Yay, I was awarded a $21,000 bounty on
@Hacker0x01
! For Unauthorized access to corporate portal.
Site=>302=>company SSO
Site/reports=>200=>product login page
Default creds=> Access
#TogetherWeHitHarder
Github Recon & Sensetive Data Exposures video for
@Bugcrowd
university is up
Hope it will be helpful for new BB hunters and adding more value for current ones, This is for the bug bounty community :)
#ittakesacrowd
#bugbounty
This is a summary for what i discussed with
@NahamSec
in our latest
#twitch
stream about my recon process, that will be easier for you as you might mess some when you watch the video later on.
Thanks Ben, what you do for community is dope
#bugbountytips
Even bug bounty hunters deserve an unpaid leave sometimes 😅, Its been a really hard and stressful period the latest 3 months with the lockdown and bug bounty, recovery is always needed to stay healthy and focused, i need to take a rest for a while and leave computers .. 🙏
There is a ton of bug bounty programs out there, its really simple logic, if u want money go and hack the ones that pay, if you hack for fun enjoy the vdp and swag programs.
Companies are free to define their rules and you are free to choose what suites you.
#bugbounty
#nodrama
Its been a month with no motivation for
#bugbounty
, every time i try i ens up on youtube watching how anaconda attacked the deer and how a brave monkey faught a big python 😂
Thread
#bugbountytips
:
Many companies use SSO like okta/onelogin to mange access to their important portals or use their own sso like "sso. company. com" for the same reason, as a bug bounty hunter your aim to find extra assets for the target specially ones no one found.
So I have been going deeply on Android hacking in the last week learning LOT of stuff, thanks to wizard
@_bagipro
blogs & and his service
@OversecuredInc
I got the 1st bounty (2k) for a working password i haven't found before using other tools,Try it & LEARN from it.
#bugbounty
Read almost a 100 page PDF to find an endpoint on a 404 response host, it downloads a jnlp file you open with java and gets login for the product, weak credentials, logged in, Full control as admin on almost 9k devices for the company, triaged as critical..
#bugbountytips
1) Amass one of the new target domains, nothing good
3) Search github and found a subdomain "k8s"
4) The site responded with K8s clusters names & details
5) Added the names to altdns wordlist, Run
6) 4 subdomains appeared & unauthorized access to K8s Dashboards 😅
#bugbountytip
This is gonna be awesome, if you want to know more about recon and being unique in attacking your targets ensure to join us tomorrow ;), Let's Get Ready To Rumble!!!
#BugBounty
#infosec
Check out who's coming on my stream this Sunday 😱I hope you're all as excited as I am!
@Th3G3nt3lman
has received a bunch of max payouts on different public programs on
@Hacker0x01
and I want to know he does it.
Some companies rely on cloud services specially in that period for remote work, so when you look for credentials on github and similar services remember that 😉
examples:
"centrify. com" password
"service-now. com" password
You can try send_keys keyword also.
#BugBountyTips
For those who wants to master burp suite and want to get the best value of it, this is the training that you should attend, invest in yourself, with the best mentor ever
@Agarri_FR
#bugbount
#burpsuite
#infosec
You find creds leaked on GitHub, gets full access to org okta instance with many apps, gets paid max bounty and P1, you recheck after 3 months and realize user changed only "number" in his password, and you got access again , closed as N/A, is that right or fair ?
#BugBounty
Don't forget to see that stream, heard that
@codecancare
already automated the interview using AI, answers will be given to
@NahamSec
by his bot automatically while he is in other place hacking 😁
I'm back for one last interview this Sunday before I go on break next week! A lot of viewers have been asking for
@codecancare
as a guest. Well here's your chance to learn about his approach and to ask him your questions!
Sunday | 11:00 AM PDT
I am seeing a lot of valid credentials pasted on GitHub daily enough to compromise companies through 3rd party portals, such as :
"%.snowflakecomputing.com"
"%.atlassian.net"
and the list goes on (jfrog,slack,snow,okta)
Why it's hard to use private repos ? 😐
#BugBounty
Feeling happy working on a video module about "Using github in recon & find sensitive stuff" for
@Bugcrowd
university, alot of people spoke and wrote blogs about it, mine will be practical on a public target, sharing my way and my best submissions about it 😊
#ittakesacrowd
-Got invited to a private program
-One of targets was a website with empty page
-Directory/file bruteforce results were zero
-Searched for the host on github
-Found an endpoint for a login page
-admin/admin 😐
- PII , CC details 😅
#BugBounty
This amazing guy here just share knowledge and spend time to let you all become better hackers without expecting anything in return, not a lot of people do this, all respect ben 👍
I have been trying to make more original content lately so I set some time aside this week and made a quick video on "Setting Up Your Ubuntu Box for
#Pentest
and
#BugBounty
Automation". Check out the video here:
LMK if you want me to do a specific topic!
