Khan Janny

@zulkarnaimx YouTube

I don't understand why people don't just lock in on YouTube My faceless YouTube channels make me $120,000+/mo (long form only) There is 𝗻𝗼 𝗹𝘂𝗰𝗸 involved. Let me send you a free course on exactly how to do it. Just Retweet and Comment "YouTube" (must follow)

@Bugcrowd CISO

Comment “CISO” to get your own copy 💫 If you haven’t checked out our Inside the Mind of a CISO 2025 report yet, go read it. You’ll thank us later: bugcrowd.com/resources/repo…

This week, Disclosed. #BugBounty DEF CON 33 Badge Pre-Orders, Bug Bounty Village Agenda, HackAICon Announcement, NullCon Scholarships, Caido Acquires Shift, and more Highlights below 👇 Full issue → getdisclosed.com @BugBountyDEFCON opened pre-orders for a limited edition Bug Bounty Village badge in a green variant. Pre-order online and pick up in person at the con. @CaidoIO acquired the Shift plugin, now free for users with payload crafting and HTTPQL support. @BugBountyDEFCON released the full agenda for Bug Bounty Village at DEF CON 33. @0xacb announced HackAICon 2025 (Sept 25, Lisbon), featuring AI, hacking challenges, talks, and networking. @nullcon is offering Bug Bounty Hunter Scholarships for their Berlin event (Sep 4–5). Apply by July 28. @hackenproof announced a new bug bounty program for No Ones App with rewards up to $5k per bug. @xss0r shared 6 new @Microsoft domains now eligible for the Identity Bug Bounty program. @yeswehack posted highlights from the live hacking event at leHACK 2025 in a recap video. @Hacker0x01 updates their in-platform color scheme to align better with their updated marketing site. PwnFox (via @BApp_Store) adds multi-session, color-coded testing in Burp Suite. @garethheyes announces Custom Actions to automate request rewriting and payload generation in Burp Suite. @fneves97 updated JXScout Pro for improved JavaScript asset navigation in VSCode. @adce626 launched the Bug Bounty Recon Toolkit, which generates commands for 50+ tools based on target. @KN0X55 introduced XSS Gym to train on real XSS payloads and scenarios. @alicanact60 published a Chrome extension that restores the classic HackerOne UI. From .git disclosure to RCE. The author details a full bug bounty chain from initial .git leak to remote code execution, with techniques and tools. Leaking PII in Microsoft Guest Check-In. The author (Faav) shows how exposed PII and Burp Suite let them break into Microsoft buildings. HackerOne report by @MrMax4o4 documents how a banned user retained API access to a deleted account, exposing weak access controls. @deadoverflow_ explains a race condition in Reddit’s coin API inflating coins via parallel requests. @medusa_0xf highlights business logic vulnerabilities that led to real payouts. @NahamSec shows JWT mistakes that enabled account takeover and big bounties. @amrelsagaei interviews @NahamSec on mindset, overcoming plateaus, and building a personal brand. BePractical demonstrates exploiting zip slip on file uploads to overwrite paths. @Magn4_ shares the story of earning his first bounty with a $100 open redirect. @ctbbpodcast Ep.131 features live SSRF and IDOR hacks, leaked secrets, Google’s defense strategy, and community insights. @cyb3r_dan shares an SQLi detection guide covering manual and automated techniques with practice labs. @Bugcrowd explains how to find bugs on hardened targets by chaining smaller flaws. @coffinxp7 publishes an advanced bug bounty recon checklist. @intigriti introduces GitHub dorking with search patterns to uncover vulnerabilities. @clintgibler highlights Check Point’s discovery of malware using prompt injection. @40sp3l reminds hunters not to skip targets just because they have many reports — good bugs still remain. @0xacb points out that Chrome’s upcoming features could open up new bypass techniques. @njcve_ shares success at SteelCon where an authentication bypass bug was found. @intigriti explains 3 exploitable and highly rewarded vulnerabilities in detail. @Bugcrowd offers 5 actionable tips for beginners breaking into cybersecurity. Full links, tools, write-ups & more → getdisclosed.com The bug bounty world, curated.

