Reeboot_to_init5
@ReebootToInit5
Followers
3,655
Following
310
Media
493
Statuses
6,809
Just another NooB Hacker🫡 Hakuna Matata ☠️
India
Joined May 2017
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
İran
• 516637 Tweets
Argentina
• 404124 Tweets
Kyle
• 266250 Tweets
Shapiro
• 220459 Tweets
Sunderland
• 141482 Tweets
Enrique Márquez
• 114558 Tweets
オフサイド
• 104474 Tweets
Francia
• 95175 Tweets
スペイン
• 94450 Tweets
#ErdoğanınYanındayız
• 80012 Tweets
Emily
• 68747 Tweets
Mascherano
• 65103 Tweets
İmamoğlu
• 60623 Tweets
Julian
• 60027 Tweets
Ron Paul
• 47334 Tweets
Arabia
• 43503 Tweets
#FRAARG
• 38019 Tweets
Angola
• 29999 Tweets
Game Informer
• 29115 Tweets
Fresh News for $XRP Holders
• 27137 Tweets
Hepimiz Erdoğan'ız
• 25090 Tweets
Joshua Cheptegei
• 20043 Tweets
BAUTISTA EN EL GRAN REX
• 19375 Tweets
準々決勝進出
• 18919 Tweets
Equi
• 16549 Tweets
Zenón
• 16470 Tweets
Mateta
• 16351 Tweets
Simeone
• 16263 Tweets
#バレーボール男子
• 15682 Tweets
Gabriel Sara
• 14118 Tweets
Almada
• 13455 Tweets
Otamendi
• 13056 Tweets
FGOフェス
• 12480 Tweets
Grant Fisher
• 10862 Tweets
Echeverri
• 10664 Tweets
Harmeet
• 10377 Tweets
منتخب مصر
• 10147 Tweets
How to Apply for a Job ??
"HACK THEM" before you apply.
And along with your CV send them the report too😎.
99.9% it works
#bugbounty
#infosec
#Ethicalhacking
#CyberSec
47
51
444
I have made more than 200000$ from SQL Injections.
Here's how I made it
1/n 🧵
27
47
267
Since he got 11 of his submissions marked duplicate and NA , he has decided to change his career now.
#hackerone
#BugBounty
🤣🤣🤣
46
23
242
Today i found something interesting
A Server Side Javascript Code Injection
Looks LIT🔥🔥.
Server delayed the response for 30 sec...you change the values the delay changes.
#BugBounty
#bugbountytips
4
29
237
If you ever find a jfrog panel ... Always check /ui path or the shown path below...it might reveal lot's of artifacts containing critical data✌️.
The severity will be high 👀
7
44
220
Vroooo
@ADITYASHENDE17
finally bypassed the Akamai WAF and exploited the Boolean based SQL😜😜..
Thanks for the tampering suggestion 😂🙊
7
26
199
I just published Pawning Half A dozen of Admin Panels & User Management Apps And Reporting 9–10 P1 in a day.
Here is how I reported around 8-10 P1 in a single day
#bugbounty
#bugbountytips
5
65
181
Sometimes SQLmap and ghauri both act as dumb tools
I clearly have an SQLi and both tools failed to exploit it 👍
19
8
175
Ther are 7 parameters in the URL....all of them vulnerable for RXSS😂😂🤣🤣....this is legendary 😆😆
#RXSS
11
8
164
Recently found an account takeover in Facebook
Okay so listen carefully
1. Type the email id of the victim
2. Click on forget password
3. Invite the victim at your home for some tea/coffee
4. Beat the shit out of the victim until you don't get their phone.
5. Reset the password.
22
14
165
I just published Story of A Massive Hack. Hacking almost every user of an organization
@ADITYASHENDE17
@e11i0t_4lders0n
@thakare_prateek
@aish_kendle
@MrRajputHacker
If you want can give it a read. probably you will find it intyresting.