Looking at
#VirSecCon2020
and seeing
@NahamSec
with those amazing guys dropping knowledge with support of all "BB platforms" for a noble cause is just WOW .. no competition shit no marketing only for the community.
Thats the "True" meaning for
#togetherwehitharder
@intigriti
TIP:
1- check those dorks in github, you will always find somthing interesting
"Company name" language:python
"Company name" language:bash
2- keep monitoring js files for changes to find new endpoints
3- bruteforce and search for hiddin js files other that whats called in app.
I am happy and excited to share that I joined Legacy Technologies GMBH today as a Head of Cybersecurity working closely with a great team to to empower the company and its products in cybersecurity market.
Me and
@damian_89_
are teammates now 😉
This amazing guy helped me learning ton of stuff, his disclosed bugs in Starbucks, his blog and unique findings, a diamond in the big bounty community, here is his blog if u don't know it
#BugBounty
#infosec
Report submitted as medium , the amazing team of paypal changed severity to critical 😬😍.. 3rd critcal in the last two months ..
#BugBounty
#togetherwehitharder
I am very glad i had the chance to participate in
#h12006
and collaborate with very nice people like
@_jensec
and
@MrTuxracer
, learning & speak to many other nice hackers, and also managed to get non duplicate bugs accepted, i would love to do that again in future
@Hacker0x01
Ok, this is a must watch and follow.. shubs blogs and tools helped me becoming a better hacker long time back, here is one example of unique approach he used with
@nnwakelam
success is not easy, hard work in background.
#BugBounty
I've recently started making videos to share all of the things I have learnt doing bug bounties over the years. I promise I wont hold back, and I plan to bring more transparency to bug bounty successes. Please share, like and subscribe!
Unpopular Thread :
@Alra3ees
is a very nice person and respectful human being, always been sharing tips with community, never disrespected anyone , proof is his profile, he made a mistake yesterday posting a profile and asking people to follow which appeared to be a parody
@intigriti
Dont trust SSO implementations, if you face a target with 302 redirect to SSO pick a wordlist and scan folders/files before redirect, you will find reachable stuff and data makes SSO useless.
So if you are having a trouble in any step during your recon open
@TomNomNom
github page, its like he predicted all the problems you might face and prepared a tool for it 😬
I've been working a alot lately with
@Hacker0x01
triagers "nochnoidozor" & "still" on multiple reports, i gotta say both were amazing and very supportive, dont know who you are in person but i really appreciate your work.
#BugBounty
Last two days been busy submitting a lot of reports on
@Hacker0x01
and
@Bugcrowd
with friends collaboration also, i cant describe the pressure as a reporter, big salute for all triage team, liked it or not its really a hard job being between researcher and clients.
#BugBounty
My laptop died, and I need new one for penetration testing BB, I have never used MacBook and don't know if I will be able to easily use it, what's your suggestions guys for a good laptop? Price is not important I need a good one.
I have a lot of friends in the hacker/Bugbounty community, there is lot of amazing talents out there that I worked with, but if you have never collaborated with those two monsters you are missing a lot :
@damian_89_
(sharp & unique)
@restr1ct3d
(clever & special )
#BugBounty
inurl:fisheye AND inurl:changelog -site: -site:
inurl:crucible AND inurl:changelog -site: -site:
Lots of interesting fisheye/crucible code commits and reviews.
#bugbountytips
This guy literally copied pasted my disclosed report to snapchat😐 even my replies 😮 there is a sensitive data but actually no github token in this.. happy people are getting rewards but they should read and understand what they send.
@jobertabma
I made 13,500$ USD in
@Hacker0x01
my first year and 900$ in
@Bugcrowd
, very proud of it even though it looks like nothing comparing to others, but this helped me doing a lot of stuff and helped me putting my kid in good school , already mentioned that before :) so thank you
Ladies and Gentleman!
