Bug bounty chat

22 Apr 2024 11:21

Try escalating it more or else it will go in Informative vulnerabilities or very minimal bounty or points depending on the platform you are reporting.

Bug bounty chat

22 Apr 2024 01:22

Hello hunters, while inspecting a js file, I found Names, Email addresses and Role : Admin, Signup date. Should I report it?

Bug bounty chat

21 Apr 2024 20:43

Sn1per is also good option as it does all the work on its own!
You just have to have all the tools required for it

Bug bounty chat

21 Apr 2024 20:03

One more question please, how can I use Burpsuite to detect if my target is vulnerable to sqli?

Bug bounty chat

21 Apr 2024 20:01

I think sqlmap also detect XSS?

Bug bounty chat

21 Apr 2024 19:59

Thanks. I was able to use waybackurls.

My question: Any tools to check for sqli and XSS from the urls Please?

Bug bounty chat

21 Apr 2024 13:52

nuclei, wfuzz or ffuf for automation content discover. https://github.com/tomnomnom/waybackurls for endpoints from waybackmachine

Bug bounty chat

21 Apr 2024 13:48

also you can try to search endpoints from other subdomains or look in js files in other subdomains

Bug bounty chat

21 Apr 2024 13:38

Hello hunters, how can I get endpoints for a third level domain?

Waymore and gau aren't working
bug.dev.bounty.com

Bug bounty chat

18 Apr 2024 20:37

hello hackerone hackers

if you are "Clear/ID verified" can u share how much ((BBP)) invites u have for each category ?

i want to know if it's really worth applying!

u can check from this links:

"ID verified" https://hackerone.com/opportunities/all/search?bbp=true&idv=true

"Clear verified" https://hackerone.com/opportunities/all/search?bbp=true&h1_clear=true

Bug bounty chat

18 Apr 2024 19:48

Chat me up for detailed information.

Bug bounty chat

18 Apr 2024 17:48

Need professional logo maker dm fast

Bug bounty chat

18 Apr 2024 17:08

Any body willing to collaborate on a paid project?.

Bug bounty chat

14 Apr 2024 16:21

https://youtu.be/1KPMyZlZoCs

Bug bounty chat

13 Apr 2024 17:27

https://youtu.be/eSHjZ8bFJno

Bug bounty chat

22 Apr 2024 11:20

Instead of 404, fuzz 403 try to bypass it.
403 has more credibility if bypassed than 404.
For 404, you can try fuzzing but just inspect first which type of pages the website is using that can narrow down your approach for wordlists.
For Example: While scrolling a website and traversing it's different pages you get to know that website is using .aspx or .php or some extensions like that for about us and sitemap.xml too.

Bug bounty chat

22 Apr 2024 00:54

Best wordlists for fuzzing 404 ?
Anyone please

Bug bounty chat

21 Apr 2024 20:42

Use xsstrike or xspear

Bug bounty chat

21 Apr 2024 20:02

I remembered running sqlmap on request form and it shows that a particular is likely vulnerable to reflective xss

Bug bounty chat

21 Apr 2024 20:00

Using the -m flag, right?

Bug bounty chat

21 Apr 2024 14:57

I'm fine and you man

Bug bounty chat

21 Apr 2024 13:49

Is there any tool that can automate it?

Bug bounty chat

21 Apr 2024 13:45

waybackmachine, google, github (dont forget for gist.github.com), content discovery

Bug bounty chat

19 Apr 2024 09:51

New XSS Bypass Cloudflare WAF 🧱

Payload : %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E

Bug bounty chat

18 Apr 2024 19:51

According to the OWASP methodology?

Bug bounty chat

18 Apr 2024 19:39

I'm a beginner can I participate

Bug bounty chat

18 Apr 2024 17:09

Looking for collaboration partner on a paid job.

Bug bounty chat

17 Apr 2024 14:38

Any body recently did CRTO exam? Dm please

Bug bounty chat

13 Apr 2024 18:10

who wants to befriend and teach me how to find website vulnerabilities and plant backdoor shells

Bug bounty chat

11 Apr 2024 19:35

I'm looking for someone who can hack a website like planting a backdoor shell or shell finder