#sunday_vibe
chilling arround while having exams this week 😁
happy sunday y'all🙌🙌

@AfroSec

[Bug_bounty ]

@AfroSec

#cert

I didn’t play after that night, and we ended up 619th.

Still, it was a great experience!

@AfroSec

gonna try EndeavourOS because my Parrot OS has been crashing for the past two days. Let's see how this flavor performs.

@AfroSec

wsuup fam😊

I just found a high-severity CORS bug on VDP program. The vulnerability exists in their API endpoint, and it allows requests from hosts that have this domain as a suffix.and it leads to Session Hijacking, account takeover and API Data Exfiltration.🤔🤔

Now, I'm exploring whether I can chain this with other vulnerabilities like idor or smth before submitting my report.

@AfroSec

Wow, theweekend 👌🔥🔥🔥
Just discovered this banger today, and I had to share it with YOU!😁

@AfroSec

you can use this template for wordpress setup config disclosure that contains so senstive info that count as p1 just run this template on all bbp subdomains..

echo 'https://speedtest.textrapp.com/' | nuclei -t prsnl/wp-setup-config.yaml

subfinder -d example.com -all | httpx-toolkit | nuclei -t prsnl/wp-setup-config.yaml

https://github.com/coffinxp/nuclei-templates/blob/main/wp-setup-config.yaml

https://speedtest.textrapp.com//wp-admin/setup-config.php?step=1

What do you feel when you drink coffee?🤔🤔

Me > It's like force-starting my brain—just like pushing the power button to force-start a PC. 😂
@AfroSec

This is me every night trying to stay awake the whole night, acting sleepy all day, and then getting roasted by our lecturer 😂
@AfroSec

As we all know, reading Proof-of-Concepts (PoCs) and writeups is highly recommended for improving at bug hunting. I came across this awesome GitHub repository filled with top-notch bug bounty reports:

👉 Awesome Bug_writeups

Check it out and start learning from the best! 🚀

@AfroSec

[js_recon_on_web ]

@AfroSec

what a Christmas song huh 😂😂
@AfroSec

just finished AoC challenge 😊
@AfroSec