Hassan Farooq

Here is My First Write-up . Hope That You guys will like it :) #bugbountytips #BugBounty #togetherwehitharder #bugbountytip link.medium.com/MKMmB1Qj0ub

@victoria_og1 Congrats ! Can you give me any tip on finding research papers for using as base paper .

One of the research papers I’ve been working on since last year has finally been published. I just wish there were a course in pre-clinical years dedicated to teaching students how to navigate research.

Do the same with Umer Hayat Kaka as was done with Sana Yousaf. It should serve as an example for everyone else. #sanayousaf #dosamewithumerhayatkaka

@hamsterfounder UQAAUOf-gNKaFTAofnnkHOdHR1578Y8wYqv-Aekflq6qIlrA

Integrity flow vulnerability in "microsoft teams" poll 3000$ bounty Sometimes, overlooked isuue can create significant vulnerability. In the "displayname" field, we send the name of the person we want the message to be send. #bugbounty

Google Dork - all the juicy extensions site:"target[.]com" ext:log | ext:txt | ext:conf | ext:cnf | ext:ini | ext:env | ext:sh | ext:bak | ext:backup | ext:swp | ext:old | ext:~ | ext:git | ext:svn | ext:htpasswd | ext:htaccess

@TheRoyHunter313 @Hacker0x01 Congratulations bro , is it a bug bounty or a vdp one

Thank you @Hacker0x01 for taking my report seriously. Your commitment to security is much appreciated!

@shodanhq God mine

The $5 Membership sale is now live! The sale lasts until July 17 23:59 UTC: account.shodan.io/billing/member

I've spent a long time finding security vulnerabilities in Facebook. Today, I'm sharing interesting IT assets I came across during security testing. I'm excited about contributions and hope this will save the time of many pen-testers. #Security #Facebook github.com/win3zz/Meta-Ow…

@HolyBugx @intigriti ✌️✌️

Tired of getting caught in captcha checks during #OSINT #investigations? SearXNG is a #privacy-respecting search engine that never gets in your way. Choose any of the instances to use. searx.space #ThreatIntel #CyberSecurity #infosec #OPSEC #intelligence #CTI

@Noahhweb3 0x936A1E387E325332D9C8184c56f7d11eF0356C16

@SainetworkAI 0x936A1E387E325332D9C8184c56f7d11eF0356C16

@zachcoineth @zachxbt 0x936A1E387E325332D9C8184c56f7d11eF0356C16

CVE-2023-24243 - CData RSB Connect - Server Side Request Forgery (high) 🚨 Nuclei Template : github.com/projectdiscove… CLI command : nuclei -uq 'http.favicon.hash:163538942' -t CVE-2023-24243.yaml -vv @pdnuclei #hackwithautomation #bugbounty #pdteam #infosec #poc

@zachcoineth @zachxbt 0x936A1E387E325332D9C8184c56f7d11eF0356C16

The critical Vulnerability CVE-2023-27997 in #Fortigate has been patched by #Fortinet. You can find affected endpoints by this one-liner. Patch now. 👇👇 #recon #AttackSurface #bugbounty #xortigate #cve #cybersecurity

How Recon Leads to RCE and Many More Vulnerabilities 🩻 github.com/NafisiAslH/Kno… #bugbountytip

Some Shodan Dorks that might useful in Bug Bounty. 🧵👇 1. org:"target.com" 2. http.status:"<status_code>" 3. product:"<Product_Name>" 4. port:<Port_Number> “Service_Message” 5. port:<Port_Number> “Service_Name” 6. http.component:"<Component_Name>"

Bug Bounty Tips:- 1- site:*.target.com ext:php 2- echo sub.target.com | waybckurls | grep "\?" | uro | httpx -silent > parameters.txt 3- nuclei -l parameters.txt -t fuzzing-templates 4- You may find xss,sqli,ssrf,open-redirect vulnerabilities #bugbountytips