Sunil Yedla
@sunilyedla2
Followers
9,167
Following
243
Media
130
Statuses
1,312
Trying to make Internet a safer place 👨🏼💻 by helping companies find security loopholes. Hustling to make my parents proud! 🧡
Andhra Pradesh, India
Joined June 2020
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#JACKANDJOKEREP5
• 477596 Tweets
Florida
• 470021 Tweets
BTS BTS BTS
• 468124 Tweets
EP5 U STEAL MY HEART
• 426500 Tweets
Hurricane Milton
• 310882 Tweets
Call Her Daddy
• 164572 Tweets
Chilpancingo
• 162640 Tweets
BTS PAVED THE WAY
• 114269 Tweets
Category 5
• 72510 Tweets
Rigathi Gachagua
• 54623 Tweets
Cat 5
• 50581 Tweets
世界さん
• 40185 Tweets
ランクイン
• 31040 Tweets
Floridians
• 24060 Tweets
NAISSANCE OF YUNJIN
• 21087 Tweets
Gazze365GündürDireniyor
• 19799 Tweets
Andrés Iniesta
• 16271 Tweets
Alien Isolation
• 16241 Tweets
Yucatán
• 15565 Tweets
Riggy G
• 14420 Tweets
Johan Neeskens
• 14330 Tweets
Kibaki
• 10994 Tweets
BABYMONSTER DRIP SOON
• 10021 Tweets
That’s it, Just hit the 21950$ in last 30 days from
@Bugcrowd
alone 🤩 I have kept 2022 Q1 goal as $20k for 3 months but fortunately reached in 1 month. I will continue sharing my finds/thoughts via tweets here.
#bugbounty
#bugcrowd
#infosec
29
48
617
With the upcoming payments just crossed +33000$ in last 30 days 🤩
#bugbounty
@Bugcrowd
You are awesome!!🧡🙌🏼
#infosec
#bugcrowd
33
37
524
Just received 4000$ bounty and crossed +15000$ mark in last 30 days in 🧡
@Bugcrowd
Please note I haven’t found any P1 bug, so please don’t worry too much abt P1’s and focus on what you are good at and you will get there : )
#bugcrowd
#bugbounty
27
30
505
When you upload image on target, always check if website exif data is leaking any sensitive data
1. Upload image on <Target>
3. Copy&Paste image address in
4. Report if you find any sensitive data like location,IP address etc,.
#bugbountytips
#BugBounty
10
152
470
Time based SQLi -> forgot password Endpoint 😇
1. Payload used: '%2b(select*from(select(sleep(20)))a)%2b'
2. Endpoint: /Forgot password
Cheers 🍻
Do share your story in comments if you got SQLi at weird endpoints 😁
#bugbounty
#bugbountytips
#infosec
#SQL
#hackershack
14
176
465
28
8
427
I’ve made total 12400$ in first month of 2021 and many being still in Triaged state 🧡 Thanks to god and thanks to everyone who encouraged me with positive words. Although I’m still a noob, I will try to share as much good content as possible 😇🙏🏼
#bugbounty
#thankyou
28
7
412
SQL Automation:
1. Use waybackurls/gau to get all possible url's
2. Use GF tool to filter SQL parameters [Create your own pattern for SQL] & save as allsql.txt
3. Send filtered url's to Sqlmap - python -m allsql.txt --batch
#bugbountytips
#bugbounty
13
175
387
Found another SQL injection vulnerability in login page today. After hours of recon landed on and the payload didn’t work when I injected in email input box but worked in email parameter of login request. Weird 😅
#bugbountytips
#bugbounty
#sql
#infosec
12
83
381
Short SQLI Story:
1. <subdomain>.<redacted>.com -404
2. Directory bruteforce - /gallery
3. <subdomain>.<redacted>.com/gallery - redirected me to login page: <subdomain>.<redacted>.com/gallery/#!account
4. Login request vulnerable to SQL injection 😁
#bugbountytips
#bugbounty
9
101
358
I just published "Information Disclosure to Account Takeover" writeup on Medium. Feel free to share your feedback : )
#bugbounty
#bugcrowd
#infosec
#bugbountytips
21
146
357
I just published a writeup on vulnerability type which I always thought is just theoretical in real life scenario. This writeup is on ‘Websocket Hijacking’ to steal Session_ID of victim users
#bugbountytips
#bugbounty
#infosec
#hackerone
#bugcrowd
5
138
335
Golden words that changed my hunting style:
1. “One should understand target better than the one who developed it” -
@NahamSec
interview with
@ngalongc
2. “Stick to single target for finding critical bugs” -
@_jensec
Hope this helps you too 🧡 spread positivity 😇
#BugBounty
2
67
317
It’s around 2:30 AM. Got 400$ so far today. Thought of signing off but out of curiosity refreshed the payments page and upcoming payments went by 8900$. I was in shock!! Only after reading mail I understood 🤩
#bugbounty
#bugcrowd
Is awesome!! 🧡
31
12
311
I was about to close my lappy yesterday around 3 AM. I don’t know why all of a sudden I’ll see loopholes then 😂 Got a 403 Bypass using “X-Original-URL”
Host: <redacted>.com/secure
..
