I don't know, what is work their support and CEO/owner don't know this topic. without real searcher f**king triager's giving duplicte, then same report we reported and it accept. lol😆😆
That's why intigriti loss their reputation day by day
Linux For Hackers Fundamentals with @_JohnHammond! 🚀
Linux is the backbone of hacking. In this hands-on course, you’ll master the command line with skills tailored for hackers.
If you're looking to up your Linux game, this course is for you!
Sign up 👉 https://t.co/AY6l4r8cIa
We just dove into our shelf of archived bug bounty write-ups from the most notable hackers! 🤠
In this issue, we selected 5 compelling articles (that are still relevant today) to share with you, from which you can learn something new! 😎
🧵 👇
Credential leaks!
here are few blogs to learn about them!
1. https://t.co/CnD9TUmGDX
2. https://t.co/Dk0Re4Qp29
3. https://t.co/n34jqvri7g
4. https://t.co/UqxQD8C4eG
5. https://t.co/3z7QMN1yzx
6. https://t.co/MDXAYdrjfQ
7. https://t.co/SkMsPCySZC
8. https://t.co/DFxEw2kIf8
Let's Connect Over other platforms : https://t.co/WOe92cu3pi
Blind SQL Injection
Tips:
1. Gather all urls from gau/waybackurls and Google Dorking.
2. Inject SQLi payload in all parameters one by one.
3. Analyze the response.
Payload used:
0'XOR(if(now()=sysdate(),sleep(10),0)) XOR'Z
#bugbountips
Why we didn't use!!
url/?f=etc/passwd ==> 403
encode etc/passwd as base64
url/?f=L2V0Yy9wYXNzd2Q= ==> 200
#note
you can use this trick in SQL , SSTI , XSS , LFI , Etc...
Thanks Orwa #bugbountytips