Rashedul Islam

@RashedulCSS

Cybersecurity Enthusiast | Python Lover | PowerPoint Hero | Fiery Typist | Student at University of Dhaka

Dhaka, Bangladesh

Joined January 2013

474 Following

539 Followers

377 Posts

Pinned Tweet

Rashedul Islam @RashedulCSS

over 1 year ago

Alhamdulillah...! #Top_2 once again on Tecno Mobile Security Response Center @TecnoSRC! Rewarded with $7,300 including the special recognition #Diligent_Star. "...And Allah provides for whoever He wills without limit." [Al Quran - Sura 24:38] #bugbounty #cyber #security

RashedulCSS's tweet photo. Alhamdulillah...!

#Top_2 once again on Tecno Mobile Security Response Center @TecnoSRC!

Rewarded with $7,300 including the special recognition #Diligent_Star.

"...And Allah provides for whoever He wills without limit." [Al Quran - Sura 24:38]

#bugbounty #cyber #security https://t.co/mYTF0Hygbp

1

9

0

0

767

Rashedul Islam @RashedulCSS

7 days ago

14th June, World Blood Donor Day...! Donated for 16 Times, Alhamdulillah... Now a member of lifelong "Silver Club"...

RashedulCSS's tweet photo. 14th June, World Blood Donor Day...!
Donated for 16 Times, Alhamdulillah...

Now a member of lifelong "Silver Club"... https://t.co/5pKjgqX6SA

0

1

0

0

29

Rashedul Islam @RashedulCSS

about 1 month ago

It's high time to be 'Hallucinated by AI'... 😂😂😂

RashedulCSS's tweet photo. It's high time to be 'Hallucinated by AI'... 😂😂😂 https://t.co/SJA1SpnrZr

0

0

0

0

25

Rashedul Islam @RashedulCSS

10 months ago

I just completed module #API #Attacks in @hackthebox_eu...! Price: $10 The last challenge will teach you once again to 'Try Harder'... You'll learn here the OWASP Top 10 API Security Risks... My Rating: 4.7 https://t.co/qb8tKeJ7tw #hackthebox #htbacademy #cybersecurity

RashedulCSS's tweet photo. I just completed module #API #Attacks in @hackthebox_eu...!

Price: $10

The last challenge will teach you once again to 'Try Harder'...

You'll learn here the OWASP Top 10 API Security Risks...

My Rating: 4.7

https://t.co/qb8tKeJ7tw

#hackthebox #htbacademy #cybersecurity https://t.co/da3Vh0EvS8

0

0

0

0

175

Who to follow

Imamul Mursalin

Security enthusiast aka Cyber Security Researcher

26 y/o | Application Security Enthusiast |BugBounty Hunter | he/him | 🇹🇱

होइहि सोइ जो राम रचि राखा। को करि तर्क बढ़ावै साखा॥

Rashedul Islam @RashedulCSS

10 months ago

@Fabrikat0r @4osp3l Interested and willing to contribute...

0

0

0

0

39

Rashedul Islam @RashedulCSS

over 1 year ago

PortSwigger featured my tips here https://t.co/LAbHPc4sKC

0

4

0

3

141

Rashedul Islam @RashedulCSS

over 1 year ago

Don't Use Burp Suite Like Mediocre! Some Burp Suite Shortcuts for Your Efficient Hacking! - Ctrl+R Send a request to the 'Repeater' tab - Ctrl+Shift+R Jump to the 'Repeater' tab - Ctrl+Space Send the request to the server from the 'Repeater' tab - Ctrl+U URL Encode your input

RashedulCSS's tweet photo. Don't Use Burp Suite Like Mediocre!

Some Burp Suite Shortcuts for Your Efficient Hacking!

- Ctrl+R Send a request to the 'Repeater' tab
- Ctrl+Shift+R Jump to the 'Repeater' tab
- Ctrl+Space Send the request to the server from the 'Repeater' tab
- Ctrl+U URL Encode your input https://t.co/tNLSsd6TpM

1

18

0

12

881

Rashedul Islam @RashedulCSS

over 1 year ago

@Monir_Ish Glad you found it helpful...!

0

0

0

0

48

Rashedul Islam @RashedulCSS

over 1 year ago

Don't Start Web Hacking Now, Begin from YESTERDAY! Get Ready for Bug Bounty in Just 4 Steps: 1. Start learning from https://t.co/8xQlCU6BaB by selecting a particular bug type e.g. Broken Access Control 1/2 #infosec #bugbounty #tips #ethicalhacking #infosecurity #whitehat

RashedulCSS's tweet photo. Don't Start Web Hacking Now, Begin from YESTERDAY!