#Hacking
4
49
140
My gf is unbeatable 😂😂❤️
she is literally soooo far awayyyy from cyber security ... doesn't even know the C of "Cyber Security" yet sent me this....because all she knows is that i am in this field.this is the best resource i have received till date😂😂❤️😎
22
5
138
Inspired By a few people.
I did a little good in the past few days,
Dropped 9-10 P1 and all got accepted except 1.
Thanks to everyone who is an inspiration for me
Specially my buddies
@ADITYASHENDE17
@MrRajputHacker
Also
@GodfatherOrwa
(thanks for your tips on twitter ❤️)
12
6
139
I recently got a 4 digit Bounty amount 😍😍😎.
A 1000$
You can also exploit here is how. Steps to reproduce.
1- go to PayPal
2- Open two accounts.
3- deposit 1000$ in one account.
4- now transfer 1000$ into the second account and take a screenshot.
5- Post it
#bugbountytips
😎
10
2
117
@ashoklalla
@ianbremmer
But the above one is in structure....in India people build their houses anywhere and it looks like nothing more than a mess
1
0
112
Hey guys stop tweeting your Bounty screenshots here and everywhere. Someday Indian govt gonna notice it and will implement 63% tax on it.
And you will have to pay even if it's Dupe🥲😹. Be careful 🤫
#bugbountytips
#bugbounty
#Budget2022
10
17
114
The moment I saw the request...i knew I was gonna exploit it. I couldn't believe that they were passing the SQL queries on request.... however they tried hard to hide this request.
Tip - always check loggers and try to intercept as many requests as you can.
#SQL
#sqlinjection
4
8
113
I am gonna find 1 vulnerability in epic games in the next 3 days , or i won't hack for this entire month 😤😤.
If it is accepted I will be giving 1 pentesterlab/pretty recon to 1 person 🥸
It's me vs me .....plus epic games😤😤... let's do it🎉
25
4
104
I just published Chaining Self Blind XSS with Broken Access Control To Make it Non Self Blind XSS
I guess this one was fun😃😅
7
37
100
Fu*k the WAF game is too strong 🥲👀
The only way to left to get the DB is to point a gun on admins head and ask him to disable the WAF 🤷
#SQLi
12
3
98
9
5
94
@anishbakshi
@kadaipaneeeer
His ultimate goal is to feed children and the poor by whatever he does and it takes courage....so aapse req hai bkwass na kre
3
0
89
When you get blocked by any kind of protection mechanism or WAF
Next time try this
This is something which the developers or internal employees of the company uses.
@MrRajputHacker
@ADITYASHENDE17
Give it a try sometimes 😉😉
#infosec
@bugbounty
1
16
85
I don't care about it being duplicate, but i am liking the speed of the traiger....45 seconds 😂😂🤣🤣
15
1
82
Lol😂😂😂..... safety expert it is🤣😝
What a great safety expert 🤫🤫
10
1
74
Me after putting 263 Blind XSS payload everywhere,.... trying to find out which one and from where did it execute 😂😂👀
#bugbounty
8
5
78
My friend watching me put anything in the feed back form and asking me have you lost your mind ?? Why are you coding in the feedback form??🤣🤣
("><script src=></script>)
Me -coding this Java script everywhere gives money 😂😂
#BugBounty
3
3
77
There's a small vulnerbilty of HTML injection that i have found a lot when it comes to signup somewhere or invite users from their email.
Way to exploit
1-in the first name parameter put the HTML payload something like <img src="https//malicious website dot com">
#bugbountytips
1
21
72
The application has added one param which is txt , this is basically being used for tracking the user IP ,
But also is beneficial for exploiting an SQLi 😜😜... here's to one more SQLi
Check all the params , you never know 😉
#SQL
#bugbounty
#bugbountytip
3
11
73
One of the best writup on Cross site Web Socket Hijacking (CSWSH).
Where we can escalate it to account takeover.
.
#bugbountytip
#bugbounty
0
23
72
Have anyone Ever reported something like an Unauthenticated Password change to some org😂😂🤣....I can Literally Brutefroce Current password for thousand of users and change their password
@MrRajputHacker
@ADITYASHENDE17
Piro Logic by Dev😜
#Bugbountytips
#Bugbounty
12
9
69
Sometimes your Stored XSS payload doesn't get triggered But,
It can do something else , it can crash the application.
Well this is how
After login , in email parameter in the account provided the payload
"onclick=prompt(1)><svg/onload=prompt(1)>"
#bugbountytips
#infosec
3
11
71
Can anyone confirm if it means that it has actually come from internal systems and the IP being disclosed is internal??
#BugBounty
10
5
67
Just hit one BXSS.
Had an option to add an entity in my account ( the entity i can't disclose) ...added multiple entities with BXSS payloads and then invited another user with one of the entities...the user logs in using the invite and the payload fires(entity name is vulnerable)
7
7
66
4
7
65
Meet satoro gojo of Bug Bounty😜🤝
I guarantee he is coolest bug hunter you can ever meet - Funny+ cool+ Zero ego ❤️⚡️
@krishnsec
6
3
67
The recent CVEs found by assetnote on Service now ,
Well don't bother trying to find out in BBP programs, it's almost patched everywhere 🤣🤣💀
4
5
65
What is this behaviour ??🥺
Interviewer - What will you do if you found SNMP port Open??
Me - Will Google it
Interviewer -
Me -
I don't understand why did he cut the call in middle of the interview 🙄😐
I mean that's how we hack things right??
Googling??🙄🤷
#infosecurity
6
3
61
I created my own application and connected it to a DB, i exploited a time based SQL injection, then emailed it to my other email ID.
From my other email ID , reverted on the email that this is indeed a valid finding and then awarded 200k$ in bounty.
Waiting for the bounty 🥳
10
3
61
Don't ever doubt a Hacker!!!
We can destroy a database just to find our our crush Mobile number 😭😂😂😎.
But always stays Ethical 🙋
Mereko to mil gaya crush ka number 😂😂
baki ke 8-10 lac numbers ka kya kru frndss??
#infosec
8
6
57
Exploited a quick blind XSS,
There is a portal , for you to register you have to send your full name and your email id.
There is an option to write a comment explaining why you want that account.
Put a Blind XSS there and it gets executed within 2 minutes 😍
#bugbountytips
3
4
59
Finally i bought the white colour 😁😁🥰🙌
I think 4 are enough 😎
15
0
60
What a shame
@bounceshare
I reported a critical vulnerability and your team fixed it without even replying to my emails.
No one's gonna trust you guys even if you are running a BB program. Remember that you are cheating with researchers where you sink in the future.
12
5
57
So i sent an XSS report to the Dev team in my org, and they fixed it really quick and sent it back to me for revalidation
The fix
<script>alert (1)</script> --> 403
Same payload URL encoded - Pop up😂😂😂
3
1
56
Nothing specific about Cyber Security
But these people have amazing personalities and are very grounded.
Would like to give a shout out to the best people I have met online.
@krishnsec
@ADITYASHENDE17
@bug_vs_me
@MrRajputHacker
Retweet if you agree/comment your fav ones🥳
6
7
54
This blocker is a living proof that sometimes, how unfair a program can be 😂😂
@Bugcrowd
Lol it's been 5 months and the customer didn't respond to the RAR🤣🤣
Deep down they know they were unfair ☠️
2
1
55
Hi infosec community and hackers.
I need a little help from the community.
One of my colleagues dad has been in ICU for weeks and his condition is critical. We have already invested more than we had and now we ran out of money. We are raising funds for his treatment.
#infosec
1
22
52
Creating users with Usernames like
Admin
And keeping the password as
Admin , Admin
@123
,
If the application allows , it's fun, someone's gonna report it as default credentials 🤣🤣🤣
#bugbounty
11
1
52
Sometimes i feel i know nothing... nothing at all ...not even zero , I am in minus actually in infosec.
Got a JD for a Job in infosec and my mind is totally blank.
Feels like i am so behind of everything 🥺🙄.
Here is the JD in the thread below 👇
7
8
51
Blind XSS is so much fun and tricky sometimes,
You will have to wait for it to trigger.
