I just unlocked endless possibilities at @infosechire🚀
Early access form: https://t.co/UT51meJliV. I filled the form to fast-track my success. You can too! Thanks @bsidesahmedabad
Bonus:🎁Fill the form and enter to win exclusive InfoSecHire swag – only 10 spots!🛡️#InfoSecHire
Let's find some DOM-based Vulnerabilities [ DOM XSS & Open Redirections ]
Tips
1. Always Check ?returnurl=, ?next= and other redirection parameters before login.
#bugbountytipes
Bug Bounty Hint
How to test for SQL injection
1) Select params for testing in:
🔹 URL query
🔹 POST body
🔹 Headers
🔹 Cookies
It can be any parameter. Typically, I test integer parameters first.
🧵 1/8
Authorized camera access via Safari UXSS: the story of how a shared iCloud document can hack every website you've ever visited. https://t.co/xbPaRM9E1g
Get CIDR ranges owned by an organisation with asnmap, extract domain names using dnsx then check for CDNs, WAFs and cloud providers with cdncheck! 💡
Install these tools:
asnmap 👉 https://t.co/EGWR8fPJ2a
dnsx 👉 https://t.co/1319t7GcEd
cdncheck 👉 https://t.co/Pc4qruBhMi