403
Host: <redacted>.com/test/
X-Original-URL: /secure
..
200 OK
#bugbountytips
#bugbounty
5
73
310
IDOR(ATO) + PII - Duplicate!
1. Login > Add new user
2. Click on “edit” invited user > capture request in burp
3. Replace invited users ID with any other users ID
4. Update email > send
5. Email updated(ATO) for other user+ PII disclosure in response
#bugbountytips
#bugbounty
4
104
303
Found ATO just now!
1. Found Open redirection in sign in endpoint
2. Enter attackers server (I’ve used ngrok server) and tried to sign in using OAuth flow
3. OAuth code disclosure in attackers server logs
4. ATO!! 🔥🧡
#BugBountyTips
#bugbounty
#hackerone
10
73
268
Want some motivation? I’ve read stories of:
1. People hacking on mobile phone coz they couldn’t afford laptop and later blessed to buy a laptop 🧡
2. People working 16 hours a day
3. 6 digit rank to 3 digit rank.
Thanks for inspiring me. Motivate yourself!
#BugBounty2021Goals
2
16
264
When you are searching for IDORs focus on download(csv,pdf,etc) endpoints. Many times I found cool IDOR’s at these endpoints : )
#bugbounty
#bugbountytips
7
50
259
Let me tell you kutti story of "Stealing Chat session ID with CORS and execute CSRF attack" 😁
#bugbountytip
#bugbountytip
#infosec
#bugcrowd
#medium
#writeup
10
85
247
Last year I set a goal of earning 25000$ in bounties for 2020. That’s a big goal for me based on 2019 bounties and keeping in mind that I’ve a full time job. I am so proud that I’ve completed my goal in 5 months and also ending my year at 47500$. Thanks to god,family&myself 🧡
16
3
248
CSRF attack to update email of any victim user leads to Account takeover. Received a bounty of 1500$ 🧡😇
#hackerone
#bugbounty
#csrf
10
21
245
IDOR - P1
Attackers able to fetch order details of any user.
* Captured a request like this in Burpsuite: /xyz?reservation_id=GUID
Difficult to guess other users reservation GUID.
* Manipulated like this: /xyz?order_id=<6 digit ID>
#bugbounty
#bugbountytips
#bugcrowd
6
23
231
When I started my bugbounty days I used to get many silly questions like how pro bugbounty hunters remember all the commands for tools,what attack?etc., Just wanted to let u all know it’s common, no one can teach u this except practice,just keep calm and practice : )
#bugbounty
6
17
221
Non-admin user can view role permission but cannot enable them. I inspected element and removed “disabled” from front end and able to update role permissions successfully. Will drop a writeup on this.
#bugbountytips
#bugcrowd
#bugbounty
8
26
220
After a long break, back to bug bounties and last 2 weeks went really well. I focused on single target for long time and the results are good!
