YesWeHack ⠵

One of the perks of being a bug hunter is getting to collaborate with a wide range of security teams – something @Krevetk0Valeriy knows well 🤜🤛 Curious about krevetk0’s hacking journey? Don’t miss our latest interview 👇

New Dojo #CTF Challenge: Deadbolt is now live! 🚩 Can you generate a license key and get a RCE on the application? Jump in and capture the flag 👉 dojo-yeswehack.com/challenge-of-t… #BugBounty

@7heCzar Hello, We invite you to contact support@yeswehack.com who are in communication with the relevant teams. If you've already contacted them, they'll treat your ticket in due course. Thank you for your understanding, The YesWeHack team

question : if you find a vulnerability bypass of a marked resolved report , would it get duped or accepted ,knowing the initial vulnerability was reported by someone else ? #bugbounty #yeswehack @yeswehack

We recently hit over 1,000 stars on our Vulnerable Code Snippet repo 🌟 If you're a beginner looking to build hands-on experience and understand real-world vulnerabilities, this is a great place to start. Explore the full repo 👉 github.com/yeswehack/vuln…

@CyberFrozenk That's great! Congratulations 👏

Just got a reward for a high vulnerability submitted on @yeswehack -- Improper Access Control - Generic (CWE-284). yeswehack.com/hunters/frozenk #YesWeRHackers

The solution to our latest Dojo challenge, Bucket Vault, is out! See how a tiny asymmetry between sanitization and validation leads to a path traversal bypass on AWS S3-style presigned URLs 👀 Full write-up here 👇 yeswehack.com/dojo/dojo-chal…

@Tur24Tur @NoobosaurusR3x @3th1c_yuk1 Kudos for solving it! The three winners are chosen by random draw from everyone who completes our monthly Dojo challenges.

@yeswehack @NoobosaurusR3x @3th1c_yuk1 x.com/i/status/20375… The first solver ^

The Bucket Vault has been emptied! 🪣 Huge props to @NoobosaurusR3x, @3th1c_yuk1, and killerluxx for slipping past that pre-signed URL. Your @YesWeHack swag is heading your way 🎁 Missed this one? A fresh challenge drops soon 👉 dojo-yeswehack.com/challenge-of-t… #BugBounty #CTF

Last week’s episode of @ctbbpodcast is packed with @yeswehack content 😎 → A guide to OS Command Injection → A write-up on a critical auth bypass in the WordPress Azure AD SSO plugin → An interview with Aituglo @Rhynorater also drops hacking tips covering clickjacking tricks, uppercase bypass techniques, and why even leaking ages can be valuable. 👉 youtube.com/watch?v=l5fs7O…

@RadoGold57 That's great! Congratulations 👏

Just got a rewards for a series of high vulnerabilities submitted on @yeswehack -- Improper Access Control - Generic (CWE-284). #YesWeRHackers

@0xujasis Hello, We invite you to contact support@yeswehack.com. They should be able to assist you with this matter. Thank you for your understanding, The YesWeHack team

@yeswehack @BlackHatEvents Hello @YesWeHack, I accidentally removed my authenticator and can’t access my account anymore. Could you please help reset my 2FA if possible? I’d really appreciate your assistance. Thank you!

We're live at @BlackHatEvents Asia! Solve our hacking challenge to win exclusive swag: payload-plz.com → At least 4 challenges: 1 wheel spin → At least 8 challenges: 2 wheel spins → All 12 challenges: 3 wheel spins 💡 The challenge is fully accessible online, but rewards can only be redeemed at our booth. To participate, simply log in to your YesWeHack account to submit your payload.

Want to find your first OS command injection? We're here to help! 💪 From classic attacks to second-order exploitation, our guide has everything you need ✅ #BugBountyTips yeswehack.com/learn-bug-boun…

Want to use AI in Bug Bounty reports and make your report stand out among triagers? Use AI for clarity and grammar - not to replace you as a writer or add unnecessary storytelling. Strong reports come from real understanding, not copy-paste 👇 yeswehack.com/learn-bug-boun…

Found an SSTI but stuck on how to turn it into RCE? In this research, we cover how various template engines can be exploited to gain RCE and improve your Bug Bounty hunting! 👇 #BugBounty #BugBountyTips yeswehack.com/learn-bug-boun…

Want to scan ports fast? ⚡ RustScan, developed by @bee_sec_san, makes lightning-fast port scanning simple. It can scan all ports in as little as 3 seconds at top speed 🙀 Ready to see which ports your target really has open? 👉 github.com/bee-san/RustSc… #BugBountyTips

@f_r_e_d_d_y_1 Our pleasure! Please post a picture when you receive it 😎

Thank you .@YesWeHack for the motivation and the amazing gift pack

If you haven't seen it yet, the latest #TalkiePwnii is out and @pwnwithlove shows how to abuse wildcards for argument injection on a @zerodaygym Dojo challenge 👀 Check it out 👇 youtu.be/xsaa7dBn1jg

@Nadleerr That's great! Congratulations 👏

Just got a reward for a vulnerability submitted on @yeswehack -- Improper Access Control - Generic (CWE-284). #YesWeRHackers

@nazmul30801 That's great! Congratulations 👏

I just pwned the "Dojo #50 - Bucket Vault" challenge on @YesWeHack! Who’s next to join the fun? 🚀 dojo-yeswehack.com/challenge/play… #YesWeHack #ChallengeAccepted