Twitter
信息源 时间
Twitter
Ron Chan
ngalongc 原文
RT Frans Rosén: We did some fun tricks with nginx on bug bounties a while back, and made a post about out the configurations being vulnerable

Twitter
Ron Chan
ngalongc 原文
RT Detectify: Detectify co-founders @fransrosen, @avlidienbrunn and @Almroot found some interesting middleware misconfigurations and potential exploit...

Twitter
Ron Chan
ngalongc 原文
RT Youssef Sammouda: Enumerate internal cached URLs which lead to data exposure ($4800) Leaking Facebook user information to external websites ($2000)...

Twitter
Ron Chan
ngalongc 原文
RT Youssef Sammouda: View orders and financial reports lists for any page shop ($500) URLs in img tag aren’t safely embedded. ($500) Access employees...

Twitter
Ron Chan
ngalongc 原文
RT Orange Tsai  🍊: Most of my public presentation slides are on GitHub now!

Twitter
Ron Chan
ngalongc 原文
RT Farah: A new video is up! This one’s about what an Android application is made up of!  This video can be used as a reference for future videos abo...

Twitter
Ron Chan
ngalongc 原文
RT Adrien: Nice!  Finding more IDORs – Tips and Tricks

Twitter
Ron Chan
ngalongc 原文
RT Sam Curry: New writeup: "Hacking  Huge thanks to @sshell_ and @xEHLE_!

Twitter
Ron Chan
ngalongc 原文
RT STÖK ✌️: Bounty Thursdays #25 - Will AI really destroy the cyber security industry? find out now!  Feat awesomeness from ppl like @alxbrsn @Phil...

Twitter
Hx01
Hxzeroone 原文
RT Farah Hawa: The 2nd part of Android hacking is up!  I’m deep diving into vulnerable WebViews with 3 FULL DEMOS on exploiting different bugs relate...
Twitter
Hx01
Hxzeroone 原文
RT The Daily Swig: New: Exploiting #GDPR laws to gain access to personal data, by @Hxzeroone
Twitter
Hx01
Hxzeroone 原文
Re @Masonhck3571 thanks 😄😄
Twitter
Hx01
Hxzeroone 原文
Re @InsiderPhD @Jawad_bd7 this^^

Twitter
Hx01
Hxzeroone 原文

Twitter
Hx01
Hxzeroone 原文
Re @codingo_ 100% success rate, adding boom in my report template now

Twitter
Hx01
Hxzeroone 原文
Re @codingo_ Done, Let's see how many hours does it take to triage.

Twitter
Hx01
Hxzeroone 原文
Re @codingo_ brb adding a BOOM! 💥 in my submission.

Twitter
Hx01
Hxzeroone 原文
Re @MrTuxracer Thanks, I’ve read your case study before, it’s 🔥,useless trivia :intercom reply-to vuln was actually found to exploit the issue in...

Twitter
Hx01
Hxzeroone 原文
Re @Agarri_FR Thanks 🙏🏻

Twitter
Hx01
Hxzeroone 原文
Re @pudsec @0xKhattak Thanks!

Twitter
Hx01
Hxzeroone 原文
Hey👋! I wrote a paper on Abusing Data Protection Laws For D0xing & Account Takeovers. This research lead to over 5 figures in bounties & affected c...

Twitter
Hx01
Hxzeroone 原文
Re @Samm0uda Pretty much.

Twitter
Hx01
Hxzeroone 原文
Re @mertistaken @Bugcrowd 🥳🚀

Twitter
Hx01
Hxzeroone 原文
🥳

Twitter
Hx01
Hxzeroone 原文
Re @them8triarch @Bugcrowd

Twitter
Hx01
Hxzeroone 原文
Re @intigriti Fabiolalaan 55, 2627 Schelle, Belgium

Twitter
Hx01
Hxzeroone 原文
Re @intigriti Consider it done. hmu for logistics  🤙

Twitter
Hx01
Hxzeroone 原文
Re @intigriti 3000 Kudos?

