errorsec_
@errorsec_
Followers
3,086
Following
185
Media
219
Statuses
2,753
Explore trending content on Musk Viewer
オリンピック
• 540777 Tweets
Islam
• 260372 Tweets
フランス
• 260106 Tweets
#Olympic2024
• 198412 Tweets
#RobinsonLifestylexZeepruk
• 131313 Tweets
Cène
• 69852 Tweets
世界遺産
• 56614 Tweets
DDAY YOU BETTA CATCH UP
• 54579 Tweets
隅田川花火大会
• 54208 Tweets
ONE WORLD ONE SKY
• 49986 Tweets
佐渡金山
• 43878 Tweets
WTWGWS x MILKLOVE
• 41528 Tweets
अब्दुल कलाम
• 39216 Tweets
佐渡島の金山
• 32537 Tweets
#男子バレー
• 30383 Tweets
バレー男子
• 26576 Tweets
ニッポン
• 25004 Tweets
#วอลเลย์บอลชาย
• 23387 Tweets
大阪桐蔭
• 13632 Tweets
Charlie Hebdo
• 12961 Tweets
守備妨害
• 11915 Tweets
石川祐希
• 10197 Tweets
Pinned Tweet
Even though I'm a beginner myself, I started bug bounty last year. I never ask anyone for tips. I try on my own because everything has a solution. When you ask for tips from someone, you become dependent on their advice and you won't try on your own. Let's say you asked someone
22
25
244
Yay, I was awarded a $2,500 bounty on
@Hacker0x01
!
#TogetherWeHitHarder
One of the best team ❤️
@Hacker0x01
#BugBounty
#HackerOne
40
9
294
Simple Low-Hanging Bug:
Cache purge requests are not authenticated.
→ curl -X PURGE
https://target[.]evil[.]com
→ curl -s -D -
https://target[.]evil[.]com
-o /dev/null
17
49
293
28
4
236
Low Hanging Bug:
Tips:
1. Logged into mobile app with email.
2. Logged into web app via Google SSO.
3. Deleted Account from Mobile Application, Session remains still active for web app,
Yay, I was awarded a $250 bounty on
@Hacker0x01
!
#TogetherWeHitHarder
15
25
221
Deleted Insta to focus on work,
Now I'm addicted to YouTube shorts.
Here we go again!
59
12
199
To
@Hacker0x01
Hey
@Hacker0x01
, for the past 2 days, I haven't found a single bug in you. I have to maintain streak😒 Any hints, please? Where have you hidden that bug? 😒
From,
Loyal Bug Hunter at h1
#BugBounty
11
13
187
13
2
182
Yay, I was awarded a $2,500 bounty on
@Hacker0x01
!
#TogetherWeHitHarder
Greatest start of the month :)
9
6
150
Look into subdomains that allow sign-in with Google, as they may contain sensitive information accessible only to team members.
Dork: site:*.example.com inurl:login | inurl:signin Google
You might uncover subdomains that let you log in with personal Gmail accounts,
2
20
137
Dear Content Creators, aka so-called influencers,
Why not try hunting bugs and earning money with the same content you're sharing with the public?
So, kindly stop fooling them to gain followers, because this isn't LinkedIn where no one will say anything. This is X (Twitter).
22
10
136
Hey Mates !!!!
Remember that write-up I mentioned earlier? Well, guess what? I made a rookie mistake and deleted it. But fear not, because I'm a person of my word, and I'm here to make it right!
…
9
30
129
Tips to Find Open Jenkins :
1. Configure Shodan in Linux using .
2. Next, visit to collect the total bug bounty program across all bug bounty platforms.
3. It's hard to collect through a .json file, so download each
1
28
116
CTRL+C
CTRL+V
Easy P1 🔥
Add to your wordlist
/ganglia/
/ganglia/?c=ElastiCluster&m=load_one&r=hour&s=by%20name&hc=4&mc=2
#bugbountytips
#bugbounty
#security
16
132
617
9
10
98
If you come across anyone selling their course in the name of bug bounty, promising a free course with 100 retweets, I would like to offer some guidance. It's important to understand that no course can fully teach you bug bounty. Instead of wasting time seeking out courses and
9
19
94
Hey, mates! I've just published my write-up, and guess what? There's more where that came from! Stay tuned because I'll be sharing more write-ups with you very soon. So, keep an eye out for them!
…
6
26
91
I received a triage notification before receiving a report submission confirmation email 😳. Can’t believe. It was too fast 😳🔥
8
1
93
1st June promised to be in Top 10 at
@Hacker0x01
:) 6th June listed in Top 10 at
@Hacker0x01
.
#BugBounty
4
1
52
8
3
82
My daily conversation with
@Hacker0x01
😂😂
1st Jun - I will be back with another one
4th Jun - I’m back with another one
😂😂😂
6
1
80
I love challenges 👀😉
13
0
77
Bug Bounty Tips:
Even a UI update can introduce lots of vulnerabilities. Stick to a single program and address every small update. Moreover, always follow the developer team in social media to get to know the updates faster.
#bugbountytip
8
4
75
Reported a bug,
Triager: Triaged the report
Researcher: asked for an update,
and Got banned
Program won,
RCB lost again.
10
2
77
Thank you for the tip.
I just found some critical bugs using this.
I hope you will give more tips.
