3186
Talk and help about bugbounty
Methods For Exploiting File Upload Vulnerability | Remote code execution via polyglot shell upload
https://youtu.be/VhaGycxxUDo
Hello hunters. does anyone know a way to exploit this further ?
It has a HTTP auth tried to bypass and bruteforce as well No use
Cannot upload any reverse_shell files as authorization needed
IDOR leads to changing any user account password | Cat[.]com Bug Bounty Poc
https://youtu.be/0hxX2-KrRmo
Hi all..
I have a question. I am planning to buy an iPhone device to do IOS application pen testing...
Can some1 suggest me which device I should buy considering I need to jailbreak the device.. which latest device can be jailbroken easily currently.
I know iphone 6 is a common option here.. but I was thinking If I can go for more latest device and still jailbreak is without much prob
How Hackers Use Stored XSS to Steal Session Cookies Method | Zoom Session Takeover | $15,000 Bounty
https://youtu.be/Q6I0OiWjbDs
Please is anybody here good in finding xss I'm looking for a collaboration
Читать полностью…
Unfortunately, my YouTube channel was closed by a company 3 years ago as a result of a lawsuit. My old Twitter account was banned. After 3 years, my YouTube channel was opened. I was allowed to republish under a different name. If this incident hadn't happened 3 years ago, I might have been on this list. There are old videos on the channel for those who want to review them. To support, you can watch the videos and subscribe. Kind regards
f3cybersecurityx" rel="nofollow">https://youtube.com/@f3cybersecurityx
MetaMask Subdomain Takeover | $500 Bug Bounty Poc | Subdomain Takeover Method
https://www.youtube.com/watch?v=xP-u9i3N-3U
Ask
I found a URL like this
https://example.com/payment?description=order+card+
Then I changed the URL to
https://example.com/payment?description=test+success
So, this successful test is printed on the site, guess what the name of the bug is?
HTML Injections Leads to Template Injections - at (*.paypal. com)
https://youtu.be/1_9sdgQcGhs
Learn cloud security
https://www.cloudskillsboost.google/course_templates/21
Just check sources in dev tools. It can be JS context , so u shouldn’t escape html tags. Or it can be unexploiteble :(
Читать полностью…
When I asked that question I didn't just mean the browser only
Читать полностью…
How can one find xss even though the input isn't reflecting
Читать полностью…
Some important groups for hackers::
Bug Bounty Post group @BugCrowd
Bug Bounty Chat + ethical hacking group @BugCrowdChat
Bug Bounty Channel @hackersHandbook
CTF Channel
@HackTheBox_Training
CTF discussion group
@HackerTrain
Linklist of a hacker https://ZishanAdThandar.github.io
Share with Ethical Hacking Students
Hit me up
I need a hacker friend that we can work together
GraphQL Pentesting - Exploiting Command Injection in GraphQL - Graphql Command injection Method
https://youtu.be/tX6yMVx-B4w
How to exploit GraphQL | GraphQL for Beginners | GraphQL SQL injection | GraphQL Pentesting
https://youtu.be/68q0mxP0ZFg
https://x.com/f3SecurityX/status/1799484510465093657
Читать полностью…
example report:
https://hackerone.com/reports/1353200
Please this website is using an old jQuery version can someone show me how to find xss here
https://www.six-group.com/en/home.html
Shopify Stored XSS Bug Bounty Poc | $5300 Bounty #bugbounty #hackerone #shopify
https://youtu.be/XNXlSJLi7F4