@tomcrawshaw01 LEAK

F*ck it, I'm leaking my ENTIRE AI automation vault... You get access to everything that generated over $8M for my clients: - 15 n8n workflows (one generated $600K in 90 days) - $7.1M marketing playbook collection - 8 MCP servers that turn Claude into a marketing beast - AI prompts that eliminate expensive teams - Viral content templates (analyzed 100M+ views) - 6600-word n8n mastery guide Basically everything you need to automate your business and replace expensive software. Comment "LEAK" and I'll DM over the notion doc (must be following) This is absolutely insane to give for FREE, that's why I'm nuking it in 24hrs.

Defensive Cyber Security (DCS101) Details: academy.penough.com/dcs101 📅 Application Deadline: 28 June 2024 📌 Course Fee: 9,999 BDT 💬 Apply Now: Reach us on Facebook or email at academy@penough.com #penough #penoughcyber

@0x0asif @Hacker0x01 Congratulations 🤘👌

Yay, I was awarded a $1,250 bounty on @Hacker0x01! hackerone.com/0x0_asif #TogetherWeHitHarder Bug : R-XSS

@trfjz No, this specific one was for reflected xss. There is some limitations but better than mass Fuzzing.

Context Over Fuzzing 🤘#xss

🚀 New plugin in the Caido Store! Introducing "JXScout" by @fneves97. Supercharge your JavaScript analysis by ingesting requests from Caido into JXScout. JXScout: github.com/francisconeves… Plugin: github.com/francisconeves…

Excited to present at UAP Cyber Siege 2025 (University of Asia Pacific) on "Exploiting Context Over Mass Fuzzing, Contextual XSS Advantage." Anticipating a great discussion.

Do you remember when you joined X? I do! #MyXAnniversary

@addydaddymc @Bugcrowd No.

@reboot_ex @Bugcrowd Isn't there any encoding or filter present

Just scored a 500$ bounty for finding #XSS 😎 @Bugcrowd 🤘

🎯 Challenge Completed! 🎯 I just solved the "Challenge of the Day" on the Infinity Platform by @cyberwarfarelab It was an amazing opportunity to test and sharpen my skills in the Red Team labs. Looking forward to more challenges.

First bugbounty community "🚀 We're giving away VIP memberships to 5 lucky people! 🎉 To enter, simply share this tweet and join the fun. Don’t miss out! 🌟 🔗 forums.cybershieldctf.com #Giveaway #VIP #MackeAcademy #bugbountytips #bugbounty

@fattselimi @pwntheplanet @fattselimi update the link..

If you are interested in Bug Bounty Hunting soon me and @pwntheplanet will make a Bug Bounty Bootcamp and we are preparing it. So what you should do is just join our channel: discord.gg/8xe8acqy #bugbounty #ethicalhacking #cybersec

@dorkipty @intigriti @araselmir

We’re thrilled to announce our partnership with @intigriti! To celebrate, we're giving away a Pro Tier license to 10 lucky winners. 🎉 Here’s how you can enter the competition: 1⃣ Follow @dorkipty and @intigriti 2⃣ Comment your hacking buddy 🤓 Get ready to #HackWithIntigriti and boost your bug bounty skills with this amazing opportunity! Don’t miss out! Happy Hacking! 🕵️‍♂️💻 #bugbounty #cybersecurity #dorkipty #intigriti

Discover how SIEM is the backbone of an effective Security Operations Center (SOC)! Read our latest blog: "The Essential Role of SIEM in the Security Operations Center (SOC)" on Medium now! Read now: @penoughcyber/the-essential-role-of-siem-in-the-security-operation-center-soc-part-0x03-4d9d189b4bab" target="_blank" rel="nofollow noopener">medium.com/@penoughcyber/… #SOC #SIEM #PenoughCyber #Penough #DigitalDefense

Just got a reward for a vulnerability submitted on @yeswehack -- Cross-site Scripting (XSS) - Reflected (CWE-79). #YesWeRHackers Collab with @reboot_ex vai 🔥

Just got a reward for a vulnerability submitted on @yeswehack -- Cross-site Scripting (XSS) - Reflected (CWE-79). #YesWeRHackers Collab with @reboot_ex vai 🔥