mohammed eldeeb
@malcolmx0x
Followers
10,444
Following
706
Media
146
Statuses
994
Bug Bounty Hunter & security engineer
Cairo, Egypt
Joined April 2016
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Colorado
• 147756 Tweets
Notre Dame
• 123527 Tweets
#AEWAllOut
• 91628 Tweets
Kentucky
• 77587 Tweets
#仮面ライダーガヴ
• 67966 Tweets
The Weeknd
• 66592 Tweets
Nebraska
• 47099 Tweets
Carti
• 34804 Tweets
Abel
• 32718 Tweets
T-岡田
• 29708 Tweets
Talleres
• 29584 Tweets
Tennessee
• 28208 Tweets
#KPOPMASTERZinBANGKOK2024
• 23959 Tweets
Skullduggery
• 21592 Tweets
Oregon
• 19265 Tweets
#InternationalLiteracyDay
• 19173 Tweets
Bama
• 18617 Tweets
Willow
• 17446 Tweets
ショウマ
• 16311 Tweets
BOSSNOEUL TBNW Q6
• 14838 Tweets
NC State
• 14496 Tweets
Herrera
• 14046 Tweets
Deion
• 11346 Tweets
Danielson
• 11327 Tweets
Ospreay
• 10358 Tweets
設営完了
• 10257 Tweets
Pinned Tweet
Huge thanks to
@verizonmedia
team
@BugBountyHQ
and for
@Hacker0x01
to give such an opportunity
New house&new car&wedding in next few months <3
#togetherwehitharder
45
25
551
got an admin access by doing the flowing
- fuzzing got an endpoint /auth/github
- after login i got nothing
- adding the flowing parma to the auth endpoint ?admin=true&org_admin=true
- logged in as admin :)
#bugbountytips
4
110
421
Yay, I was awarded a $30,650 bounty on
@Hacker0x01
! for Various reports
#TogetherWeHitHarder
27
12
345
Yay, I was awarded a $10,000 bounty on
@Hacker0x01
! for auth bypass allow me to access any user account
#TogetherWeHitHarder
9
17
274
host:attacker,com>> blcoked
host:attacker,com
x-forwarded-host:target,com>>ATO
#bugbountytips
7
42
181
doing some recon to gain a full access
3
50
181
me and
@Zombiehelp54
found a critical LDAP injection on OpenAM check it out!
#bugbountytips
#bugbountytip
2
46
177
9
4
163
happy birth day to me, today i made it up to 16k reputation on
@Hacker0x01
🔥
#togetherwehitharder
14
0
157
Just did some serious fuzzing and found a /file/ with a 400 status code. Persistence pays off - I kept at it and eventually uncovered a path traversal vulnerability
#bugbountytips
#BugBounty
2
19
158
My 0-day accepted from forti , if anyone has a target use fortigate your are vuln with unath bug :)
#BugBounty
#bugbountytips
10
16
147
SQL injection , is not critical, because attacker must guess the correct values to receive a valid response 🤷♂️
@0x4148
شفنا العجب والله
20
8
144
want find an easy P1 run gau yourtrget |grep .zip
you may find an ZIP FILE contain all the source code or other sensitive backup files
#bugbountytips
3
16
125
keep in mind that SQLI may work only on HTTP , if https i was getting error , just found a sqli on a public program
#bugbountytips
3
13
120
Trivy v0.31 open-source security scanner. It can scan various targets (AWS,filesystems, containers, git repositories and more)
#Cloud
3
33
118
manipulating specific unkeyed inputs>>force the caching system to cache a response
#bugbountytips
#ittakesacrowd
1
9
116
i got 2,250 bounty at
@Hacker0x01
for
1. stored xss
2. Auth bypass and access into internal instance
#TogetherWeHitHarder
3
3
108
i was testing a subdomain didn't find anything , after a while i just changed the "cookie id" which was the value of username to another username and authbypass 🤷♂️
5
7
109
Yay, I was awarded a $500 bounty on
@Hacker0x01
! for subdomain takeover
reported in 11:45
triaged and rewarded in 12:10
#TogetherWeHitHarder
4
3
102
