Nihad
1.1K posts
i found chain halting bug on a network carrying $120M in stablecoins and $1.85B in market value. anyway, good morning! @HackenProof #HackenProof
English
I never betrayed anyone,
Somehow, I always end up with son of bitches
English
First bounty of the year: $5,000 USDC 💰
Hard work, testing, and patience paid off.
Bug Type : privilege escalation
#BugBounty #WebSecurity
English
@ironCardSec It take less 1h but learing from docs access control role
English
@nihad_rekany Nice one Nihad! how long did you spend on recon for this
English
@zeyad_ashraf_ انت عملت. Register بالاكونت مره كا attacker من الويبسات والتانيه استخدمت نفس ال account من خلال OAuth ?
العربية
December Duplicates .....
But First 2 findings were on mobile (Android & iOS).
Write up : zuksh.medium.com/how-i-discover…
#BugBounty #Bugcrowd #PBB #HallOfFame
#OAuth #AccountTakeover
#MobileSecurity #CyberSecurity #InfoSec
English
Alhamdullah 😍 I got $1,500 USD
Bug : privilege escalation
#BugBounty
English
Finally, after 2 months they accepted it
Just scored a reward @intigriti, check my profile: app.intigriti.com/profile/fatman #HackWithIntigriti
English
Bug Type: Authentication bypass lead to Admin Panel Access
Severity: Critical (10.0) 🎉🎉🎉🎉
Reward: $5,000 (4,43,000 INR)
How I find it? -- Checked for IPs on Shodan for example[.]com lead to access to admin panel
#hacking #security #bugbountytips #cyber #bughunting #infosec
English
I just published How I found SSTI into an AI model due to unsafe argument
#bugbounty #bugbountytips #bugbountytip
medium.com/p/how-i-found-…
English
English
@h0rus3c @Hacker0x01 Why did they pay if it's still in pending program review?
English
Got rewarded $2,600 for a Critical vulnerability on @Hacker0x01 🔮
#BugBounty #HackerOne #CyberSecurity
English
I found another sql blind using Payload : '%2b(select*from(select(sleep(20)))a)%2b'
x.com/JoaoGomes12243…
João Gomes (zig_shark)@JoaoGomes12243
During an analysis, I found a flaw that allowed me to view personal information from all users.
English
Just got a $10K bounty from Apple for a security bug I reported. Super thankful to the review team for recognizing the impact. Always feels good when the effort pays off. #BugBounty #AppleSecurity #ios #bugbountytips #Apple
English
In August, I didn't submit any vulnerabilities, but this month I will! #TogetherWeHitHarder hackerone.com/last-month
English
@nihad_rekany @Hacker0x01 @zhenwarx Sorry 1k$ is too much 😅,
We have 500$ for you, if you accept it.
send me your address 😂😂
Thanks mate ❤️.
English
Yay, I was awarded a $3000 bounty on @Hacker0x01! hackerone.com/mosec9 #togetherwehitharder
Collaborated with @zhenwarx 💯
English
@Ehsan1579 Good,You’re full bug bounty hunter or also working in another job?
English
I just donated $2,000 to a charity, and in the next few months I’m planning to give another $10,000. For me, it’s not just about numbers or being “generous", it genuinely makes me happy knowing that my money can go toward something meaningful.
I still remember being 14 years old, with barely $300 in my account, and yet I donated $200 to help kids in Africa get clean water. At the time, it felt huge, like a leap of faith. And now, years later, having reached a place of some success, I feel that same sense of peace when I give.
Corruption, suffering, cruelty, it’s easy to get lost in the heaviness of it all. But moments like this remind me that there’s still light. That there are people who are quietly, relentlessly kind. That helping others, even in small ways, can give you a kind of peace that no amount of success, status, or material comfort ever could.
This time, I didn’t go for a big, popular charity. I chose one in Slovakia that works to protect newborns from Sudden Infant Death Syndrome by providing hospitals with breathing monitors. It saves lives and that’s what matters to me.
English
In July, I submitted 5 vulnerabilities to 5 programs on @Hacker0x01. #TogetherWeHitHarder hackerone.com/last-month
English