Hein Thant @ht0x0_ - Twitter Profile

23 days ago

tf is really going on?

24 days ago

I'm not sure the community will like this. @Hacker0x01 will now reuse your novel techniques / exploits / old reports to look for vulns on the rest of the customer's infra. I guess they will add you as collab and give you a bounty, right? right?!

lean0x2f's tweet photo. I'm not sure the community will like this. @Hacker0x01 will now reuse your novel techniques / exploits / old reports to look for vulns on the rest of the customer's infra. I guess they will add you as collab and give you a bounty, right? right?! https://t.co/dOwwrRw43K

16

269

40

55

77K

0

42

ht0x0_ retweeted

ggwhyp @ggwhyp

about 2 months ago

I was hoping to compete in Pwn2Own with a Firefox full-chain entry, but unfortunately it was rejected. I’ve reported the vulnerability to the Mozilla team.

31

717

95

151

111K

ht0x0_ retweeted

Julien | MrTuxracer 🇪🇺 @MrTuxracer

almost 4 years ago

As promised: Here's my story about 8 CVEs resulting in a plugin removal and more than $30,000 in bounties! I've chained 3 of them to go from unauthenticated to admin, aka how to exploit a blind SQL Injection via XSS. https://t.co/Uti9trhWUX #BugBounty #security

20

801

287

280

0

Hein Thant @ht0x0_

almost 4 years ago

@LdrTom @Nutritionist_AP hi, i wasn't using paraminer in that case tho. the request was fetching ticket list details from backend in i noticed "employee_name" field in request body array. Thought it'd disclose email if i change with "employee_email" and it did eventually.

2

4

1

0

Who to follow

mohammed eldeeb

@malcolmx0x

Bug Bounty Hunter & security engineer

dirty0124

@dirtycoder0124

A positive, never give up person. Founder of https://t.co/2H0KjZ5riG Telegram group https://t.co/bjQUMjI9Lh

Avanish Pathak

@avanish46

Red Team Security Consultant | Lead Pentester @Cobalt_io |

ht0x0_ retweeted

publiclyDisclosed @disclosedh1

almost 4 years ago

TikTok disclosed a bug submitted by @_heinthant: https://t.co/pkzMVZSBUL - Bounty: $1,000 #hackerone #bugbounty

0

38

5

0

Hein Thant @ht0x0_

almost 4 years ago

holy moly @sudhanshur705

2

8

0

1

0

Hein Thant @ht0x0_

almost 4 years ago

Stumbled upon an interesting SSRF where i can’t control HTTP method. Is there any way to hit AWS metadata with “POST” method please? #bugbounty

ht0x0_'s tweet photo. Stumbled upon an interesting SSRF where i can’t control HTTP method. Is there any way to hit AWS metadata with “POST” method please? #bugbounty https://t.co/XVhKNg3dae

6

56

4

9

0

ht0x0_ retweeted

Frans Rosén @fransrosen

almost 4 years ago

I decided to make a homage-post to @homakov and @Nirgoldshlager about different OAuth-token leakage methods I've been researching – ten years after their blog posts that inspired me to start hunt for bugs ♥️ thank you. https://t.co/pODPvDUOU9

20

975

371

393

0

Hein Thant @ht0x0_

almost 4 years ago

Managed to cross $12000 in June ;) @Hacker0x01 @SynackRedTeam

2

153

0

6

0

ht0x0_ retweeted

Samuel @saamux

about 4 years ago

I have created an article for the Bug Bounty community which is focused on how to orchestrate hacking tools through Slack using python, ideal to be able to work with a workspace and thus be able to manage the tools easily, I hope it can help you. https://t.co/jIP5sEihem

4

164

42

61

0

ht0x0_ retweeted

Nagli

@galnagli

about 4 years ago

During @Hacker0x01 Ambassador Worldcup We (me, @rotembar and @realgam3) found DOM Based XSS that affected 6.5m+ Elementor websites, leading to 1 click WordPress panel takeover. Full writeup on Rotem's blog -> https://t.co/AfMwENptlt #BugBounty #BugBountyTips

9

326

105

70

0

Hein Thant @ht0x0_

about 4 years ago

In May, I submitted 21 vulnerabilities to 4 programs on @Hacker0x01. #TogetherWeHitHarder https://t.co/oD25hdcvI9

0

5

0

ht0x0_ retweeted

The Bug Bounty Hunter @tbbhunter

about 4 years ago

Hacking Smart Contracts: Beginners Guide https://t.co/cbZhXWKsvn

7

254

101

100

0

ht0x0_ retweeted

张惠倩 @momika233

about 4 years ago

Swagger-UI - from XSS to account takeovers hxxp://x.x.x.x/index.html?configUrl=https://t.co/vrO9u1ZNG9 https://t.co/alCbaQ8V2G #bugbountytips #BugsBunny

12

442

158

151

0

Hein Thant @ht0x0_

about 4 years ago

Good to be back at H1 after a long break. Dont just blindly bruteforce 6-8 OTP. Try to understand the applications logic and bypass with alternative path which dev might not notice about. #bugbounty

ht0x0_'s tweet photo. Good to be back at H1 after a long break.

Dont just blindly bruteforce 6-8 OTP. Try to understand the applications logic and bypass with alternative path which dev might not notice about.
#bugbounty https://t.co/KJzfFUekU1

0

6

1

0

ht0x0_ retweeted

yappare @yappare

about 4 years ago

@hacker_ https://t.co/2gap9suWY3 unashamedly share my post here :D

1

6

3

2

0

ht0x0_ retweeted

Shashank | CredShields

@cyberboyIndia

about 4 years ago

Blockchain & Smart Contract Security #1 Understanding Access Control in Smart Contracts and the Hospowise smart contract hack. Detailed blog post and a thread 1/6 https://t.co/eNNIMRQHT0

4

282

95

128

0

ht0x0_ retweeted

Corben Leo

@hacker_

about 4 years ago

How you can learn to hack web3 (and protect millions of dollars):

93

2K

473

1K

0

Hein Thant @ht0x0_

about 4 years ago

@kuldeepdotexe @SynackRedTeam I was on this target. nice find and great writeup man!

1

0

Hein Thant

@ht0x0_

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users