Olivia
Online
Hamza Avvan
@hamzaavvan
Cybersecurity Researcher | Bug Bounty Hunter ❤
Joined November 2014
52 Following
519 Followers
174 Posts
Pinned Tweet
VDP to Bounty!! I was awarded a $250 bounty on @Hacker0x01!
I started hunting on a VDP. Luckily I found an open redirect. Reported it via their website's responsibile disclosure page. Got a verification email from hackerone.
https://t.co/vYLfoIvbpC #TogetherWeHitHarder
I just published in @gitconnected Quick & Easy $100 Bug That You Can Find In 5 minutes https://t.co/VwB7wjphDS
@Gisme_1 @snfiidev @gitconnected knowledge of javascript can help you. The trick is to replace repetitive operators with variables for making it shorter.
I just published in @gitconnected 4 XSSs With A Simple & Optimized Payload https://t.co/vGgT98izrK
Bug Bounty Intigriti Challenge 0223 Stored XSS Via Image Exif https://t.co/kuuijkJy7z via @YouTube
@snfiidev @gitconnected The optimized one. It's mentioned in the article 🙂
A=![]+'';B=!![]+'';C=[][[]]+'';F=[][C[4]+C[5]+A[2]+B[0]+A[4]+B[1]];D=F+'';F[D[3]+D[6]+C[1]+A[3]+B[0]+B[1]+C[0]+D[3]+B[0]+D[6]+B[1]](A[1]+A[2]+A[4]+B[1]+B[0]+'(1)')()
A Unique Tale Of P1: Exposed GraphQL Leads to Mass User Account Takeovers https://t.co/NmKHymxQcJ
Check out my playlist: Road To Ethical Hacking https://t.co/OlKzqowoEz via @YouTube
.@hamzaavvan has made some awesome YouTube Shorts answering my #AppSec interview questions! Check them out: https://t.co/qudEr4vB83
VDP to Bounty!! I was awarded a $250 bounty on @Hacker0x01!
I started hunting on a VDP. Luckily I found an open redirect. Reported it via their website's responsibile disclosure page. Got a verification email from hackerone.
https://t.co/vYLfoIvbpC #TogetherWeHitHarder
@badthin2 @Hacker0x01 I apologize for the late reply but you can increase the severity of clickjacking by tricking a user into performing sensitive actions like changing their email address, deleting account, etc.
Second-order SQL injection on view parameter.
1. Create a malicious note with SQLi payload through /?note=<payload> parameter.
2. Goto /?view to execute your SQLi payload
#SQLI #bugbountytips
Vulnerable Code Snippet 💀
🥁 This time we have improved the experience by making it possible to run this code snippet in a docker environment!
Can you find the bug this time?
Practice your skills and try it yourself on our Github👇
https://t.co/fILsXfBZDi
#YesWeRHackers #BugBounty #YWHSnippet
@Brumens2 Thank you
Worth trying for anyone who wants to improve their XSS skills or learn something new. XSS via stylesheet injection challenge by @yeswehack.
#YesWeRHackers
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers