The Notorious B.E.E. 🐝
@securibee
Followers
9,710
Following
1,295
Media
3,092
Statuses
9,368
Helping people hack a life they love.
Join the Hive ➜
Joined March 2019
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Zuckerberg
• 765281 Tweets
Oasis
• 647657 Tweets
Switch
• 311277 Tweets
Sonic
• 291590 Tweets
Shadow
• 264333 Tweets
الفتح
• 228196 Tweets
روما
• 221547 Tweets
Canadá
• 219986 Tweets
ニンダイ
• 150677 Tweets
Colapinto
• 119544 Tweets
Logan
• 73571 Tweets
Sancho
• 65103 Tweets
リマスター
• 64290 Tweets
Sterling
• 63792 Tweets
Young Boys
• 58400 Tweets
Ferdi
• 54633 Tweets
Rayo
• 54042 Tweets
Mercadona
• 53641 Tweets
Toney
• 49537 Tweets
グレイセス
• 47981 Tweets
#GSvYB
• 42805 Tweets
#النصر_الفيحاء
• 34659 Tweets
Yolun
• 33874 Tweets
#325days
• 33717 Tweets
ときメモ
• 28566 Tweets
Okan
• 27254 Tweets
Keith Lee
• 25173 Tweets
Kerem
• 16765 Tweets
Saúl
• 14364 Tweets
野人転生
• 10663 Tweets
Pinned Tweet
I don’t typically read newsletters but I thought I would give the one by
@securibee
a go.. and it didn’t disappoint! What a great way to distill down genuinely interesting tweets, HN posts, and short news bites.
If you find twitter cluttered, sign up at
4
10
70
All
@pdiscoveryio
tools explained
aix
dnsx
pdtm
tlsx
httpx
naabu
alterx
asnmap
katana
notify
nuclei
mapcidr
proxify
uncover
cdncheck
subfinder
cloudlist
shuffledns
chaos-client
nuclei-templates
simplehttpserver
interactsh-server
interactsh-client
2
191
510
It's that time again, another 🐝 list.
I've curated the best resources on How To Start Bug Bounty For Beginners.
@zseano
,
@hakluke
,
@InsiderPhD
,
@NahamSec
,
@fransrosen
,
@avlidienbrunn
,
@stokfredrik
,
@Farah_Hawaa
,
@Jhaddix
,
@codingo_
#BugBountyTips
3
134
366
Me after writing a bash script for hours that saves me 30 seconds
4
26
207
Another 🐝 list, must-watch InfoSec talks of 2020.
❤️ Show them love:
@zseano
@hakluke
@InsiderPhD
@Jhaddix
@rhyselsmore
@TomNomNom
@JR0ch17
@d0nutptr
@albinowax
@stokfredrik
@DanielMiessler
@AletheDenis
@ChloeMessdaghi
@snyff
@evacide
@thecybermentor
8
67
191
Dorks collections list by
@cyb_detective
A list of Github repositories and articles with a collection of dorks for different search engines.
5
67
178
api_wordlist
A wordlist of API names for web application assessments
2
50
171
@IanColdwater
Also, have everyone that's onboarded update the process!
There's bound to be something missing, changed, or improvements to be made
3
1
160
Some Bug Bounty resources:
- A curated collection of wisdom nuggets to level up your bug bounty game
- Guide to learn hacking
- Codingo's YouTube
- Farah Hawa's YouTube
2
57
138
Do you even grep?
List of GREP modifications and alternatives for a variety of purposes.
1
38
137
"Whatever you pay attention to will grow."
― Deepak Chopra
2
11
130
Use this Twitter search query to easily keep up-to-date with your favorite
#BugBounty
platforms:
(from:hacker0x01 OR from:bugcrowd OR from:intigriti OR from:yeswehack OR from:synack) -filter:replies
2
26
139
After the NahamCon it's the after party and after the party it's the Hive FIve newsletter!
✉️ 2491 words
🐝 Hive Five:
@spaceraccoonsec
@hakluke
@Hacker0x01
@github
@kali_reanna_
🎉 Celebrating:
@0xteknogeek
@bug_dutch
@naglinagli
😎 Spotlight:
@zseano
4
30
126
Making sure I test everything while hacking a web app
4
8
120
Subdomain Takeovers, beyond the basics for Pentesters and Bug Bounty Hunters by
@codingo_
Discover the tricks to subdomain takeovers that go beyond the basics, allowing you to find more impactful findings in a pentest, or on a bug bounty program.
1
30
106
GitHub - adrianscheff/useful-sed: Useful sed scripts & patterns.
0
40
105
#TIL
about
@Cloudflare
Radar
A hub that showcases global Internet traffic, attack, and technology trends and insights
0
20
84
Succeeding in bug bounty is like a marathon.
There are people on the side lines cheering you on, handing you water and a snack when you need it.
Maybe they're even participants, running buddies, some being pacemakers.
You get better over time, stay the course.
#BugBountyTips
1
15
90
Earlier today on
@NahamSec
Twitch stream someone asked if bug bounty is largely luck based. I replied with the following quote "Absolute Success is Luck. Relative Success is Hard Work."
You can read more about it here
#bugbounty
#bugbountytip
2
20
78
What an awesome
@nahamsec
stream!
Watch this new format as
@itsecurityguard
shares his screen and recon process. Featuring
@securitytrails
,
@owaspamass
, and FFUF.
If you missed it you can catch the VOD
It'll be on YouTube soon
1
15
76
During NahamCon someone approached me and asked if I could share more
@NahamSec
Sunday Recon interview notes.
Silly me, I wasn't even aware that anyone read them.
Here are my
@Jhaddix
notes:
I hope they're useful!
#bugbountytips
#bugbountytipjar
3
28
77
Jomar's first OOB XXE exploitation.
Check out their other write-ups as well.
0
25
77
Here are 4 ways to store and organize bug bounty recon data:
- BBRF
- Vilicus
- Hakstore
- Recon-ng
What else?
3
15
73
xnLinkFinder by
@xnl_h4ck3r
A python tool used to discover endpoints (and potential parameters) for a given target:
- Crawl a target (pass a domain/URL)
- Crawl multiple targets (pass a file of domains/URLs)
- And much more
#HiveArchive
2
13
69
JSON Crack - Crack your data into pieces
➕ Simple visualization tool for your JSON data.
➕ No forced structure, paste your JSON and view it instantly.
3
13
71
When choosing a new habit many people seem to ask themselves, “What can I do on my best days?”
The trick is to ask, “What can I stick to even on my worst days?”
Start small. Master the art of showing up. Scale up when you have the time, energy, and interest.
—James Clear
7
12
68
After
3 years of writing the Hive Five newsletter
36 months of thoughtful curation
155 Sundays of focused work
12277 links shared
It's time...
2
18
66
🐝 Hive Five 133: How to Study Bug Bounty Hunting
🧶 HTML Over the Wire
@healthyoutlet
🐛 CSRFing VS Code's Debug Adapter Protocol
@_Z7mcnulty
🔍
@Hahwul
releases Noir
📚 How to Study Bug Bounty Hunting
@insiderphd
🤫 Leaked Secrets and Unlimited Miles
@samwcyo
Buzzworthy:
1
20
58
"The best revenge is to be unlike the one who performed the injustice." - Marcus Aurelius
@cassidoo
💎
1
5
59
GitHub - ffuf/pencode: Complex payload encoder
1
9
57
Yikes. Turns out I wasn't subscribed to
@Jhaddix
's YouTube channel.
Don't make the same mistake!
3
10
55
Another week, another 🐝 list
🚀Level up your bug bounty skills and dive into some books!
🔔15 recommendations by top bug bounty hunters - covering web apps, mobile, and programming.
📚Authors
@ZephrFish
@yaworsk
et al.
#bugbountytips
#bugbountytipjar
2
16
54
Does anyone know of a strong bug bounty/security research team looking for help in improving researcher experience?
I’m looking for something new!
(RTs appreciated + DMs are open 🙏)
2
22
53
New 🐝 list!
🎉 While waiting for
#NahamCon2021
recon village, let's celebrate the amazing resources already available!
🔥 Iconic talks, interviews, and demos ft.
@TomNomNom
@NahamSec
@Jhaddix
@nnwakelam
@Th3G3nt3lman
@codingo_
et al.
#BugBountyTip
3
27
55
@NahamSec
's interviews are such gems. Shows different facets of bug hunting. How it pays off to be different. Picking the brains of amazing people.
A big thank you to everyone involved.
#WeAreInThisTogether
3
6
54
🐝
#HiveFive
108 – Bug Bounty Hunter Mindset, Android Malware Analysis course, and the Power of CSS injection
Featuring content by
@leifdreizler
@HusseiN98D
@Yassineaboukir
@SanderWind
@seclilc
@Six2dez1
and more!
Have a beautiful week 🙏
4
11
51
http2smugl: HTTP2 request smuggling security testing tool
0
18
47
🎉 DALL·E now available without a waitlist
New users can start creating straight away.
2
6
47
Excited to see
@assetnote
's Kiterunner tool in action!
🐝 Will be included in tomorrow's Hive Five newsletter.
✅
@NahamSec
is checking it out on stream today!
✅
@InsiderPhD
is digging into it for a new video!
#bugbountytips
2
11
48
So you admit this is a vulnerability, but it doesn’t qualify for a bounty and I cannot disclose it publicly? Just want to make sure I have that right
3
3
45
Hack the planet! Check out all of these streamers putting in work.
@thecybermentor
@NahamSec
@rwxrob
@0xAshFox
What is your excuse? Get to it!
1
2
44
@hakluke
Learn how to:
- GoogleFu: problem solving is key
- Document: note taking will accelerate learning + help you work through problems
- Learn: set up a plan/goals, get the most out of your time
- Communicate: being able to put your thoughts into words
Lastly I'd join a community!
2
5
43
Looking for some fresh workspace inspiration? Check out
@workspacesxyz
From sleek and modern to cozy and rustic, they've got something for everyone.
2
6
42
0
7
54
I encourage you to watch the latest interview by
@NahamSec
with
@DanielMiessler
!
This one hits different. I especially enjoyed the part near the end which wasn't infosec related.
Currently on Twitch for subs only but it'll be on YouTube soon!
5
5
40
Alot of a...sharks out there...try'na take a bite of somethin' what's hot
Lot of chameleons out there...try'na change up
Anytime somethin' new comes along...everybody wants a bite
Don't happen overnight
So you wanna be a bug bounty superstar?
A lot of people who want to do bug bounties for a living, but should you? Let's discuss!
📽️Video:
✍️Written (most detailed):
18
88
308
2
2
46
@theneedledrop
The latest addition to communities that I frequent. I enjoy watching his stream and finding new music to listen to. Anthony Fantano, the internet's busiest music nerd reviews and reacts to music live.
1
1
34
#365bees
Day 42: 🐝 more like
@harshbothra_
Harsh is a security engineer, bug bounty hunter, pentester, author, and blogger. He's reached the Bugcrowd top 150 and MVP '20. He inspires people with his
#Learn365
, interviews, and talks.
Thank you 🙏
2
6
45
#365bees
Day 12: 🐝 more like
@codecancare
Eric crossed $1M in bounties. His handle is a reminder to focus on the gift we are given with each new day. His friendly demeanor, and automation are highly sought after.
Thank you 🙏
2
8
38
@hackandbackpack
@NahamSec
(bug bounty)
@Jhaddix
(bug bounty)
@d0nutptr
(bug bounty / rust aficionado)
@stokfredrik
(bug bounty)
@TomNomNom
(bug bounty)
@InsiderPhD
(bug bounty)
@thecybermentor
(infosec)
@shehackspurple
(infosec)
2
9
38
🐝 Hive Five
#26
– DOM XSS, voicemail ATO, and 10K4ILF
🛠 Fleex by
@sw33tLie
- create multiple VPS on cloud providers and distribute your workload
💪
@hakluke
completely rewrote hakrawler from scratch to release v2
❤️
#10K4ILF
help get
@InnocentOrg
to 10K followers
1
12
38
#365bees
Day 26: 🐝 more like
@ITSecurityguard
Patrik has 7 years of triage experience and is a triage manager
@Hacker0x01
. He's amassed a wealth of knowledge that he shares on Twitter, in interviews, and in talks.
Thank you 🙏
2
4
40
Measure yourself against who you were yesterday.
At times it can be hard to notice improvements. Keep going, you'll inevitably find your first bug.
Don't be too hard on yourself. Social media shows you wins, but doesn't show you the hard work, failures, and struggles.