And these were present very deep in the application, i am literally crying trying to create video POC🥲🥲🥲
Can someone suggest a good way to remember where we exploited it ??
#BugBounty
5
3
49
50 years from now , lying on my bed breathing my last moments and someone asks
Any last wishes??
Me - Give me my laptop and an application, want to exploit an RCE👀😂😂😂
#bugbounty
#hacking
2
5
49
20 Hours, $18, and 11 Million Passwords Cracked by Alice Henshaw 😍😍😍
0
13
49
Whenever I open twitter
There are 2 mandatory tweets that I see
1st from
@bug_vs_me
saying congratulations 🎉 to hunters
2nd from
@sachin_pandey98
saying
🔥🔥🔥 to hunters
I don't close twitter until I have seen these both😜😜🤣
15
0
49
How to make BXXS critical....well put in on the employee management system or HRMS😝😝😝...have everything from UN number to PAN card😅
#bugbounty
#XSS
3
2
45
I just published Breaking Into Banks
0
15
47
I thought i hit a jackpot....but ....then the documentation came where NPM accepts their users revealing their email addresses and NPM usernames 🤔
3
4
47
I just gave an interview and the interviewer was not ready to accept that there's something called RCE and DNS exfiltration via SQLi
Now i am depressed AF, because i have literally exploited it a few weeks ago
Idk wtf i did exploit then🥺🥺🤷...i am going back to basics 🥲
5
1
46
In October 10 of my reports were marked NA(Blindly) , my 13 of reports got duplicated, 42 reports were rejected and finally 21 were ignored and I got frustrated 263 times.
#Together
we get depressed harder 💪💪👽
8
1
47
Does everyone think implementation of a 6 digit OTP is safe and enough??
Took 45 mnts and 30k request to bruteforce the correct OTP🫡
8
1
46
Find something in services and then enjoy Exploiting it in tons of organization 😅👀
A full read SSRF
#SSRF
3
5
44
I can say i have been fuzzing like a noob, today i found out how to fuzz✌️🔥....and what can be acevived through fuzzing 🔥
11
4
44
Woke up and saw I have Lost around 12k$ in liquidation yesterday 🥲👍
But I know my stupid self, it won't stop 🥲
#BTC
46
4
35
WebSockets not Bound by CORS? Does this mean… by Drew Branch
Something We rarely Hunt. But is present almost everywhere.
@thakare_prateek
@aish_kendle
@ADITYASHENDE17
1
19
41
Submitted a vulnerability on H1, and it's been 20 minutes I haven't received the notification which says it's duplicate.
Seems will get good news🤣🤣🤣
5
0
42
Submitting an Admin panel takeover.
Hackerone - the panel doens't belong to the org.
Me - could you please ask the org why the Cname is theirs if it doesn't belong to them?
Hackerone-they denied ... it's not theirs
So wondering..is it possible to run panels using other's Cname?
7
5
39
To the people commenting bullshit,
1- he is way above your level, beat him then talk bullshit.
2 - he owns all the screens with his hard work , he can do whatever he wants, be it wireshark , pornhub or printing your entire career on that screen🥱
#Be
humble
3
0
40
@HusseiN98D
Hey man a lot of people do look up to you as inspiration, but this post is totally not justified. You are asking everyone to stand up for palastine, give me a reason why??
I didn't see any post from you when Hamas raped and killed israili women and childrens.(civillians)
26
0
39
And it has started from here....MVP for the the first time 😎😎.... let's make it big this year😎😎
Thanks
@Bugcrowd
#bugbounty
4
2
41
I still remember your 7500$ SSRF video that made me so curious about bug bounties.
Thanks for your huge contributions to the community stok, wish you all the best 🙌
3
1
39
From the early days of college I heard about how expensive it is to buy a house in Mumbai , even if it's 1BHK.
after years of hardwork,dedication and support of my family& friends
Finally managed to afford a WiFi connection from where i downloaded this beautiful house picture ❤️
16
0
39