Twitter
Hx01
Hxzeroone 原文
Re @NahamSec @udemy Congrats 🥳,Good work

Twitter
INTIGRITI
intigriti 原文
Re @PhackCTF Very excited to sponsor you! Good luck with the event!

Twitter
INTIGRITI
intigriti 原文
Ever wonder how triagers look at your submision? Mike Sheward (@SecureOwl) shares some key takeaways from his experience triaging bug bounty reports f...

Twitter
Cosmin
inhibitor181 原文
Also used @hipotermia 's tool to get the charts of my bounties. Good results!
Twitter
Cosmin
inhibitor181 原文
RT PortSwigger Research: New attacks on OAuth: SSRF by design and Session Poisoning by @artsploit
Twitter
Cosmin
inhibitor181 原文
Re @ajxchapman Well said! Mature approach on the subject and I agree with your statements entirely.
Twitter
Cosmin
inhibitor181 原文
Re @CristiVlad25 @ajxchapman @synack @intigriti @Bugcrowd @Hacker0x01 I do not think you can do this on a public platform. Synack is closed, so it con...
Twitter
Cosmin
inhibitor181 原文
Re @ozgur_bbh @ajxchapman I also agree with @MrTuxracer here. In theory it sounds good,but it's very subjective and even on a subconscious level,famil...
Twitter
Cosmin
inhibitor181 原文
Re @luketucker @erbbysam Duude, you made me so jelous... Meanwhile my shoes are getting spider cobs and you post those photos. Not ok
Twitter
Cosmin
inhibitor181 原文
RT Jake Miller: Just when you thought JSON was the one thing you could trust. My latest research on JSON interoperability vulnerabilities highlights t...
Twitter
Cosmin
inhibitor181 原文
RT DefCamp: Interested to become a bug bounty hunter? We had the pleasure to speak with @inhibitor181 and get a few insights on the topic. #BugBounty ...
Twitter
Cosmin
inhibitor181 原文
RT Frans Rosén: We did some fun tricks with nginx on bug bounties a while back, and made a post about out the configurations being vulnerable
Twitter
Cosmin
inhibitor181 原文
Thinking outside of the box yields fantastic results with the right idea. Absolutely amazing work !

Twitter
Cosmin
inhibitor181 原文
Re @MrTuxracer @luketucker @Hacker0x01 @Rhynorater @plmaltais @SebMorin1 @securinti @seanmeals @ArchAngelDDay @Hogarth45_ @smiegles @filedescriptor @n...

Twitter
Cosmin
inhibitor181 原文
RT spaceraccoon 🦝: Working late tonight but also just received approval from @Facebook to publish my offensive reverse engineering writeup from Bou...

Twitter
Cosmin
inhibitor181 原文
RT Ayoub FATHI 阿尤布: I just published leaky-paths on Github, it's a collection of special paths linked to major web CVEs, known juicy APIs, known mi...

Twitter
Cosmin
inhibitor181 原文
RT Fredrik N. Almroth: I accidentally managed to hijack a TLD:

Twitter
Cosmin
inhibitor181 原文
RT Sam Curry: Since it's 2021 I'd like to go ahead and disclose some bugs I wasn't able to talk about in 2020. These were issues that either got NDA'd...

Twitter
Cosmin
inhibitor181 原文
RT Assetnote: What do you do once you have found a blind SSRF? Check out our blind SSRF glossary which contains a number of handy attack chains:

Twitter
Cosmin
inhibitor181 原文
Re @bug_dutch Naah, don't be intimidated. Take it as a challenge, I have my methods, other ppl have other methods and I know from past events that I m...

Twitter
Cosmin
inhibitor181 原文
RT David Schütz: 2021 = more writeups! 🎉 Check out my new @GoogleVRP writeup about stealing any private @YouTube video:

Twitter
Cosmin
inhibitor181 原文
Re @intigriti swag