Olivia
Online
~$ 𝔀𝓱𝓸𝓪𝓶𝓲
@0trusts
“Yesterday is history, tomorrow is a mystery, but today is a gift.
Norway, New South Wales
Joined December 2024
3.3K Following
261 Followers
4.1K Posts
@finance_bitflow @saqibarif98 @lostsec_ @Hacker0x01 It's has impact you have to buy a idn domain, don't use burp collab
@rutu609 That's good girl🙃🙃🙃
@nnwakelam Very very big
@cat_w1th_hat Bro on streak
@cyberlype Bro what they are finding
AutoAR is a powerful framework that automates the bug bounty workflow from recon to monitoring.
✅ Subdomain enumeration
✅ URL collection
✅ JS analysis
✅ Nuclei integration
✅ DNS takeover checks
✅ GitHub recon
✅ Continuous asset monitoring
Less time running tools manually, more time hunting for real bugs.
Repo: https://t.co/fNuKfymHYK
#BugBounty #CyberSecurity #InfoSec #BugBountyHunter #Recon #OSINT #AppSec #Hacking
All You Need to Master IDOR: A Complete Resource Guide by B1scuit 🔥
👨💻 Raunak Gupta (B1scuit)
🔗 https://t.co/HLaSyhcOJL
Stay connected:
🔗 https://t.co/FeMz53IqCy
CSRF ATO using not so known technique of chaining facebook login csrf
had made over 11,000$ across programs in 2022
#bugbounty #bugbountytips
@ArmanSameer95 Hey tess bro what vulnerability you found in T-Mobile which was rewarded 55k $. Do a writeup would love to see crazy findings.
@rutu609 Send some here
Have you found a WordPress that the home page redirects to an authentication page? It could be used by Internal teams as a CMS, knowledge sharing, etc
The frontend is protected, but what about the API?
1/2 🧵👇
#BugBounty #BugBountyTips
Check the /wp-json/ to see what data is accessible, more specifically:
- /wp-json/wp/v2/posts
- /wp-json/wp/v2/pages
- Custom plugins endpoints
You may find Secrets/PII in the plugins and sensitive data in the posts and pages.
@the_IDORminator I think T-Mobile has 9-10 days
@the_IDORminator Hunt on your favorite T-Mobile
📌SSRF Bypass Payloads
Blind XSS Tips
waybackurls https://t.co/odzRZwbak4 | gf xss | sed 's/=.*/=/' | sort -u | tee Possible_xss.txt && cat Possible_xss.txt | dalfox -b https://t.co/sHRn5B6e7F pipe > output.txt
#bugbountytips #infosec #hacking
Most people overlook PDF files, PDFs may contain Registration links or Registration Codes that can be used to either privilege escalate or access hidden applications
@shamim_12__ @Bugcrowd @Hacker0x01 It depends upon the website workflow. Many times websites do not allow normal bxss payload. So in that case i use payload which extracts cookies only and does not touch anything else like dom, screenshot etc, as these functionalities are very alarming and Waf stops execution.
Last Seen Users on Sotwe
𝗔𝗶 𝗖𝘂𝗺 𝗦𝗹𝘂𝘁𝘀 🍒
Seen from Pakistan
pazar sevisgeni
Seen from Turkey
آزاد خیال منٹو 
Trai đẹp cặc to 💦
Seen from Vietnam
Lrkrstl
Seen from Malaysia
وهـ☆ـم
Seen from United States
Kakao Aiden
Seen from France
Youssef Gehad 7
Seen from Egypt
Together
Seen from Thailand
ZonkTheChonk
Seen from United States
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers
✨
⭐
💫