progprnv

Ranked #5 🌍 on Hackerone VDP Q1 2026 Leaderboard. Not a big fan of VDPs... I usually hunt on Bugcrowd for BBP and when I burnout I come to hit on @Hacker0x01 #bugbounty

@facebook @metabugbounty Just could not login back to my bug bounty account. Sent several feedbacks but no use. Still getting error when i try login. #support #helpcenter #meta

No burpsuite, No proxy intercept Just simple logic flaws.. Rewarded $$$ from @Hacker0x01 Tip: Read documentation for atleast 30 minutes before you give up on your program #hackerone #bugbounty #cybersec

iykyk

Everyone laughs at teapot_bugcrowd but look what he does in 2024 #bugbounty #cybersecurity #infosec #ethicalhacking #bug #bounty #bugcrowd

Just some VDP stuffs Testing Time: 5 hours Reported and Resolved within a month. Tip: Read documentation atleast for 30 mins after using Target application. #BugBounty #Cybersecurity

@Om_Codes_ Hi

Twitter is cool. But it’s 100x better when you connect with people who code daily If you’re into tech, AI, DSA, Web development, Web3 or programming, say hi

Sensitive information vulnerability checklist 1. Fuzz every stag subdomain 2. target - stag - .com/{Fuzz} 3. If got hit on any path 200 OK 4. Then target - stag - .com/valid_path/{Fuzz} 5. Repeat until you hit a sensitive page or endpoint and check it's src code #BugBounty

I miss the early Twitter BBP community where people actually shared tips and lessons from their findings. Nowdays my feed is flooded with bounties screenshots, tools and there paid services promos and courses ads. It’s just not the same vibe anymore..

While playing with authorize tool try to inject bxss payload along with any cookie paramter 🍪

If Ruby on rails is your target, then focus on authentication flow. #bugbounty #bbp #tips

Got rewarded $$$ from self hosted program. #bugbounty #CyberSecurity

@CyberScanDev It's a self hosted prgm bro, I also got amazed. Weirdest ever. You can also bypass by putting three payloads at the same time. <h1>hel</h1><h1>hel</h1><h1>hel</h1> Since it's a vdp I didn't tried to go in-depth.

@progprnv There is no logic😂

Weird Htmli bypass Injected: <h1>hello</h1> Reflected as hello<> <> and other tags not allowed when it's closed. Payload crafted: <h<h1>>hello<</h1>/h1> Done. Deep dive into knowing how server behave #bugbounty

Finally Automated Blind XSS Testing Toolkit Released🚀 ✅ Link: bit.ly/3GRjZzC

Just search "filename:.npmrc _auth" on GitHub for NPM Credentials Leak thank me later :)

While hunting for sensitive information disclosure bugs, use waymore! #bugbounty #bugbountytips

One linear Easy XSS !! #bugbounty #cybersecurity #infosec #xss #Tips #ethicalhacking #bug #bounty #bugcrowd #h1

@HackenProof @Bugcrowd @yeswehack @Hacker0x01 That's a ++

@progprnv @Bugcrowd @yeswehack @Hacker0x01 We'd be thrilled to see you on our platform! 🚀 Feel free to join our Discord to connect with fellow ethical hackers and stay updated. Hope to see you there! discord.com/invite/QC932NG…

Text Injection : Easy One Linear subfinder -d example.com | httpx -silent | gau | grep -E "(\?|=)" > endpoints.txt After this, inject your payloads into endpoints.txt #CyberSecurity #bugbountytips #bugbounty #tips