It's showtime!
Hurry, hurry, step right up!
Introducin' the star of our show, his name is
@zseano
You wouldn't wanna be anywhere else in the world this Sunday
So without further ado, Ben brings to you
@zseano
😬
😱😱😱
@zseano
is joining me on my stream this Sunday and we have a lot to talk about. I’m excited to see what makes zseano’s approach so unique and how he looks for bugs when he’s hacking!
So now i open hacktivity to check reports and my son tries to catch the head, with all games he has he just enjoying this so much, told him this is
#hackerman
😂🤣
@Hacker0x01
I dont like to block anyone, but when you tell me you have a home because of
#BugBounty
and u need my help to hack for you to get the furniture i will block your whole family ! I am not ikea..
#BugBountyStories
Hi! I'm extremely honored to announce that I'm going to be interviewing top hacker,
@Th3G3nt3lman
, for a video on my YouTube channel! If you've got any questions for him, let me know and I'll pick the most interesting ones!
Great interview with
@infosec_au
, One of the most intelligent, solid, unique and respectful researchers in this space .. a pure gentelman.
I can say I learned many stuff from shubham when I started my BB journey and still.. all the best my friend.
#BugBounty
#bugbountytips
Source code review and finding 0days are bug bounty areas that are particularly interesting to me. I couldn't find anyone better to talk about them than one of my authorities -
@infosec_au
. Enjoy the podcast!
My path to
#infosec
> Started using computers at 12
> Got into satellite receivers hacking at 14
> Went to jail for using internet through satellite Card on computer at 16
> Networks and VOIP specialist for many years
> Whitehat and hacking again at 29
> Security advisor now 😬
-Got invited to a private program
-One of targets was a website with empty page
-Directory/file bruteforce results were zero
-Searched for the host on github
-Found an endpoint for a login page
-admin/admin 😐
- PII , CC details 😅
#BugBounty
This is not the first time i see this, bug gets triaged and payd within 30 minutes in
@Bugcrowd
..
No. 63 overall and still my 2018 target to be in top 50 😎
#ItTakesACrowd
#Edis_The_Octopus
👍
Hey
@NahamSec
,, what do you think about bringing the reason of our happiness, the clever mind behind
@Hacker0x01
the extraordinary
@jobertabma
to your live streams 😁 ? i am sure 100% no one will disagree :)
Very proud of my achievements in my 1st event ever, and biggest achivment is getting to hack with julien, such an amazing event, thank you
@Hacker0x01
&
@PayPal
Wow, so
#h12006
was an incredible journey! I had the chance to collaborate with the super smart
@Th3G3nt3lman
and we managed to grab all the "Share the Load" bonuses 😎
Thanks
@PayPal
and
@Hacker0x01
for organising such an awesome event (again)
#BugBounty
When program don't appreciate your RCE, get another one and throw aliases in the server that all result in VI commands.
Watch them die slowly later 😬💃
#BugbountyAngrytip
Bug Bounty Goals for 2018:
- Top 50 on
@Bugcrowd
- 200 reports on
@Hacker0x01
& top 10 all time in yahoo
- Making 100K in total
- Meeting in person friends like
@brutelogic
@tbmnull
@ngalongc
and BC & H1 Teams.
I am setting crazy goals, i want to challenge myself and do it 👍
As i was angry today because of the procedure of handling my report in
@Hacker0x01
, it worth to mention that
@NahamSec
stepped up and sorted the issue out of nowhere, true leader and a gentleman liked it or not 😊
Its not only about reward, but when the programs also thanks you alot for your risky findings you feel more happy, my best month so far in
@Bugcrowd
👍😬
#ittakesacrowd
Z-wink creates a very nice content on his YouTube channel, easy to understand and implement for new joiners and old ones in BB community, nice efforts that deserves a follow :)
#BugBounty
People are being threatened of losing their career for supporting on social media the innocent civilians in Gaza getting bombard in a savage & barbaric way.
The western media has blood on its hands for cheerleading this ethnic cleansing campaign.
#Gaza_Genocide
#GazaAttack
is there a well known solution for the problem of proxying android app ? I am able to get mobile browser traffic but not the apps .. been trying this for hours 🤯
#BugBounty