Yay, I was awarded a $1,700 bounty on
@Hacker0x01
! for auth bypass through Github allow access internal instace
#TogetherWeHitHarder
1
5
103
Yay, I was awarded a $2,500 bounty on
@Hacker0x01
! for RCE and database access
#TogetherWeHitHarder
7
2
103
Yay, I was awarded a $1,000 bounty on
@Hacker0x01
! as Initial Bounty for (IDOR,SQLI&admin access)
#TogetherWeHitHarder
2
2
103
4
0
104
was hacking on a subdomain redirect to SSO login the portal was for admin uploading docs ,start brute force the dir for a week nothing worked,i put the sub name after / and brute forced again ended up accessing the portal and see all docs 🤷♂️
3
14
95
Just hacked Proofpoint with a critical vulnerability, Affecting multiple Big tech companies, Patch ASAP
4
4
98
can't imagine when this being reported through H1 triage team! the severity is low 😂🤷♂️
Microsoft Account Takeover! 😊😇 Thank you very much
@msftsecresponse
for the bounty! 🙏🙏🙏
Write up -
73
414
2K
6
5
93
want to share interesting authentication bypass we have found recently
1. the app redirect users to SSO login page
2. read all javascript files we have found endpoint `/SessionStorage.aspx?USER_ID=` add user_id=1
(1)
1
20
93
your target is using jfrog ? you can access it with anonymous login through .io
use dork site: inurl:yourtarget and easy access it :)
#BugBounty
#bugbountytips
4
24
92
when you want to make 10k on your birthday but your bad luck comes out 🤦♂️🙅♀️
11
0
78
Yay, I was awarded a $400 bounty on
@Hacker0x01
! for access grafana instance
#TogetherWeHitHarder
1
3
76
I found my first critical vulnerability in 2018
@Hacker0x01
after reading&using
@NahamSec
RECON
#TogetherWeHitHarder
3
2
79
after
@Blackhatmea
I've picked up a target from
@synack
ended up with command injection ✌️
#BugBounty
2
2
74
really using
@SpyseHQ
is cool with such big org scope , you can get all related hosts, IPv4, IP CVE list...etc
#BugBounty
#bugbountytips
2
13
62
In November, I submitted 181 vulnerabilities to 10 programs on
@Hacker0x01
(gained 1097 rep).
#TogetherWeHitHarder
7
1
59
after the new feature from
@Hacker0x01
, you see most of your valid bugs were closed as duplicated to "informative" reports 💁♂️
7
3
63
This month has been a real challenge with almost no free time.I can confidently say March was one of the most productive periods for me in terms of finding critical vulnerabilities.
#BugBounty
#bugbountytips
2
2
60
I have been awarded the "Hero" recognition by
@SynackRedTeam
this year! This prestigious award is given to SRTs who generate significant value, as determined by overall production and customer impact.
3
1
55
Yay, I was awarded a $200 bounty on
@Hacker0x01
! access to apigee domain
#TogetherWeHitHarder
0
1
51
This How zombie look like when he stuck in the cinema all night for endgame movie
@Zombiehelp54
😂
4
0
54
On this day last year i got email from
@Hacker0x01
congrats me about 1k reputation today i make it up to 5k+ reputation
6
0
55
keep reading the PDF files of your target ,might ended up see all admin panel data 🤷♂️
0
0
47
In February, I submitted 50 vulnerabilities to 14 programs on
@Hacker0x01
.
#TogetherWeHitHarder
2
0
48
Yay, I was awarded a $250 bounty on
@Hacker0x01
! for a Privilege Escalation bug
#TogetherWeHitHarder
2
1
46
Hi all,
here is write up about open redirect i got
1
13
42
found this today , was able to bypass the authentication using Username: test, Password: admin123
#BugBounty
#bugbountytips
0
3
42