3186
Talk and help about bugbounty
Hy guys , i found unregistered npm package , should i report directly to program or i should wait for dns pingback as a proof of concept ?
Читать полностью…
Brothers I'm new to this team can help anyone to earn money through bugs clearing.
Читать полностью…
I have so much knowledge in networking and hacking, but I don't now what the approach should follow for finding bugs in website. So please help me. which tools are used in bug bounty what the process for finding the bugs.
Читать полностью…
Hello everyone, I am new to bug bounty, so please help me how to start bug bounty and how to find bug in websites.
Читать полностью…
I'm looking for a job
Completed Btech cse
Can Anyone help me plz
It will take sometime, dont worry that's natural you can either discover the ways in a day or a year depends on ur research and fast learning
Читать полностью…
Hey, can anyone help me to bypass ssl pinning of an app?
The app is in xapk format in play store
Mostly now adays these are main locations due ti upgrade in sec and waf
Читать полностью…
Depends on the SQL server version or the permission of the current user
Читать полностью…
Trying a new SQL tamper. Any one stuck with waf or 406 can dm me.
Читать полностью…
I'm good at exploits.. but lazy for reconnaissance. So if you can help with that. I can exploit it
Читать полностью…
How to burp suite paid version free access . If anyone know pls let me know friends
Читать полностью…
Нужны заинтересованные люди в команду.
Доход от 900 долларов за неделю,полностью дистанционный формат.
Пишите мне + в личные сообщения.
I am new 😭mere ko sikha doo koi mere ko nhi pata kya hota h ismeh
Читать полностью…
Hello, is there a site to work on bug bounty, or are there any sites that advertise like this?
Читать полностью…
When testing for XSS and you find double quotes (") encoded, which of these encodings should you try? Are all of these worth testing, or are some just not useful?
Encodings to Test:
HTML Entities
", ", "
JavaScript/JSON Escapes
JavaScript: \"
Octal: \042
Hexadecimal: \x22
URL Encoding
%22
Unicode Encoding
UTF-16 Hex: \u0022
UTF-8 Hex: 0x22
HTML Hex: "
ASCII Encoding
Hexadecimal: 0x22
Decimal: 34
Binary: 00100010
Are all of these worth trying, or are some of them a waste of time?
the first thing you need to learn is how the network works, kali and the database
Читать полностью…
Look at low traffic off peak time and check see the difference most 403 bypass was on allllll low traffic that works witj me
Читать полностью…
Look sometimes peak traffic cuts u off so my suggestion is have a good payload ready and try bypassing when traffic is low check the off peak time and peak time for your target low traffic always works so monitor know what ur target website is working on
Читать полностью…
Hi Cheet
I've been doing for the past 9 months now and I'm yet to report a valid vulnerability 🥹
The ones that are valid are duplicate
Please can you guide me and put me through on how to get my first bounty on bug bounty🙏
If the database user has got write permission you can upload a shell or if the database server version is got a vulnerability it can be exploited.. sometimes database might contain admin password and that can use to upload shell and get a shell
Читать полностью…
Yes but not actually the case rce can happen only on post request and api or cgi
Читать полностью…
Is it possible to open an RCE vulnerability? Through SQL injection vulnerability
Читать полностью…
We are all here to support each other if you need anything you can ask about it but if you are waiting for the perfect roadmap, i'm sorry to burst your bubble but there is no such thing JUST START and as i said if you need anything you can ask us and good luck for all of us.
Читать полностью…