Get Ready for Bug Bounty in Just 4 Steps:

1. Start learning from https://t.co/8xQlCU6BaB by selecting a particular bug type e.g. Broken Access Control

1/2

#infosec #bugbounty #tips #ethicalhacking #infosecurity #whitehat https://t.co/z2TMukwS04

3

87

6

60

5K

Rashedul Islam @RashedulCSS

over 1 year ago

@fallen_0ne_ Some people keep learning bugs but they don't apply the methods in real world web applications to exploit such vulnerabilities... For example, you just completed a Race condition lab from Portswigger, go for exploiting this vulnerability in a bug bounty website...

0

3

0

0

251

Rashedul Islam @RashedulCSS

over 1 year ago

2/2 2. Keep reading disclosed reports from https://t.co/km8Zr1Xri3 3. In the next two months, whenever you start using a browser, always intercept all traffic through Burp. 4. Don't fall into the learning loop, start hacking today!

0

14

0

4

645

Rashedul Islam @RashedulCSS

over 1 year ago

What an insight! @NahamSec "When I can't find bugs, I change perspective not targets. Client-side -> API Issues Main App -> Developer Platform" "Give Me 13 Minutes and 2025 Will Be Your Best Bug Bounty Year" YouTube Link: https://t.co/wManVJgsfM

RashedulCSS's tweet photo. What an insight! @NahamSec

"When I can't find bugs, I change perspective not targets.

Client-side -> API Issues
Main App -> Developer Platform"

"Give Me 13 Minutes and 2025 Will Be Your Best Bug Bounty Year"

YouTube Link: https://t.co/wManVJgsfM https://t.co/Dpgm8qLqZu

0

54

3

8

1K

Rashedul Islam @RashedulCSS

over 1 year ago

@Mhmdibrhmmm_ My friend hunted on that program, later he gave that...

0

1

0

0

48

Rashedul Islam @RashedulCSS

over 1 year ago

Alhamdulillah! Awarded with $600 for finding an IDOR vulnerability! Context: - The Web App was letting users to upload payment screenshots if they chose 'Bank Transfer' method for boosting their posts. - But abusing the IDOR vulnerability, I could upload/replace victims' images.

RashedulCSS's tweet photo. Alhamdulillah!
Awarded with $600 for finding an IDOR vulnerability!

Context:
- The Web App was letting users to upload payment screenshots if they chose 'Bank Transfer' method for boosting their posts.
- But abusing the IDOR vulnerability, I could upload/replace victims' images. https://t.co/2R3Ej3eXhd

3

112

2

20

3K

Rashedul Islam @RashedulCSS

over 1 year ago

@Mhmdibrhmmm_ Yes brother...

1

0

0

0

116

Rashedul Islam @RashedulCSS

over 1 year ago

@torik_1999 I've shared the secrets in the first comment. Please check it yourself...!

0

0

0

0

95

Rashedul Islam @RashedulCSS

over 1 year ago

Alhamdulillah...! Rewarded with $1,200 for a Stored XSS attack...! Want to know the secrets? Reveal them from the comment section... #infosec #bugbounty #stored #xss #tips #ethicalhacking #infosecurity #whitehat

RashedulCSS's tweet photo. Alhamdulillah...!
Rewarded with $1,200 for a Stored XSS attack...!

Want to know the secrets?
Reveal them from the comment section...

#infosec #bugbounty #stored #xss #tips #ethicalhacking #infosecurity #whitehat https://t.co/rhqRwXNOtd

13

135

3

39

7K

Rashedul Islam @RashedulCSS

over 1 year ago

@mateen9x9 I've shared the secrets in the first comment. Please check it yourself...!

0

1

0

0

76

Rashedul Islam @RashedulCSS

over 1 year ago

@trffnsec Nice catch...! 😍

0

0

0

0

89

Rashedul Islam @RashedulCSS

over 1 year ago

@MrD0tt Exactly brother! Seems like the first XSS was found by you.

0

0

0

0

106

Rashedul Islam @RashedulCSS

over 1 year ago

@mrirfan___07 2/2 Replace the image link with an XSS payload like... POST /comment HTTP/1.1 Host: https://t.co/wp0jIoZySQ commentText=Nice&imageLink=https://t.co/oPIO8OvlB3" onerror=confirm(1337) onerror=confirm(1338) NB. Don't forget to use 'onerror' event double time.

0

0

0

1

5

Rashedul Islam @RashedulCSS

over 1 year ago

@mrirfan___07 Secrets: 1/2 If you see, your uploaded image generated a URL and getting passed immediately with another HTTP request like below POST /comment HTTP/1.1 Host: https://t.co/wp0jIoZ13i commentText=Nice&imageLink=https://t.co/CxNi9Ai3Sg

0

0

0

0

9

Last Seen Users on Sotwe

Trends for you

Most Popular Users