[2023] Tweets by Worldofeternity on 10 Jul

@oualilweb nice one

@h4x0r_dz script kid

#bugbountytips #bugbounty #cybersecurity #Pentesting #Hacking #bugcrowd #Hackerone #IDOR #XSS During my research in one of the private programs I registered an account inside the platform and tried to get XSS inside the account information In the notes (which appear in the… https://twitter.com/i/web/status/1675586568092876800 http://pbs.twimg.com/media/F0DgXiKWAAET37t.jpg

@androidappsdev2 no

@_N0T0R10US_ Did you know that I got SQLI full database dump and they only gave me 300$ from the same program!!! So now I'm filing reports against them in Hackrone http://pbs.twimg.com/media/F0GbO3pXsAA0Z-x.png

@Bugcrowd Why can't I see a blue checkmark !! https://twitter.com/i/web/status/1675970010462732289

@YoavRaman @_N0T0R10US_ They contain user databases

@_N0T0R10US_ @YoavRaman same Program http://pbs.twimg.com/media/F0RCvQZWYAEG_PD.png

#bugbountytips #bugbounty #cybersecurity #Pentesting #Hacking #bugcrowd #Hackerone #IDOR #XSS Self Xss To Destroy Any Account Sometimes when looking for stored Xss via name Inside an account on one of the sites You will get self-XSS and therefore will not be accepted --->… https://twitter.com/i/web/status/1676667845206331409 http://pbs.twimg.com/media/F0S4bg7X0AMmmzL.png

@Biapongkering_ I don't know if it's a duplicate or unacceptable haha

#bugbountytips #bugbounty #cybersecurity #Pentesting #Hacking #bugcrowd #Hackerone #IDOR #XSS #SQLI How I found #SQLI in an unexpected place Welcome Through my search on one of the sites I found a file named http://test.com\administrator When I click on it, it redirects… https://twitter.com/i/web/status/1677622197974708225 http://pbs.twimg.com/media/F0gcevnXwAAjO2F.png

@sec_jota The problem is not limited to X-Forwarder-For only Every header can be injected I have a vulnerability, I injected the cookie or user-agent

@oxsonder Google Translator because I am bad at English I apologize 🙏

@TheMsterDoctor1 nice one

@greyhathackr Taken by Nokia 3310

@IBMorg sure you can do it with all files of domain http://test.com/ and make tools to loop the SQLMAP with with change

#bugbountytips #bugbounty #cybersecurity #Pentesting #Hacking #bugcrowd #Hackerone #IDOR #XSS #SQLI Blind #RCE When you find a file upload center inside any site You will definitely look for RCE because it is considered the most important and dangerous security vulnerability… https://twitter.com/i/web/status/1678327395068067842 http://pbs.twimg.com/media/F0qd3BMWwAE3Ooe.png

@SuprodipBhatta3 i stream on youtube https://www.youtube.com/@LiveBughunting/streams

@androidappsdev2 yes