Ahmad Yussef
رفتن به کانال در Telegram
Ranked Top 280 On Google BBP🎉 Security Content || Bug Bounty DM me to join my private channel: @a7mad_n1
نمایش بیشترکشور مشخص نشده استفناوری و برنامهها18 355
5 240
مشترکین
-124 ساعت
+187 روز
+6430 روز
آرشیو پست ها
5 241
+1
Tomorrow will be the last day for a $40 lifetime subscription, after tomorrow it will be a $50 Lifetime subscription.
DM me soon, if you are interested
5 241
After two days the subscription will be $50 lifetime subscription instead of $40.
If are u interested, DM me soon @a7mad_n1
Please be advised there is no discount.
I only accept Crypto, PayPal.
5 241
+1
Yeah I got $500 by reporting a critical issue to a public bug bounty program.
Bug-type: Android vulnerability
Full write up & PoC will be published on my private channel.👌
After Three days from now, the subscription will be $50 instead of $40, Come soon if u are interested.
5 241
Soon, the price of the private channel will be $50, Instead of $40 , regarding what is published at this time , and what it will be in a future.
If you are interested, Join soon before increasing the subscription.
Regarding details: t.me/a7madn1/141
Again, No discount available/will available. A few days many hackers joined with a full $40 , I can't make a discount and other hackers joined with a full subscription. (It's not fair)
#bugbounty #hacking #teach #cybeesecurity
5 241
+1
Yeah, I got €€€ for my submission. I'm happy to secure new Bug Bounty program.
Write up, Soon.
#bugbounty #hacking
5 241
+1
Alhamdullah, Bounty morning $$$.
Bug-Type: Critical IDOR in Review Submission API Allows User Impersonation Via UserID parameter.
Full Write up: 👇
#bugbountytips #bugbounty #hacking
5 241
+1
Yeah, Alhamdullah I got new €€€ for my submission.
Happy to secure a new BBP🫡
Bug-type: DDOS attack
All write ups will be published here, Stay tuned.
#bugbounty #cybersecurity #hacking
5 241
Yeah, Alhamdullah I got €€€ for my submission.
Happy to secure a new BBP🫡
Bug-type: DDOS attack
All write ups will be publishes here, Stay tuned 🫡
#bugbounty #cybersecurity #hacking
5 241
I'm very happy to see like this message in the morning ❤️
Yesterday A new member joined my private channel, And he said :
He really likes My private channel and it's very helpful, Alhamdullah
5 241
Alhamdullah, I have shared the video record 7 of ATO playlist vulnerabilities, explaining some of Auth Bypass Vulnerabilities.
For My ATO playlist vulnerabilities, I focus/will on everything/most scenario that leads to ATO, after I finishing this playlist, it's will be a lot of real write ups (explaining a lot of write ups that leads to ATO , And how you can getting it in your targets , and getting $$$$, InShaAllah).
For Subscribe and joining my private community 🫡 All details published here: t.me/a7madn1/141
Regarding who can't subscribe, he doesn't have money.
On my public channel, soon I will publish more real write ups.
So you can stay tuned.
Best Regards,
Ahmad
5 241
In 2024 I submitted the same bug, captcha protection bypass to one of a public BBP , AND I got $1250 for my submission.
This bug, not all companies are interested in receiving it, but also many companies are interested in receiving it
5 241
The second write up/Easy tecnic $$$
Steps to Reproduce:
1.Identify multiple contact forms across different domains.
2.Observe that all forms are protected by CAPTCHA.
3.Modify the endpoint by changing the language (e.g., to a Switzerland/alternate locale), resulting in a valid endpoint /_vcp/test/_test/kontaktprocess/ (Changing contact To kontakt).
4.Submit a request with the captcha parameter set to an empty or NULL value.
5.Observe that the request is accepted, successfully bypassing CAPTCHA validation.
6.Repeat the same steps across other domains with similar configurations.
7.Confirm that CAPTCHA protection can be consistently bypassed across multiple domains.
8.Submitted, Rewarded $$$.
#bugbountytips #hacking #hackerone
5 241
+1
Alhamdullah, I got my second bonus $$$ on a public bug bounty program.
Happy to secure a new BBP.
Soon I will share my second Write up. EASY TECNIC 😅.
#bugbounty #hackerone
5 241
First Write up:
Yeah I got $$$ by reporting a critical IDOR / Authentication Bypass to a public bug bounty program.
Steps to Reproduce:
1- Register an account on test.com, and login into the account.
2- Navigate to a course URL
https://www.test.com/courses
3- Click on any courses, and click the register course, it will be successfully added to your profile account.
4- After a few days I received a link from test.com, in order to see the course.
5- Yeahhh, I have found this full URL:
https://test.com/course_name/?partnerref=test®check=test@gmail.com
6- Now, the attacker scenario:
1. Go to this full url https://www.test.com/courses/Course_ID/?partnerref=test®check=my_acount@example.com
2.Modify the parameter to:
regcheck=victim@example.com
3.Access to the URL, Click Register Now.
4.Observe Full unauthorized action performed on the victim’s account.
Impact:
Full Unauthorized action on Victims account with zero user Interaction.
5 241
+1
Alhamdullah, I got my first Bonus on Hackerone 😋.
I will share all the tips regarding my last bugs on Hackerone here.
Stay tuned.
#bugbounty #hackerone #cybersecurity #infosec
5 241
+1
Let's back to Hacker one, And fuck again the external programs 🔥
I'm happy to protect three New Bug Bounty programs.
I Will share write ups here soon🫡 waiting my $$$$😋 Alhamdula
5 241
Yeah, I got $$$ By reporting two critical vulnerabilities to a new company 🤝🔥.
The CEO gave me this wonderful feedback:
Thank you again, Ahmad. Researchers like you help make products safer for everyone.
Who is interested in learning Real Bug Bounty or ethical hacking:
Who don't know what I'm doing now, I have a private channel for real hacking, bug hunting, I have started the first playlist with Account take over vulnerabilities (ATO), I now just published 5 videos, I suggest anyone interesting in real bug bounty tips, videos, real learning , to joining my private channel. Now I'm explaining how many real attacks can lead to ATO, and you will be able to get many bounties by Discovering what I published/will publish there in your targets.
You can read all the details here:
t.me/a7madn1/141
t.me/a7madn1/213
