3186
Talk and help about bugbounty
I recently visited the official airdrop page at https://hanchain.online is and attempted to claim the airdrop. However, I encountered an issue—I was only able to successfully redeem the airdrop once. Could you please provide clarification on why this limitation exists?
Читать полностью…
hello fellow hunters, if the target program detected that i have gained access to other accounts, and fixed the vulnerability before my report get triaged, is that means i won't get paid...?
Читать полностью…
Asking for a bounty when there was none advertised isn't good business, even if all the necessary information is provided. If this "hacker" is contacting you and asking for a bounty without giving you all the details you need to reproduce the vulnerability yourself then that is blackmail and possibly a scam if the vulnerability is bogus.
Читать полностью…
Hi, I need help, we have a site on platform, scammer wrote to me and says “ I will turn off your site, if you will not pay to me, and say about bug bounty, how can I secure site?
Читать полностью…
I understand that I need to send noturlencoded payload
Читать полностью…
<html>
<head>
<title>Welcome!</title>
</head>
<body>
Welcome <span id="welcome"></span>
<script>
var position = document.URL.indexOf("name=");
var name = document.URL.substring(position+5,document.URL.length);
var welcome =document.getElementById("welcome");
welcome.innerHTML = name;
</script>
</body>
</html>
If you don't want to pay - https://portswigger.net/
Читать полностью…
Hello guys i am totally confused how to start what to lear first for bug Bounty what should i do first
Читать полностью…
There is no waf on the site
The website is written in Python
It has Header: X-XSS-Protection
But the site is in Reflection
I wonder if we can do something better about Xss Reflcted first?
https://www.linkedin.com/feed/update/urn:li:share:7168857554293309442/
Читать полностью…
Hello everyone. Unfortunately, my Cyber Security Youtube channel, which has a capacity of 20000 people, has been closed. Can you support me? Thank you very much if you subscribe, watch and like the videos. Happy hacking everyone!
ozanagdepe" rel="nofollow">https://www.youtube.com/@ozanagdepe
and if a company have to pick between 2 people it will always pick the person with the cert because clients will want people with certs testing their apps, not some random kid that says he is good at hacking but cant proved it with anything
Читать полностью…
If you are good companies won't care much about certs
Читать полностью…
How to deep crawl subdomains in a website is there any techniques or methodology is there to deep enumeration the subdomains
Читать полностью…
having a feeling that telegram will go down too.
Читать полностью…
Maybe the problem that browser blocks specialchars
Читать полностью…
And I don't understand why I can't make a xss here
Читать полностью…
Thanks bro for doing all this
Let me see portswigger
Is it trusted and worth it should i pay 65 dolar ?
Читать полностью…
Hi all, I’m looking over the Internet for materials on Complete SAP pentest but can’t find a good one. If anyone in this group have any info please do share me
Читать полностью…
Hello,
All of my topmate call is free of cost. If you want to learn something in free. Make booking through topmate for free.
https://topmate.io/vijeta
https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e
Читать полностью…
Hello guys,
Just published a new BugBounty write-ups. Please have a read and do clap if you like it
https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307
yeah that too but the problem is that companies now days will only try to pick those with the certs, now days thats the key for hr
Читать полностью…