Alhamdulillah, just discovered a new bug!
-Tip:
When hunting Open Redirects, try inserting
//evil.com/..;/css in the URL
The server treats it as a local path but the browser redirects outside
Add a .js or .css file at the end.
#CyberSecurity#Hacker101#bugbountytips#BugBounty
๐ค๐คFree 100+ Hacking / Infosec pdfs ๐ค๐ค
๐ If you like my content, please follow and like! ๐
Let's take this journey to the moon ๐ and dive into the world of
Source: https://t.co/ZKePYv5Xi6
#infosec#Hacking#infosecurity#Malware#bugbountytips#CTF#BugBounty #vulnerability #pwn #CyberSecurityAwareness #CyberSecurity #cybersecuritytips #bugbounty #bugbountytips #cybersecurity #hackinggroup @SaveToNotion #bugbountytips #Programming #SSRFBible #TechTrends ๐๐ฅ
#bugbounty #bugbountytips #cybersecurity #hackingtools
200+ Hacking / Infosec pdfs
Like and Repost
Red Team Experts that explains the importance and details of Windows APIsโ๏ธ๐ท๐๐ท
Source: https://t.co/r2DAtBlxf8
Source: https://t.co/C9GLdg67l5
Credit:@C0d3Cr4zy#infosec#Hacking#infosecurity#Malware#bugbountytips#CTF #BugBounty #vulnerability #pwn #CyberSecurityAwareness #CyberSecurity #cybersecuritytips
๐๐ฐ Question of the day: How can you maximize payouts for "Low" risk open redirect issues? ๐ค I've personally earned over $30,000 in bounties by chaining open redirect submissions to ATOs. These "Low" severity bugs can often be escalated through a double redirection, resulting in bounties ranging from $750 to $5000, depending on the program.
Open redirects can be chained with legitimate redirects, allowing attackers to exfiltrate OAuth codes and tokens for potential account takeovers.
Here's the quick breakdown:
(1) Find a low-severity open redirect, for example: https://t.co/ktP26lD0uy.
(2) Look for site login functionality on core domains or subdomains. Assuming login is integrated with Auth0 or another equivalent service provider at https://t.co/09lMSKVy6y. In such cases, a valid redirect would usually look something like https://t.co/z33ygQDMLs
(3) You can now chain the vulnerable open redirect identified in step 1 with the login page and still be able to exfiltrate the login code in most cases. For example, you could craft a URI like https://t.co/dVC2YXpZZH
When a victim navigates to the above link and logs in, upon successful login, it will redirect them in this flow to the attacker controlled site:
https://t.co/7aqoiTOvLg -> (First Redirect) https://t.co/ZATutra0x2: -> (Second Redirect) https://t.co/1TkepNy8T6:
As a result, this ultimately leads to the leakage of Auth0 or other equivalent codes/tokens to an attacker-controlled server, resulting in an ATO.
Common mistakes: Reporting open redirects as simple issues without escalating their impact. Don't underestimate their potential. Always look for ways to level up! ๐ก #BugBounty #InfoSec #openredirect #cybersecurity #bugbountytips #hackerone #bugcrowd,#securitytips,#questionoftheday
If you want to be good at finding XSS, you need to understand how HTML/javascript work. Copying/pasting a payload everywhere works for some cases, but you'd be missing a lot of cases. What's filtered, your context, and what's possible with this combination are extremely important
Found XSS in private bug-bounty ..
document was filtered, so as () ..
my final payload -> javascript:setTimeout`\x64ocument.write\x28\x64ocument.\x63ookie\x29`
#bugbountytip#BugBounty
Update no 3: Reported 15 submissions (total).
Critical one:
Used Js Miner & https://t.co/hsyqK38rGq for finding sen* info in JS files.
Found a JS file disclosing access token without any endpoint.
(1/3)
Excited to share my Bug Bounty Script It automates security tests & reconnaissance for target domains including, web server scanning, subdomain enumeration XSS vulnerability scanning, and more!๐๐ Check it out GitHub: [https://t.co/gqvmvMqNyH]
#BugBounty#SecurityTesting#bug