43961
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
Error: Monthly quota exceeded
https://slava-moskvin.medium.com/extracting-firmware-every-method-explained-e94aa094d0dd
[EN] Unsecure time-based secret and Sandwich Attack - Analysis of my research and release of the “Reset Tolkien” tool
https://www.aeth.cc/public/Article-Reset-Tolkien/secret-time-based-article-en.html
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerable
pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448" rel="nofollow">https://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448
This is How You Scan Large Infrastructures
https://www.youtube.com/watch?v=N2Zy9Uvv1IU
No Way, PHP Strikes Again! (CVE-2024-4577)
https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/
Most people don't use this simple RECON trick!
https://www.youtube.com/watch?v=baSblIPErx0
YesWeHack Hunter Interviews – #7 drak3hft7: “Soft skills are as important as technical skills”
https://www.youtube.com/watch?v=p5iqNrD3Pj8
How We Got $$$$$ For a Blind Stored XSS To ATO
shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec" rel="nofollow">https://medium.com/@shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec
If I Were to Start in Cyber Security, I'd Do This
https://www.youtube.com/watch?v=aO3h_-aFbiY
Cybersecurity: Why ROI isn’t always a meaningful metric
https://blog.intigriti.com/2024/06/04/cybersecurity-why-roi-isnt-always-a-meaningful-metric/
Ticketmaster was hacked?? ##cybersecurity #ticketmaster @TruffleSecurity
https://www.youtube.com/watch?v=J9Bu99PHfkw
How a Prompt Injection Vulnerability Led to Data Exfiltration
https://www.hackerone.com/ai/prompt-injection-deep-dive
Five easy ways to hack GraphQL targets
https://blog.intigriti.com/2024/05/31/five-easy-ways-to-hack-graphql-targets/
Refining your HTTP perspective, with bambdas
https://portswigger.net/research/adjusting-your-http-perspective-with-bambdas
Understand the cloud security attack surface
https://blog.projectdiscovery.io/understand-the-cloud-security-attack-surface/
CREST and Pentesting: What You Need to Know
https://www.hackerone.com/security-compliance/crest-pentesting
#NahamCon2024: GraphQL is the New PHP | @0xlupin
https://www.youtube.com/watch?v=tIo_t5uUK50
MetaMask Subdomain Takeover (Consensys) | $500 Bug Bounty Poc | Subdomain Takeover Method
https://youtu.be/xP-u9i3N-3U?si=ooLVhCem9w5aSWos
#NahamCon2024: The Art of Bypassing WAFs (with live demos!) | @Brumens2
https://www.youtube.com/watch?v=VKnX1vj65Ro
HackerOne and Zoom Select EverythingALS as the Latest Charity For #Hackforgood
https://www.hackerone.com/customer-stories/zoom-als-hackforgood
$5000.00 IDOR na HackerOne!
https://m.youtube.com/watch?v=2SKVah4BEYI
What do you think? Coding is required for #cybersecurity or no?
https://www.youtube.com/watch?v=OoDPJspN2L0
Analysis of CVE-2024-2738 Apache HugeGraph
https://blog.securelayer7.net/remote-code-execution-in-apache-hugegraph/
Latest ReconFTW Release v2.9!
https://github.com/six2dez/reconftw/releases/tag/v2.9
HackerOne’s Next Stage of Growth
https://www.hackerone.com/hackerones-next-stage-growth
Exploring the Unknown: Beneath the Surface of Unpatched WordPress SSRF
https://patchstack.com/articles/exploring-the-unpatched-wordpress-ssrf
On Fire Drills and Phishing Tests
http://security.googleblog.com/2024/05/on-fire-drills-and-phishing-tests.html
Hunting bugs in Nginx JavaScript engine (njs)
https://0xbigshaq.github.io/2024/05/24/njs-vr-bugs/
Lessons Learned from Over a Decade of On-Call
https://www.hackerone.com/engineering/on-call-lessons
He could've BACKDOORED GITLAB's code base!?
https://www.youtube.com/watch?v=oF1q60ScuGc