcHi9 Yes, but in my case i showed pii access from azure blob since it was preprod environment

@kaks3c that's impressive!!! Is the DB password leak?

phpinfo exposed 🤣 #bugbounty

@Monir_Ish i forgot

@kaks3c What was the keyword

idor #bugbounty

app backup access and csrf sxss #bugbounty

😂#bugbounty

@Edx103 next week

"Bugcrowd shows my $100 payment as upcoming, but the date keeps changing (8th → 9th → 10th). Does anyone know exactly when the money will reach my account?" #BugBounty

@GokTest very common issue

This was public exposure of a sensitive file. July 10 - Marked as N/A Fought a lot with the triager Sep 3 - Rewarded. triagers are too lazy to read a report.Expect a writeup. #bugbounty #bugbountytips #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

@roohaa_n :)

@kaks3c Longtime no see🫣

test

@radcipher @Bugcrowd thankyou

@kaks3c @Bugcrowd Congratulations 🙏🏻

I got my first bounty!! many thanks, @Bugcrowd bugcrowd.com/kaks3c

@Elam59443 @Bugcrowd thanks @Elam59443

@kaks3c @Bugcrowd Congrats

@ay0ub_n0uri @Bugcrowd thanks @ay0ub_n0uri

@kaks3c @Bugcrowd Congratulations 🎉. By the way there was a WAF in place?

@ashkulyo @Bugcrowd thankyou @ashkulyo💕

@kaks3c @Bugcrowd Kudos to you❤️