uz
Feedback
Ahmad Yussef

Ahmad Yussef

Kanalga Telegram’da o‘tish

Ranked Top 280 On Google BBP🎉 Security Content || Bug Bounty DM me to join my private channel: @a7mad_n1

Ko'proq ko'rsatish
5 240
Obunachilar
-124 soatlar
+187 kunlar
+6430 kunlar
Postlar arxiv
Alhamdullah I got a new bounty $$$ 🎉. Bug-Type: Critical Cross-Brand IDOR in Form Builder API Allowing Unauthorized Form Cre
+1
Alhamdullah I got a new bounty $$$ 🎉. Bug-Type: Critical Cross-Brand IDOR in Form Builder API Allowing Unauthorized Form Creation in Other Brands Write up: Today 👇

Great to see people like this. This Guy joined my telegram channel a few months ago, the subscription was $24, he created an
+1
Great to see people like this. This Guy joined my telegram channel a few months ago, the subscription was $24, he created an account, and joined my telegram channel, he and his friend used the same account to access the private channel. Instead of paying $48, they just paid $24 without letting me know two people are using the same account to access the private channel. After some time, he saw it's a Good channel, and what they Do is Haram, Cause I'm trying my best to make it to be very good, He contacted me again and paid another $24. The Idea is not about a small amount of money or big money, the idea is that you shouldn't do anything Haram. Great to see and collaboration with like this person's 🙏 I just wanted to make this as post 🫡 Thanks for reading 🥰 Ahmad

#bugbountytips: The Second Write up Critical IDOR on contact management endpoint Steps to Reproduce 1- Create two separate ac
#bugbountytips: The Second Write up Critical IDOR on contact management endpoint Steps to Reproduce 1- Create two separate accounts: Attacker and Victim. 2- In both accounts, create an Event and add at least one contact via: https://test.com/dash/{event_id}/promote/contact/id 3- From the Attacker’s account, edit one of their own contacts and intercept the save request. 4- Change only the contact ID in the URL from the attacker’s contact ID to the Victim’s contact ID. 5- Send the modified request. The victim’s contact details are successfully overwritten with the attacker’s data. Impact An attacker can full arbitrarily modify or overwrite any user’s contact information across different events.

Bounty morning, Yeah Alhamdullah, I got a new bounty $$$ 🎉. Bug-Type: Critical IDOR Allows Arbitrary Modification of Other U
+1
Bounty morning, Yeah Alhamdullah, I got a new bounty $$$ 🎉. Bug-Type: Critical IDOR Allows Arbitrary Modification of Other Users' Contacts I will share the write up today 👇.

#bugbountytips: One of my recent critical vulnerability, that leads to Full Source code Disclosure , some of the information
#bugbountytips: One of my recent critical vulnerability, that leads to Full Source code Disclosure , some of the information that is exposed: ANTHROPIC_API_KEY OPENAI_API_KEY DATABASE_URL Tips: Add this Full endpoints to your checklist 1- https://api.test.com/v1/alias/boots/VOTelCollector 2- https://api.test.com/v/boots/VOTelCollector Extra Tips: Always do a very hard Fuzzing on all versions of the API. Example: api.test.com/v/boots/FUZZ api.test.com/v1/boots/FUZZ api.test.com/v2/boots/FUZZ Etc.. I will complete sharing a lot of write ups soon👌👌

Alhamdullah, I got a new bounty $$$$ by reporting a critical vulnerability to a new BBP. The write up will be published here
+1
Alhamdullah, I got a new bounty $$$$ by reporting a critical vulnerability to a new BBP. The write up will be published here soon.

Congratulations 👌
Congratulations 👌

Alhamdullah, bounty morning, yeah I got $$$$ by reporting 10 security Vulnerabilities. The company gave me an extra $$$, for
+1
Alhamdullah, bounty morning, yeah I got $$$$ by reporting 10 security Vulnerabilities. The company gave me an extra $$$, for my professional disclosures🫡🩵 All write ups, will be published here soon. #bugbounty #cybersecurity #hacking

Meta has been cooked 😂. That’s why Google Bug Bounty is better than Meta Bug Bounty. Meta often provides poor responses and
+1
Meta has been cooked 😂. That’s why Google Bug Bounty is better than Meta Bug Bounty. Meta often provides poor responses and weak analysis when handling vulnerability reports.