8
3
74
Joined
@hacklido
21 Hours ago,
Uploaded blog 20 Hours Ago,
Unbelievable Surge 😮
1.1K views in less than 20 hours
7
5
72
Hey guys,I'm selling resources for bug bounty that I found for free on the internet. If anyone needs them, please let me know. The cost will be $5,000 per resource, but it may vary depending on the bug. The amount may increase. To get a 5% discount, you can use the code SCAM500🤣
24
2
71
How can people hunt for 10-11 hours in a day?
Whenever I sit down to hunt, within 30 minutes, I start scrolling through reels 😂🫶
15
2
68
Whenever I open LinkedIn, every post is about bounties.
I'm waiting for the day when I will also post the same.😭
8
2
67
Sometime, Well Written Report also helps you to get reward even though it is dup :)
6
2
64
Happy birthday to myself! I can’t wait to see what trouble I get into this year.
42
0
66
Tips: If the target allows file sharing with password protection, review the shared file with another account to see if the password is also being shared while sharing files only
Yay, I was awarded a $100 bounty on
@Hacker0x01
!
#bugbountytip
3
7
63
despite hunting full-time, i lack concentration and focus, resulting in only 1-3 reports per month and hunting 7 days in month with avg of 1-2 hours a day. now, i plan to take this to the next level by hunting more than usual. let’s see the outcome of this challenge for myself.
12
1
62
I don’t know why I was rewarded because the report was closed as informative, but still
Yay, I was awarded a $150 bounty on
@Hacker0x01
! 🤣✌️
#TogetherWeHitHarder
6
4
63
Bug Bounty Tips : If you are unable to find a vulnerability, stop thinking from the attacker's point of view. Instead, shift your perspective and consider the scenario from the victim's perspective.
#BugBounty
#bugbountytip
2
5
57
︎
Rate limit exceeded
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
︎
😉
24
12
57
Kudos to
@Hacker0x01
! Exceptional bug bounty program. Just hit $1M in rewards. Grateful to contribute to a secure platform! 🎉
#BugBounty
#HackerOne
Hackers, HackerOne's Bug Bounty Program just cleared the $1,000,000 rewards milestone! Thanks so much for helping secure the platform. The creativity in your reports is spectacular, representing novel, elusive (and sometimes severe!) findings that no other security tool can find.
2
12
137
2
0
57
Once Krishna said,
"Be patient"
"Sometimes in life to get the best, You have to go through the worst"
4
6
57
Ignore all your problems, just like the way a triage team ignores the "Any update" comment.
8
7
55
AGAIN
AGAIN
AGAIN
AGAIN
GAIN
YOUR ABILITY TO WIN DEPENDS ON HOW MANY TIMES YOU TRY
3
8
52
I understand it might seem confusing. I've also published it on Medium. You can access it from there
Tips to Find Open Jenkins :
1. Configure Shodan in Linux using .
2. Next, visit to collect the total bug bounty program across all bug bounty platforms.
3. It's hard to collect through a .json file, so download each
1
28
116
3
13
55
#bugbountytips
:
When testing mobile apps for security vulnerabilities, don't forget to check if enabling 2FA on a web account impacts SSO login behavior on the mobile app. I wasn't sure whether it would be accepted or not.
6
3
54
4
1
52
Story of a friend and a successful bug hunter:
He took just 2 days to exploit the bug and reported 1 RCE and 2 SQLi. Unfortunately, he died before it gets triaged.
8
4
54
Methodology that i usually follow:
Report a vulnerability in such a way that the team has no option but to close your report, even if you have already reported a vulnerability. Continue testing the affected area until it gets accepted.
Maybe after further testing the affected
1
6
50
Seriously
@Hacker0x01
Internal Team is damn best. I have reported a vulnerability in HackerOne. But mistakenly I found a vulnerability which I wasn’t aware of it. Internal team told to create a new report for this. And triaged the reported vulnerability ❤️🫡
#BugBounty
4
0
43
Tips: Instead of changing programs every day, stick with a single program. Don't start searching for bugs from the beginning; just give some time to understand the target. Get familiar with the target product first. Once you are familiar, then start searching for bugs.
#BugBounty
2
7
44
Struggle for getting bounty 😂
Reported->Triaged->Resolved,
Found a bypass->Asked team what to do ->Got response to create new report ->Pending Program Review->Duplicate ->Asked to team to recheck it was my report bypass->Reopened->Triaged->Bounty
Great team at
@Hacker0x01
❤️
3
2
43
For those who are trying to hunt in h1.
Let me give you some hints:
Not everything is visible to a reporter. There are a lot of things that are only visible to the customer team. Try to find that hidden information. For this, you have to learn GraphQl
#BugBounty
#HackerOne
1
4
43
Don't know why people start trolling for simple,low-hanging bugs. I mean,I don't think there is anyone who hasn't reported a P4 in their hunting career. Just because you are a professional and hunt for P1/P2 doesn't mean everyone is a professional. They are learning for low bugs.
5
5
43
I was scrolling LinkedIn, stumbled upon a post where a guy was selling a bug bounty course. Checked the profile, found only a hall of fame.
“BKL pehele khud too kamale”
Everything's free; try it yourself before buying any courses, Go through disclosed reports, Blog, Podcast.
6
1
39
Paid Hall of Fame 🥵
Can I get some Hall of Fame? I can pay for each bug with bonus amount.
7
1
41
I guess now I should invest something in Bug Bounty.
"What will be the best thing to invest in for Bug Bounty?”
16
2
41