Akshay Sharma 🇮🇳
@akshaysharma71
Followers
3,435
Following
264
Media
597
Statuses
1,472
Explore trending content on Musk Viewer
Colorado
• 136718 Tweets
Notre Dame
• 119778 Tweets
Kentucky
• 73993 Tweets
#AEWAllOut
• 68722 Tweets
The Weeknd
• 62439 Tweets
#仮面ライダーガヴ
• 62206 Tweets
Nebraska
• 41959 Tweets
Northern Illinois
• 41176 Tweets
Carti
• 32765 Tweets
Abel
• 31676 Tweets
Talleres
• 27444 Tweets
#ブンブンジャー
• 26374 Tweets
Tennessee
• 25837 Tweets
Auburn
• 25115 Tweets
Skullduggery
• 18429 Tweets
Bama
• 17742 Tweets
Willow
• 16719 Tweets
#KPOPMASTERZinBANGKOK2024
• 14871 Tweets
ショウマ
• 14718 Tweets
#InternationalLiteracyDay
• 14613 Tweets
Herrera
• 13680 Tweets
BOSSNOEUL TBNW Q6
• 13086 Tweets
NC State
• 12571 Tweets
Deion
• 10279 Tweets
Copa Argentina
• 10138 Tweets
Pinned Tweet
Excited to share that I just received another $40,000 bounty for discovering the same issue: "Unauthorised Access to NGINX REST API (Read/Write Access)."
TestCase:
https://exampledotcom/path/..;/api/9/nginx
Reference:
#BugBounty
17
37
439
Made around $42k from
@Hacker0x01
in one month..... Best month so far.
A big thanks to
@verizon
for such a great program.
#togetherwehitharder
31
33
552
Yay, I was awarded a 2x $5000 bounty on
@Hacker0x01
!
VueJS Client-side template injection
Payload used - {{$el.ownerDocument.defaultView.alert(1)}}
#TogetherWeHitHarder
9
51
318
Yay, I was awarded a $20,000 bounty on
@Hacker0x01
Bug:
Access to NGINX REST API Interface (Read Write Access) via Normalisation
#TogetherWeHitHarder
#BugBounty
14
6
318
Yay, Today I was awarded with 7 x $4,000 + $500 bounty on
@Hacker0x01
!
#TogetherWeHitHarder
About to cross $100k soon ...😉😉
Bugs - Sensitive Info Disclosure
Thanks Again to
@verizon
18
15
298
Submitted around 250 bugs to
@Adobe
in around 15 days.
Jumps to 2nd position on Adobe.
@Hacker0x01
#togetherwehitharder
25
4
301
Reflected value check by extracting hidden params.
curl -skL "" | grep 'type="hidden"' | grep -Eo 'name="[^\"]+"' | cut -d'"' -f2 | xargs -I@ sh -c 'if curl -skL | grep -q "value=ijkl"; then echo "reflection found from @ param"; fi'
11
107
284
Very happy to see my name on first position in Hackerone Quarterly Leaderboard 2020 Q2 😊
@Hacker0x01
14
5
239
In April, I submitted 268 vulnerabilities to 3 programs on
@Hacker0x01
.
#TogetherWeHitHarder
17
5
240
Found a slick little SSRF bypass using an HTTP redirect through "" and got unrestricted access to juicy internal cloud data!
#bugbountytips
#bugbountytip
7
40
223
Yay, I was awarded a $2,000 bounty on my birthday. Now I can go to party
@Hacker0x01
!
#TogetherWeHitHarder
11
2
137
Spyse. Excellent Search engine for recon. You can search data using ASN, org, domain, IP, cert, range etc. Check out.
@SpyseHQ
#Spyse
#bugbountytips
2
19
109
Excited to share that I have assigned with 18 new CVE’s (Common Vulnerability and Exposure). Thanks to
@AdobeSecurity
🙂
#cve
#security
#cybersecurity
#vulnerability
2
2
91
This is my first writeup as well as my first finding using Knoxss tool. As a security researcher everyone knows Brute "The God of XSS". So, its already been seven days i was trying to find a bug in a program on...
5
20
90
Automate your whole work which you're doing manually.