Hi Guys, I need help, who knows this body? , he is from Egypt, his profile https://www.facebook.com/share/1DQSDPxxAg/ Please
Hi Guys, I need help, who knows this body? , he is from Egypt, his profile https://www.facebook.com/share/1DQSDPxxAg/ Please who can help, DM me as soon as @a7mad_n1

1️⃣ The bug is a Prompt Injection vulnerability. 2️⃣ An attacker could ask Meta AI to take over victim accounts and bypass 2F
+1
1️⃣ The bug is a Prompt Injection vulnerability. 2️⃣ An attacker could ask Meta AI to take over victim accounts and bypass 2FA protections. 3️⃣ Meta reportedly fixed the issue after numerous high-profile accounts were compromised. 4️⃣ The attacker later tested the same attack using a different language (e.g., Arabic) and successfully bypassed the protections again 😂😂 The bug still appears to exist (you can test it yourself) 🤣 #bugbounty #hacking #cybersecurity

Alhamdullah, I got $$$$ by reporting 4 security vulnerabilities. bugbountytips: When hunting auth bugs, spend as much time on
+1
Alhamdullah, I got $$$$ by reporting 4 security vulnerabilities. bugbountytips: When hunting auth bugs, spend as much time on account recovery as on login. Password reset flows often contain overlooked vulnerabilities that can lead to full account takeover (ATO). #BugBounty #ATO #SecurityResearch

PoC

Account take over on Instagram How attackers steal your account nowadays: - Credential stuffing ❌ - Brute force attack ❌ - Ju
Account take over on Instagram How attackers steal your account nowadays: - Credential stuffing ❌ - Brute force attack ❌ - Just ask Meta AI nicely ✅ I think the AI will make a lot of bugs, and will make Bug Bounty for us very easy!😂🤣

Eid Mubarak everyone ✨❤️ InShaAllah, may all of you achieve your dreams very soon 🥳❤️ Wishing you happiness, success, and beautiful moments with your loved ones. Best regards, Ahmad

I really want to post this message. I have made a good opportunity for all Hackers members, regarding the subscription, I have first made a good discount for Indian,Iran people, And from Gaza some members joined with free subscription, And I have made many times a discount for all members regarding the subscription. But now please respect the subscription now is $50, some members after two days messaged and want to join with $40, but sorry Honestly I did my Best. And just want to post new information, I Don't share my bounties to a public, all I shared it's not 1% of my bounties that I got (So I'm Not a shown hacker, I don't care about sharing always my bounties to public). And in the private channel I share more and some times full reports & full PoC , but I can't share this to the public because of security reasons. So, if you joined to my private channel, you will InShaAllah be more beneficial. But in this channel the post will be limited, because I can't share like Full PoC to the public regarding the policy of the Bug Bounty programs, etc.. But InShaAllah soon will be here also some good Write ups techniques on bug bounty. Regarding the private channel: 1- Please respect Now the price of the subscription is a $50 Lifetime subscription. 2- I only accept, Crypto & PayPal, And for Egyptians I can accept Vodafone & Insta pay as well. Thank you very much🙏 Ahmad

Just clarifying: I don't have any tools for sale,I don't sell any tools. This is just a meme😅

True🤣 All u need be patient And buy my tool😂
True🤣 All u need be patient And buy my tool😂

Hi hackers, Just some hours and the full subscription will be a $50 Lifetime. Instead of $40. This is the final remembered message. And soon, I will publish some good Write ups here🫡

Tomorrow will be the last day for a $40 lifetime subscription, after tomorrow it will be a $50 Lifetime subscription. DM me s
+1
Tomorrow will be the last day for a $40 lifetime subscription, after tomorrow it will be a $50 Lifetime subscription. DM me soon, if you are interested