AshenOne

@Magn4_ @Hacker0x01 miss your YT video man when will you release next one?

First and hopefully not last Testimony on @Hacker0x01, This really made my day 😁😁😁

@HarshDRanjan1 @yeswehack bounty are low

Thinking of trying @yeswehack Have you used it? How’s the experience compared to HackerOne or Intigriti? Worth getting into, or should I stick to the usual platforms? Would really appreciate some honest feedback

@4osp3l what subscription model do you use?

I found and reported 2 DOM-XSS + SSRF using cluade sonnet 4.6! It's not about the model. It's about how you use it.

@0xraselrana AI effect I guess?

This is the 29th duplicate since ramadan😅

@0xw2w where did you get "we are so back"? I only see "we are cooked" in every announcement

How it feels reading Anthropic announcements over the past few months.

USE YOUR FUCKIN VOICE FOR THIS HOLY FUCKKKK. THEY ARE GOING TO KILL 10,000 PALESTINIAN HOSTAGES

@xssdoctor @Jhaddix hi I would like to ask how did you learn and be good at client side hacking I was thinking of starting to learn client side hacking a little guide line will be appreciated

About a year and a half into my hacking journey, I was pretty bummed out. I had done so much work and learned so much, but I wasn’t finding any bugs. I decided to do something drastic, and I sent a discord message to a hacking legend, @Jhaddix…

@Rhynorater @ctbbpodcast @xssdoctor damn my monthly subscription just ended few days ago

Absolutely unbelievable content in the @ctbbpodcast discord with @xssdoctor

Hi I have found a SSRF in a pdf render functionality, when I try to hit the meta data endpoint with iframe it gives error that meta data header is required, but when I host script on my server with meta data header hitting the meta data endpoint then the response is empty

@saur1n I don't need it but can you write a blog post of how you look for ssrf?

Alright guys, because we're in the holy week and I want to give back just like our father taught us. I have a 3 month Burp Suite pro license I want to give away to someone that needs it, reply down below whatever you wanna say to earn it and I'll choose the winner tonight No DMs

@fr4vian congrats

crits...

@sahinyes @intigriti congrats

After many duplicates, I finally reached my goal of submitting one valid bug report this month on the last day. I’m so happy. Thank you for making this possible @intigriti #bugbounty

@ArchAngelDDay i knew it 😈

Im a fraud guys, I haven’t found any bugs- Caido has 😭

@Shabosec but how the hack you got that password tho?

I found this Admin portal using Y-Dork site:Target.com inurl:login | inurl:admin | inurl:login | inurl:logon | inurl:sign-in | inurl:signin | inurl:signup | inurl:sign-up | inurl:dash | inurl:portal | inurl:panel | inurl:register | inurl:administrator 🔥🔥🔥🔥🔥

@hackrkid congrats which platform is this?

Just got assigned my second bounty although I disagree with them for it being low let's see, I did make an appeal

@OreoB1scuit which subscription model do you use?

Claude Love Digging JS files 😂

@shreyas_chavhan are you using cluade for bugbounty?

one more triaged and paid, yayyyy!! 😍 coming back stronger.

@z0ksh_ @zerocopter Hi brother how do you get invited to zerocoptore bugbounty platform? I mean I know by dorking you can get some programs but does it secure your place in bugbounty platform? i'm meaning to say that after submitting few vulns on those programs can i get invited on other programs?

The first 2 reports and the first triage on @zerocopter #BugBounty #zerocopter #HallOfFame #CyberSecurity #InfoSec #Pentesting #BugHunter #WebSecurity #zuksh

@the_IDORminator made 600 dollars doing this

I maintain that adding a trailing slash to random pages and APIs remains the stupidest albeit perhaps most effective and prevalent authorization and/or WAF bypass there is. Go slay #bugbounty, the world depends on your proper insertion of the slash. When you get your first bounty doing this, go on a vacation and when your wife says "No no, it's too expensive." You say: "Its OK, the slash is paying for it." Because in what other field can you add a backslash somewhere and make enough money to take the family on a vacation 🤣 /place/thing/page.aspx --> /place/thing/page.aspx/ some/v1/api/users --> some/v1/api/users/ Other common wins are: /, //, %2f, %3f, #, and so forth. Just tack stuff lack that on the end. Maybe combine it with method changes. OK BYE

@OreoB1scuit are you using 20$ subscription?

First time found a DOM XSS using Claude AI Payload: '-(a=window.alert,a.call(this,"XSS POC By B1scuit"))-' #bugbounty #bugbountytips