Hike

I’m Hike. Master’s student in Cybersecurity, obsessed with webapp pentesting and bug bounties.I’ve been a course-hunter: starting, stopping, repeating. This time I’m stripping back to fundamentals and focusing on steady progress. I’ll post wins, failures, tools, and notes.

@tryhackme I started around 2020 I guess it's been a long time @0xhike

7 MILLION & we're not done yet 🚀 Celebrate with us & WIN a EXCLUSIVE THM swag bundle! Drop in the comments when you started on TryHackMe, like & share this post to enter. ✅ BONUS: Tag a friend who should start on TryHackMe. Winners announced Friday 27 March. The next 7 million starts NOW. 💚 👾 Want to be part of the next 7 million? Start here today tryhackme.com/hacktivities?u…

@4osp3l @Hacker0x01 Thanks, let's keep on grinding

@hackrkid @Hacker0x01 Congratulations 🔥

Just had my first duplicate on @Hacker0x01 , it's a progress It just means I am a little late

@saur1n Need a writeup on how to approach a pdf generate application please

It ws a fun exploitation via pdf gen that lead to arbitrary file read

@intigriti @KulinduKodi Looks like the site is down

⏰ It's CHALLENGE O'CLOCK! 👉 Capture the flag before Monday the 23rd of March 👉 Win €400 in SWAG prizes 👉 We'll release a tip for every 100 likes on this tweet Thanks @KulinduKodi for the challenge 👇 challenge-0326.intigriti.io

@awais0x1 Nice checklist with detailed methods nice

I created a curated list of 2FA / MFA Bypass techniques from real-world HackerOne reports and Medium writeups. #bugbounty #infosec #cybersecurity #ethicalhacking #hackerone #securityresearch github.com/awais0x1/2fa-b…

🚨 SSRF in Next.js Apps – Interesting Research If you're testing modern web apps, this is a great read from Assetnote on how SSRF can appear in Next.js applications. Key attack surfaces they discuss: 🔹 /_next/image endpoint 🔹 Redirect-based bypass tricks 🔹 Server Actions behavior 🔹 Host header manipulation Modern frameworks = new bug hunting opportunities. 🕵️‍♂️ 🔗 assetnote.io/resources/rese… #BugBounty #AppSec #WebSecurity #NextJS #SSRF

@shakquraa It was a really nice read and I learnt some good techniques

@AatankBadb16659 @Rockpratapsingh @Bugcrowd I understand I will not anymore learned my lesson

@hackrkid @Rockpratapsingh @Bugcrowd Don't report this kind of bugs .

It became an informational, but I don't understand the reasoning behind it it's a clean pre authentication account takeover, hey @Bugcrowd is preauth account takeovers not a valid issue anymore yeah I used different logic but it's the same bug

@Cryptycore Unfortunately it's an informational

@hackrkid Inspiration comes from anywhere, nice king 🔥

Made a report on the bugcrowd platform today, please don't be a N/A or duplicate 🙏 Got the idea for this bug during my sleep

@Rockpratapsingh @Bugcrowd Bugcrowd's VRT I S always been confusing for me, I can't find bugs that are available on other platforms so I always choose the closest possible

@hackrkid @Bugcrowd choose vrt wisely, may be it's account squatting :/

@ironCardSec They closed it as informational

@hackrkid Nice find! How long did this take?

@_zSecurity_ Oh there was one, nice

@hackrkid We actually covered how to this with AI in the Hacking Masterclass zsecurity.org/courses/master…

We're giving away all of these hacking devices for absolutely FREE to celebrate hitting 600,000 subscribers on YouTube 🎉 Thank you so much for your love and support 🙏 ✅ How to Enter Follow us on X Comment on this post what you want us to teach next. Repost this to complete your entry! 🗓️ Ends: March 13th 🎁 Each winner will receive a powerhouse kit including: 🔥 ZS Cactus PRO: Combine keystroke injection capabilities, hardware keylogging and Wi-Fi phishing with wireless control. 🔥 ZS Venom PRO: Keystroke injection capabilities and Wi-Fi phishing with wireless control all inside a normal charging cable! 🔥 Atheros AR9271 WiFi Adapter: The gold standard for wireless hacking. It supports monitor mode and packet injection out of the box with rock-solid Linux compatibility. 🔥 Realtek RTL8812AU WiFi Adapter: Need 5Ghz? This dual-band adapter gives you high-gain performance and modern 802.11ac support for auditing high-speed networks. 🔥 Data Blocker: Stay secure on the go. This "USB condom" prevents accidental data exchange and juice jacking when charging your devices in public spaces.

@1ElGAZAR7 Is your last response at feb 24 range

After 1 month my bug on zoho is fixed awaiting for internal evaluation and bounty amount

@1ElGAZAR7 That might happen to me as well I don't mind it's been so long I don't care anymore, but money is money 🤑