Bug Bounty – Telegram

Bug Bounty

@bugbountyresources

10.5K subscribers

369 photos

3 videos

46 files

426 links

Bugbounty Resources • Tips • Security Zines • Writeups • Vulnerability Update • Notes • Mindmaps • Cheatsheets • Checklists • Article / Blogs • PDFs • ebooks •

Download Telegram

About

Blog

Apps

Platform

10.5K subscribers

4 🙌 Ways to become a bug bounty hunter

1️⃣ Clear your web fundamentals first

2️⃣ practice this on Tryhackme and any other place that you know well

3️⃣ Complete portswigger labs

4️⃣ Last but not the least: Read bug bounty reports as much as possible, This will give you a good understanding of how the web actually works and you would be able to think like a bug hunter

❤38👍10🔥5😁2

3.27K views04:17

https://youtu.be/xZd1JWmLGLk

How To Bypass Website File Upload Restrictions

https://jh.live/snyk || Special Thank You to Snyk for sponsoring this video! Get started with Snyk FOR FREE ➡ https://jh.live/snyk

00:00 NahamConCTF Byepass
01:46 NahamConCTF 2022
02:53 Challenge Begin
08:10 Source Code
12:34 Alh4zr3d's Tweet
12:44…

👍6🔥3

2.87K views11:16

👍22

2.95K views01:32

If an unsafe logger is used, an attacker can inject code and execute arbitrary commands, even if the page being accessed is a 404 page.

Always test HTTP request headers to make sure the application is handling the headers correctly.

👍17🔥4

2.75K views15:11

Did you know if you make the website response with a 400 error status code eg send a request with a massive long characters

You could know what is the real server of the website that hidden behind Cloudflare or other WAF’s.

🔥20❤5🤔3👍2

2.74K views15:14

My Twitter Interaction Circle! Love you all

🔥16👍4

2.67K viewsedited 12:02

Use These Instead Of Alert and Prompt
In XSS Payload

Example : alert(1) can be encoded as

This leads to bypass waf or blacklisted words at input field

XSS Payload can be manipulated as

<img/src/onerror=Put The Encoded Js here to prompt the alert>

Check This Out : http://jsfuck.com

#bugbounty #Infosec #hacking #cybersecurity

JSFuck - Write any JavaScript with 6 Characters: []()!+

JSFuck is an esoteric and educational programming style based on the atomic parts of JavaScript. It uses only six different characters to execute code.

❤16😱5👍2

3.2K views10:48

👍4

2.89K views10:48

👍5

2.82K views10:48

❤5

2.91K views10:48

Thank you to everyone who has supported me

Below are x10 free TryHackMe T-shirts and x10 free TryHackMe Baseball Hat swags vouchers

TryHackMe T-Shirt: yVL63k7vuS
TryHackMe T-Shirt: FVwalIK7fB
TryHackMe T-Shirt: bf5Mqqcg8v
TryHackMe T-Shirt: ShG1kGVVz9
TryHackMe T-Shirt: IPkz4ZrpKt
TryHackMe T-Shirt: lhwmkd4LoT
TryHackMe T-Shirt: Nc9SbpBSof
TryHackMe T-Shirt: PGUfOjX2Eh
TryHackMe T-Shirt: 8JzWreyv6I
TryHackMe T-Shirt: ThDkJUd6ax

TryHackMe Baseball Hat: miQKcybjxx
TryHackMe Baseball Hat: pqs71HkZyK
TryHackMe Baseball Hat: 7AxdZSQ9dw
TryHackMe Baseball Hat: BUnGQFfuNs
TryHackMe Baseball Hat: Jz7uai3jQa
TryHackMe Baseball Hat: HcH9topxPg
TryHackMe Baseball Hat: aBhrI4gpzG
TryHackMe Baseball Hat: HbpIBzqb2I
TryHackMe Baseball Hat: WHm4iwcYp2
TryHackMe Baseball Hat: aDpwawb7u2

👍27❤9🔥8🤔5😢4👏2👌2

2.85K viewsedited 13:24

Happy happy happy new year 🥳

May the new year 2023 bring joy, prosperity, and all the things you wish for.

❤29

2.66K views01:11

A Gift From My Side

2 x 1-month Tryhackme Voucher: https://tryhackme.com/voucher/stats/B8MMeLOTPAx8NF

😢14❤5🔥4👍2

2.72K viewsedited 02:50

Don't worry After exactly 30m - Another 2x1-month Tryhackme Voucher giveaway

❤15👍3🤡2🤣1🫡1

2.77K views03:09

VOucher: https://tryhackme.com/voucher/stats/497esgccfFA7wj

😢20❤8🤬4🔥3👍1😁1

2.9K views03:51

if Anybody wants to purchase at a cheap price, can contact @infosec_lover

❤4🔥3🤡3👍1

2.94K views04:30

Someone asked me to give some tips to pwn Admin Panel. Here are some basic ways to find the admin panel and bypass it. I learned most of it from Portswigger Lab Academy and It works whenever I apply on a real target.

#bugbountytips #bugbounty

👍34🔥1

3.55K views07:24