Bug bounty chat

28 Oct 2023 22:01

I am also interested to know

Bug bounty chat

28 Oct 2023 22:01

after downloading all the files, make sure you analyze them)

Bug bounty chat

28 Oct 2023 19:33

Hy everyone , I found a .git file on one domain but I don't know how to exploit it . Anyone please help

Bug bounty chat

28 Oct 2023 18:15

Try to check if there are on linkedin to enumerate more on mail

Bug bounty chat

28 Oct 2023 17:21

What are the techniques and tips to find the the real Ip

Bug bounty chat

27 Oct 2023 14:55

Hello
Anyone interested in OSCP training program ?

Bug bounty chat

25 Oct 2023 17:54

wordlists.assetnote.io
SecLists

Bug bounty chat

25 Oct 2023 17:46

Which one is the best tools for a directory brute forcing

Bug bounty chat

25 Oct 2023 14:29

ANY ONE KNOW HOW TO FIX IT

Bug bounty chat

25 Oct 2023 07:32

Hey am going through the course of Rana khalil and I’ve one doubt the sql injection in which she teach finding column, retrieving data from other tables

These things works in real life scenarios or any other ways to get this work in real life scenario


Anyone can help please?

Bug bounty chat

23 Oct 2023 19:54

did you check in optional directory?

like /opt/dirsearch

Bug bounty chat

23 Oct 2023 09:24

Any good tutorial on CBC bit flipping

Bug bounty chat

19 Oct 2023 01:17

Always keep HIDING THE TRUTH

Bug bounty chat

18 Oct 2023 21:11

Try adding ' see if it does anything different

Bug bounty chat

18 Oct 2023 15:58

I am pentesting a website
And it have a login page for workers login
If we type any email id not belongs to its database it will throw an error saying email id not recognised
And it only have a input box to enter email address.and a submit button

And it have a hidden password field
A parameter is passing in post request also named "hidden_pw"

Is any way to expolit

I have tried email ennumeration but it has rate limit implimented .any one help me to understand the purpose of this parameter

Bug bounty chat

28 Oct 2023 22:01

Ohk thanks will try this

Bug bounty chat

28 Oct 2023 19:47

There's a high chance you'll get sensitive files

Bug bounty chat

28 Oct 2023 18:32

https://youtu.be/77YG4xT6j8w

Bug bounty chat

28 Oct 2023 17:46

https://youtu.be/M0AGrUqL7hk?si=6xDvNlyLvEApFFlC

Bug bounty chat

28 Oct 2023 07:20

Sometimes I find the real IP but my payload won't execute

Bug bounty chat

26 Oct 2023 09:44

A lot of times it's false positive

Bug bounty chat

25 Oct 2023 17:53

Thanks for your reply I need another help could you please suggest me the wordlist for directory and subdomain brute forcing

Bug bounty chat

25 Oct 2023 17:26

Hi my friends

Has anyone explored the nuclei template? what is the password?

graphite-browser-default-credential

Bug bounty chat

25 Oct 2023 11:15

As far as I know, this could possibly work good for outdated and poorly maintained systems aka legacy systems (eg: rare E-Commerce site which is built on older platform and older CMS)

Bug bounty chat

23 Oct 2023 20:47

I will see , thank you 🌹.

Bug bounty chat

23 Oct 2023 11:17

In Google Cloud Where is the main "Wordlist" of DirSearch !!?

It's not in share or lib or etc .!

Bug bounty chat

19 Oct 2023 10:18

Any idea on how to exploit CVE-2022–42889?

Bug bounty chat

18 Oct 2023 21:15

Don't just end the test when u got 200 Ok look for any difference in the response time or application behavior and try to imagine what is happening on the back-end

Bug bounty chat

18 Oct 2023 21:11

Did you try SQL injection?

Bug bounty chat

18 Oct 2023 13:05

Anyone want tryhackme voucher or hackthebox DM me