3186
Talk and help about bugbounty
Hello guys is there any rce for httpbin? Or known high critical vulnerabilities
Читать полностью…
Maybe it's escaped or inside some element that prevents it from triggering
Читать полностью…
I recently visited the official airdrop page at https://hanchain.online is and attempted to claim the airdrop. However, I encountered an issue—I was only able to successfully redeem the airdrop once. Could you please provide clarification on why this limitation exists?
Читать полностью…
hello fellow hunters, if the target program detected that i have gained access to other accounts, and fixed the vulnerability before my report get triaged, is that means i won't get paid...?
Читать полностью…
Asking for a bounty when there was none advertised isn't good business, even if all the necessary information is provided. If this "hacker" is contacting you and asking for a bounty without giving you all the details you need to reproduce the vulnerability yourself then that is blackmail and possibly a scam if the vulnerability is bogus.
Читать полностью…
Hi, I need help, we have a site on platform, scammer wrote to me and says “ I will turn off your site, if you will not pay to me, and say about bug bounty, how can I secure site?
Читать полностью…
I understand that I need to send noturlencoded payload
Читать полностью…
<html>
<head>
<title>Welcome!</title>
</head>
<body>
Welcome <span id="welcome"></span>
<script>
var position = document.URL.indexOf("name=");
var name = document.URL.substring(position+5,document.URL.length);
var welcome =document.getElementById("welcome");
welcome.innerHTML = name;
</script>
</body>
</html>
If you don't want to pay - https://portswigger.net/
Читать полностью…
Hello guys i am totally confused how to start what to lear first for bug Bounty what should i do first
Читать полностью…
There is no waf on the site
The website is written in Python
It has Header: X-XSS-Protection
But the site is in Reflection
I wonder if we can do something better about Xss Reflcted first?
https://www.linkedin.com/feed/update/urn:li:share:7168857554293309442/
Читать полностью…
Hello everyone. Unfortunately, my Cyber Security Youtube channel, which has a capacity of 20000 people, has been closed. Can you support me? Thank you very much if you subscribe, watch and like the videos. Happy hacking everyone!
ozanagdepe" rel="nofollow">https://www.youtube.com/@ozanagdepe
anybody wants collaborate with ne I got a cool private invite froma. program and they doubled bounty scope is huge
Читать полностью…
The website is reflecting response but may payload isn't working.
Читать полностью…
How to deep crawl subdomains in a website is there any techniques or methodology is there to deep enumeration the subdomains
Читать полностью…
having a feeling that telegram will go down too.
Читать полностью…
Maybe the problem that browser blocks specialchars
Читать полностью…
And I don't understand why I can't make a xss here
Читать полностью…
Thanks bro for doing all this
Let me see portswigger
Is it trusted and worth it should i pay 65 dolar ?
Читать полностью…
Hi all, I’m looking over the Internet for materials on Complete SAP pentest but can’t find a good one. If anyone in this group have any info please do share me
Читать полностью…
Hello,
All of my topmate call is free of cost. If you want to learn something in free. Make booking through topmate for free.
https://topmate.io/vijeta
https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e
Читать полностью…
Hello guys,
Just published a new BugBounty write-ups. Please have a read and do clap if you like it
https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307