Anas

@theXSSrat Why one year? You easily learn all that in one certificate eWPT and you become a good hunter or complete the eWPTX and you will be professional

From 0 to Bug Bounty Hunter in 12 months: thexssrat.podia.com/big-beautiful-… Month 1–2: Learn the basics: networking, HTTP/HTTPS, DNS, cookies, Linux, command line, and how the web works. Month 3–4: Study web security fundamentals: XSS, SQLi, IDOR, CSRF, auth flaws, SSRF, file upload bugs, access control issues. Month 5–6: Practice in labs every day. Use legal training platforms, solve writeups, and repeat the same bug classes until you truly understand them. Month 7–8: Learn reconnaissance: subdomain discovery, content discovery, parameter hunting, JS file analysis, screenshots, note taking, and organizing targets. Month 9–10: Start hunting on real programs. Pick beginner-friendly public targets, stay within scope, read policies carefully, and focus on simple high-signal bugs first. Month 11: Improve reporting. A good report needs: clear title, steps to reproduce, impact, proof, and a clean fix suggestion. Month 12: Review everything. Track misses, re-test old targets, specialize in 2–3 bug classes, and build your own workflow. Daily routine: 1 hour learning 1 hour labs 1 hour recon or live testing 1 hour reading reports/writeups Rules: * Be consistent * Take notes * Go deep, not wide * Most people quit too early Goal for year 1: Not “get rich fast.” Goal = become dangerous with fundamentals, find valid bugs, and build a repeatable process. 1 focused year can change everything.

@malmuqti الله يعز الدوله عقبال توطين اقسام تقنية المعلومات IT والجوده ومطورين 👏🏻🤍

🔴 رسمياً بالنسبة توطين 100% وزارة الموارد البشرية: توطين المهن الادارية المساندة في القطاع الخاص. - نسبة التوطين : 100% - اعتبارا من 5 أبريل

@zeroxjf @ios8me Have you tested in 18.2.1 ?

Now available: FiveIconDock for iOS 18.4–18.6.2 via Safari. LightSaber (get it?) uses a modified/stripped DS chain, so test devices with no data strongly recommended. Repurposed malware payloads have inherent risk so exercise caution. Full src is avail. zeroxjf.github.io/lightsaber/

@wheretogosaudi 350 مع اكل ولا بدون ؟ وهل المواقف مجانيه ولا بفلوس ؟

واخيييرًا منتزه #اكواريبيا في مدينة #القدية بيفتتح بتاريخ 23 ابريل وخلوني اعلمكم وش ينتظركم هناك ورابط حجز التذاكر في البايو 😍🌊 #qiddiya #وين_اروح

@Shabosec site:target.com (inurl:login OR inurl:admin OR inurl:administrator OR inurl:dashboard OR inurl:panel OR inurl:portal OR inurl:cpanel OR inurl:auth OR inurl:account) (intitle:login OR intitle:admin OR intitle:"log in" OR intitle:"sign in" OR intitle:dashboard)

I found this Admin portal using Y-Dork site:Target.com inurl:login | inurl:admin | inurl:login | inurl:logon | inurl:sign-in | inurl:signin | inurl:signup | inurl:sign-up | inurl:dash | inurl:portal | inurl:panel | inurl:register | inurl:administrator 🔥🔥🔥🔥🔥

🚀 عرض خاص من HONOR! يسعدني أشارككم كود خصم تقدرون تستخدمونه عند الشراء من موقع HONOR: 🎟 الكود: AHOTLINEAPR28 💸 خصم 4% على مشترياتكم 📅 ساري حتى نهاية هذا الشهر 🛒 الموقع: honor.com/sa-ar/ تقدرون تشاركون الكود مع غيركم عشان الكل يستفيد 🙌 تسوق ممتع!

@khanhduytran0 CVE that might be useful for IOS 18 JB Kernel CVE-2024-54518 CVE-2024-54522 CVE-2024-54523 Sandbox/ Privilege CVE-2024-54468 CVE-2024-54529 CVE-2024-54535 WebKit CVE-2024-54543 CVE-2025-14174 CVE-2025-43529 CVE-2025-43300

Google has identified the following CVEs as PPL bypasses (17.0+ only applies to A12-A14) CVE-2024-23225: 17.0-17.3 CVE-2024-23296: 17.1-17.4 16.5.1-16.7.8 are also vulnerable to plenty of PPL bypasses Also, some pages are still up! Archive them while you can since these can be later exploited for jailbreak and such.

اللهم بلغنا ومن نحب شهر رمضان 🌙 ونحن واهلنا واحبتنا في صحة وعافية، واجعلنا من أهل الخير والطاعة، اللهم اجعلنا من الذين يصومونه ويقومونه إيمانًا واحتسابًا، ويغفر لنا فيه ما تقدم من ذنوبنا، وما تأخر، برحمتك يا أرحم الراحمين🤲🏻 #شعبان #شهر_شعبان