Cyberman

about 4 hours ago

@Ogechee_ @tryhackme Well done 👏🏽

1

0

14

about 4 hours ago

@chinky365251453 @Ogechee_ @tryhackme A name alone isn't generally considered sensitive information in the same way as id, account numbers or personal contact details.

0

1

0

9

about 4 hours ago

@chinky365251453 @Ogechee_ @tryhackme Certs are meant to identify who earned them. If you're sharing a cert publicly for professional purposes having your name visible allows employers and recruiters to verify that the cert actually belongs to you.

1

2

1

0

33

about 13 hours ago

Day 76/100 Tested a targets API today; graphql mutations, address endpoints, and checkout flow. Found graphql introspection enabled on a production endpoint. Full schema exposed, no authentication required. No critical finding yet... #BugBounty #CyberSecurity

0

2

0

33

cybermansec retweeted

about 16 hours ago

This is an interesting one. I will tell more about the vulnerability as soon as it’s resolved.

2

41

1

3

2K

cybermansec retweeted

about 20 hours ago

Let’s see

4

48

1

4

4K

about 24 hours ago

@4osp3l 🔥

0

1

0

174

cybermansec retweeted

1 day ago

👀

4osp3l's tweet photo. 👀 https://t.co/S0tztK5R0C

9

98

1

8

3K

1 day ago

Day 75/100 Set up a fresh hunting environment today- new attack surface and new opportunities. Getting everything ready for the next round of testing. #BugBounty #CyberSecurity

1

4

1

0

38

cybermansec retweeted

Naina Malik @Naina___Malik

3 days ago

Day 74/100 Got the outcome on the #IDOR I reported. My first reported vulnerability was validated as a duplicate of a bounty-awarded report. Back to hunting! #BugBounty

0

5

1

0

95

cybermansec retweeted

4 days ago

CRITICAL 🫣 Not duplicate this time… Some relief after long days, Dont get demotivated coz of AI just do your part.. #bugbountytips #Bugbounty

Naina___Malik's tweet photo. CRITICAL 🫣 Not duplicate this time…
Some relief after long days, Dont get demotivated coz of AI just do your part..
#bugbountytips #Bugbounty https://t.co/BGLpP3lODE

4

133

1

11

5K

3 days ago

Day 74/100 Got the outcome on the #IDOR I reported. My first reported vulnerability was validated as a duplicate of a bounty-awarded report. Back to hunting! #BugBounty

0

5

1

0

95

3 days ago

@ravimahile Appreciate it 🙏🏽

0

9

4 days ago

Day 73/100 Finally submitted the IDOR I found back on Day 36 to shopify's #BugBounty program, after walking an asset in scope of my new target. It took longer than expected but the report is in now. Whatever the outcome I'm glad I followed through and got it reported properly.

1

2

0

66

cybermansec retweeted

about 1 month ago

Day 36/100 Found my first real bug today. IDOR on a live #BugBounty target. Fully documented; screenshots, PoC & written report. Then hit a signal wall, can't submit yet as a new researcher. But the bug is real & the report ready #IDOR

3

8

2

1

355

cybermansec retweeted

4 days ago

DAY 2 Of Mastering FUZZING. ( Stack Overflow )

5

135

4

49

6K

cybermansec retweeted

spencer

@techspence

4 days ago

As much as we may not like it, and fight like heck against it, there's NO SUBSTITUTE for hard work. Doing your own research is an advantage.

2

13

2

1

1K

5 days ago

@gabbytech01 How did you prove your thinking

1

0

227