3264
Talk and help about bugbounty
Yes that is Vulnerability, you are able to share stories in WhatsApp
Читать полностью…
Can you help me to know more about stored XSS vulnerability?
Читать полностью…
I have a subdomain sub.domain.gov.sa and I wanted to find if there are any subdomains of it what tools do you recommend? I tried subfinder and sublist3r on that subdomain but found nothing. Will fuzzing it like FUZZ.sub.domain.gov.sa work?
Читать полностью…
Hmmm, just try to find something juicy into the code such as hardcoded creds and interesting functions
Читать полностью…
It depends on the code functionality (if it is vulnerable or not) and what kind of path is about...
Читать полностью…
End of the day we report, get paid, move on. The rest is on them. Don’t harp on it for too long
Читать полностью…
After XSS vulnerabilities are reported, how long does it take to fix it? There is a duplicate report from another report two months ago. Why did it take so long and it wasn't fixed??
Читать полностью…
i get 3 vulns to target cracking aws smtp for email spamming anyone inetrresent dm me to work
Читать полностью…
https://vijetareigns.medium.com/pre-account-takeover-using-oauth-misconfiguration-ebd32b80f3d3
Читать полностью…
I'm willing to lend anyone here money to try @Rum pirate but once satisfied, pay me back
Читать полностью…
Hey guys I am a active bug hunter! I've made some good amount of $$$$. In this process I learnt a lot of private stuff that people don't tell you also made a lot of notes and learnt a lot of new tricks.
I am a Comp Sci Student, A programmer and I also do CTFs. I understand web applications properly and that's why I have been able to do good in bug bounties. I am offering private guidance to new people. I'll be charging around 50-100$ for an hour and you'll be free to ask me anything you want and I'll also share my personal notes and personal knowledge that I have accumilated till now. DM me if anyone needs Help.
Hey All, just thought I’d let everyone know I’m offering private classes in Ethical Hacking, Bug Bounty, Pen Testing, etc… for anyone who’s interested in learning from 0 or for those who have some experience and need extra help or guidance. Feel free to message me directly for more details. Thanks! 🎉
Читать полностью…
Hey all! Just thought I’d do a quick announcement. I’m offering classes in ethical hacking, pen testing, bug bounty, etc…for anyone who might be interested please feel to reach out to me directly for more details. Thanks!
Читать полностью…
i was hunting on a programm , and on a specific path i got that website's sourcecode , is that p1 vulnerablity
Читать полностью…
Depends on the company and based on the roadmap. They might have it on their list of “to-dos”. Every company assesses bugs differently and where they fall on low - critical. I’ve worked for huge companies and things we might think of as “big” in reality isn’t for them
Читать полностью…
The best way to determine it is to ask the bb team about it. In normal bb programms it's normal to define the scope, if it's not clear, you may just ask the bb managing team, if it's ok to work on the exact entity.
Читать полностью…
I have a question in the target im working on it looks like the domain is actually a subdomain. They provided it in the format of “sub.domain.gov.sa” does that mean subdomains under “domain.gov.sa” are out of the scope?
Читать полностью…
Please why is it difficult to install graphql Damn Vulnerable graphql app. Please has anyone successfully done so and how
Читать полностью…