2
14
37
🐝 New Bee List: 18 Inclusive Communities Worth Joining
In these strange times it’s important that we come together. A good way to find like-minded individuals is to join a community.
Here are my favorite ones, most of which I frequent at least weekly.
3
11
37
#365bees
Day 22: 🐝 more like
@Farah_Hawaa
Farah took InfoSec + bug bounty by storm. Relatively new, her YouTube channel is already a staple. While working
@bugcrowd
she continues to inspire.
Thank you 🙏
2
4
41
Show your favorite
#creators
some love! Share, like, subscribe, buy, and donate. Let them know you appreciate them.
Mine are
@InsiderPhD
@NahamSec
@TomNomNom
@zseano
@Jhaddix
@DanielMiessler
@stokfredrik
@0xAshFox
@gwendallecoguic
@hakluke
@pry0cc
@codingo_
Who are yours?
9
4
34
🛠️ CookieMonster by
@iangcarroll
CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
1
10
36
9
3
34
"I value integrity, meaningful relationships, and legacy above other currencies."
- Gary Vaynerchuk
h/t
@NahamSec
@alissaknight
0
4
37
🐝
#HiveFive
65 – Nahomies
💪 The return of Sunday Live Recon w/
@Jhaddix
@stokfredrik
@NahamSec
& guest:
@ippsec
🛠 Updates to your favorite tools: ffuf, Osmedeus, Arjun, ReconFTW, and
@Burp_Suite
Pro
...and more buzzworthy resources!
💌
0
10
31
#365bees
Day 30: 🐝 more like
@spaceraccoonsec
Eugene works
@GovTechSG
. Received 1st bounty when he was 24 (2019).
@Hacker0x01
MVH + best team winner. Loves Singapore + communities. He gives back by sharing his knowledge and experience.
Thank you 🙏
1
2
36
🐝 Hive Five 131: The Art of Deception
1️⃣ Discover 1M leaked API keys
@trufflesec
2️⃣ Land your 1st tech job
@notshenetworks
3️⃣ CVE-2023-3519 analysis
@assetnote
4️⃣ Mastering SQLi
@rana__khalil
5️⃣ Abusing Amazon VPC CNI plugin for k8s
@BerneCampbell
Take them by swarm 💪
1
7
33
I heard you like .new domains
Some I use regularly:
Here's some more:
2
15
32
I miss the old internet, straight from the start internet
Connecting our souls, sharing our hearts internet
I hate the new internet, the fake news internet
The trolls and haters, spreading abuse internet
I miss the pure internet, where knowledge was free internet
5
6
30
The secrets of automation-kings in bug bounty
➕ Uncover the strategies of bug bounty automation experts.
➕ Find the key to success with 1day (or 1month) web exploits.
1
5
32
🐝 Hive Five 43 – Magic
➕ Is it always DNS?
@b0rk
➕ New tool: CookieMonster
@iangcarroll
➕ Axiom refactor
@0xtavian
➕
@Truesec
Cyber Security Summit w/
@stokfredrik
➕
@hackermaderas
Search Engine strategy
#TakeThemBySwarm
3
10
31
Added
#NahamCon2021
recon talks and demos:
-
@pry0cc
Introduction to Axiom
-
@rez0__
ffuf scripts and tricks
-
@d0nutptr
Building Faster Than Light Reconnaissance
-
@ITSecurityguard
Amassive Leap in Host Discovery
-
@honoki
BBRF - Kickstart your recon
1
14
31
Haven't done one of these in a while but might as well celebrate
#DefCon29
#FF
@NahamSec
@seclilc
@colston3000
@thedawgyg
@samwcyo
@pry0cc
@loquaciousloka
@0xtavian
@Rosenawesome
@notshenetworks
@_johnhammond
@calebjstewart
@ethicalhacker
@pwnEIP
@NopResearcher
@lazzslayer
6
6
33
#365bees
Day 21: 🐝 more like
@snyff
Louis is a passionate security engineer. He founded
@PentesterLab
, making learning web hacking easier. He goes above and beyond to keep it affordable and to deliver maximum value (+ stickers).
Thank you 🙏
2
4
32
🐛 Awesome Google VRP Writeups by
@xdavidhu
A list of writeups from the Google VRP Bug Bounty program
1
13
32