You can save lot of time. 😉
Fav Quote -
Never send a human to do a machine's job 🙃
1
7
83
Excited to share my first tool in Go for discovering AEM CMS websites! Huge thanks to
@0ang3el
for their awesome research and inspiration.
#BugBounty
2
27
81
One year back, On this day I have started doing BugBounty. A great thanks to all peoples who encouraged me.
Statistics of this year - Got huge no. of duplicates
Reports Submitted- 53
Reports Duplicate- 40
Reports Resolved- 10
Bounty Earned- $18500
Thanks
@Hacker0x01
@verizonmedia
3
0
66
These types of issues are considered as Informational. No Impact.
I wrote an article to describe the issues I reported to the
@SetuAarogya
. I hope it will allow people to understand the situation and why it's an important issue. I hope you like it, all feedbacks are welcome!
And don't forget: Hack the planet! 🤘
427
3K
6K
6
5
57
Last month was crazy for me 🤪
Submitted 27 (3 critical + 24 high) vulnerabilities to 1 program on
@Hacker0x01
#togetherwehitharder
1
0
40
I want to check 10 million IPs i.e alive or not
Any fast and reliable method to check ?
Is httprobe a good option ?
11
3
41
#BugBounty
#automation
Started Automating things using custom scripts 🙂
Never send a human to do a machine’s job - by
@mhmdiaa
0
0
16
What is Sn1per ? Sn1per comes in two different versions i.e Sn1per Professional & Community edition. Sn1per Community Edition is an automated scanner that can be used during a...
0
1
16
1
0
10
Just wrote a simple bash script which distributes processing tasks to other VPS machines. Tried probing on huge domains list. Working efficiently. You just need to modify few lines of code (adding machines & command)
#BugBounty
#bugbountytips
0
2
10
Is this sensitive information ? An endpoint was leaking this info.
According to
@Paytm
, It's not a sensitive information. Even they fix it after reporting.
2
1
10
That feeling when you got 3 back to back duplicates(SSRF, XSS, OpenRedirect) :( 😢
#BugBounty
#hackerone
0
0
8
2
0
6
2
0
7
Awesome Bro :)
1
0
6
@MoboGenie
He advocated dismantling d system of caste in Hindu culture nd reconversion of the converted Hindus
#FreedomWithGenie
0
1
4
Found & Reported Critical Bug to
@VodafoneGroup
@VodafoneIN
@Idea
last night. Got weird reply from their end. They don't care about their security & their customers data.
0
0
5
I liked a
@YouTube
video CLASH OF CLANS FULL MOVIE ANIMATION | HD 2015 OCTOBER NEW SECRET VIDEOS
6
0
1
#kali
#kalilinux
#tutorial
#hack
#hacking
#wifi
#deauthattack
Kali Linux Tutorial - Wireless Deauthentication...
0
0
4
@Hacker0x01
@verizonmedia
@tumblr
Reported one month back when Tumblr was a part of VerizonMedia. Report got triaged. And now when tumblr is no longer a part of VerizonMedia, they are asking me to close the report as N/A.
@jobertabma
@NahamSec
Can you please clarify ?
1
0
3
0
0
3
1
0
3
1
1
3
0
0
3
0
1
2
The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you. WARNING I highly recommend using this tool by using Kali Linux OS By using...
0
3
2
Google launched it's Allo Messenger last year in September which included the brand new Google Assistant which is...
0
0
2
Nipe - Evade Detection and Make Tor Network Your Default Gateway
0
0
2
Anonymity is one of the most important elements for the penetration tester. Tools can be used in order to hide the user’s identity from being exposed. VPN (Virtual Private Network),...
0
0
2
I added a video to a
@YouTube
playlist Nipe - Massive Script to Set Tor Network Your Default Gateway
0
0
2
I liked a
@YouTube
video Lazymux - Install All Kali Linux Tools on Android With Termux (No Root)
0
0
2
There are a lot of Quotes all over the world, Some of them change our lives and the others change the SQL Query result.
0
0
2
0
0
2
0
0
2
0
0
2
0
0
2
@Rhynorater
What can be done with application.wadl file ? I got an wadl endpoint but there is no sensitive info available there. Only methods , resource path, request response type available in the file. What can I do with this info ?
2
0
1
0
0
1