#bugbounty
#bugcrowd
10
8
224
1. Testing an instance accessable to only employees through Login
2. Analysed source code and found a js file: /scripts/app-847d3aae5c.js
3. Used "LinkFinder tool" to check for endpoints
4. Found two endpoints disclosing admin and store details without authentication.
#bugbounty
10
57
214
Admin panel access:
1. Found a subdomain like this: admin.staging.<redacted>.ph
2. It’s directly asking me to signin using google OAuth > proceeded with signin
4. Voila!! it accepted me as admin and showing all developers details,merge requests etc.,
#bugbounty
#bugbountytips
10
54
207
Since my first day of joining on
@Hacker0x01
@jobertabma
I’ve submitted many reports to Hackerone and end result is always a Dup/informative. I didn’t give up and today I got my first valid find on Hackerone 🧡 This hits different
#bugbounty
#nevergiveup
16
5
209
1 Year for this cool bug I found in
#hackerone
private program. Got a reward of 4913$ for the same. Many of us ignore Oauth flows, but if you dig deep you can find ATO's 😁 I will try to publish a writeup soon on this
#hackerone
#bugbounty
#bugbountytips
#infosec
13
10
210
3rd P1-IDOR in last 18 days! 🥳
Similar to my previous finding, found another endpoint which discloses reservation details using "reservation_id" value [lengthy, alphanumeric]. I replaced that with "order_id" [6-8 digit numeric value]
#bugbountytips
#bugcrowd
#bugbounty
7
8
212
Found 403 bypass just now:
https://<redacted>.com/aspnet_client/
- 403
https://<redacted>.com/aspnet_client/.././
- 200 OK and landed on Login page [Still trying to escalate, let's see : )]
#bugbountytips
#bugbounty
5
47
206
Simple trick like this can get you a valid find. How many of you check this? Read privacy terms of target.
And yes it’s just a P4 so what!? You still helping company security to get better. (severity can be high when you are targeting big company 😉)
#bugbountytips
#bugbounty
14
31
202
Another default credentials P1(duplicate)
Username: Admin
Pass: zabbix
You can add it to your bruteforce list if you want!
#bugbounty
#bugcrowd
13
25
196
Another P1 from the same private program. I guess if you find 1 IDOR/BAC in a program, you might find many
: )
No special technique, same as my previous findings mentioned before in my tweets.
#bugcrowd
#bugbounty
7
5
188
#Bugbounty
#goals
2024:
This year has been a lazy hunting season in bug bounties but will pick up the pace in 2024.
1. Make $150K+ bounties
2. For the First time collaborate with other researcher.
3. Share more write-ups and bugbounty tips via Twitter!
Hopefully I’ll make it!
11
10
184
When you keep calm and hack this happens : ) Really loved the Feedback I have received. Much needed wings
#redbull
@intigriti
#BugBounty
10
7
178
When you are targeting e-commerce or Food ordering domains parameter tampering is a must. Updated quantity value to fraction value and able to order 45$ burger for just 0.45$. Finally this one got resolved. Writeup soon! : )
#hackerone
#bugbountytips
#bugbounty
#infosec
9
22
179
Iam not a bug bounty hunter because I love money. I’m a bug bounty hunter because I love being able to cancel all of my plans whenever I want to spend the day with family or myself 😇
#bugbounty
5
5
175
After a long break it took me almost 2 weeks to get back in streak. Hope I’ll continue this.
“agentid” variable in a graphql request is vulnerable to IDOR attack, resulting in viewing any agent details from any organisation.
#bugbounty
#bugcrowd
10
13
171
Earned 7900$ (+1500$ for still triaged one) for reporting multiple vulnerabilities 🧡 This one is special bcoz I worked even on new year nights for this.
Suddenly payoutrange was decreased otherwise would have cracked a big one but still happy 😇
#bugbounty
#bounty
#infosec
23
5
167
While hunting on this target, one specific role user is not allowed to login or access target directly but only via subdomain of that target. On further research, I found a cross instance IDOR on that subdomain with critical PII Leakage. I will drop a writeup soon.
#BugBounty
6
14
166
There goes another
#high
severity bug 🔥
1. CSRF validation missing
2. CSRF attack to Email change
3. ATO!
#bugbounty
#csrf
#hackerone
8
19
164
I woke up to receive this email today 🤩 Here comes my bounty in
#BTC
: 0.12684244 BTC (~5870$)
#bugbounty
#bitcoins
22
7
158
Unprivileged user able to fetch UUID of other users from this endpoint: ``/api/v1/REDACTED/subordinate_employees.json``. Copy paste the disclosed UUID in another vulnerable endpoint ``
https://target.tld/UUID``
to fetch full PII information.
#bugbounty
#bugbountytips
7
25
162
Just got
#Triaged
1. Found Blind SSRF in signup form.
2. Port scanning possible by observing the server response time.
I tried escalating this to fetch other sensitive data but failed if you have any write-ups plz do share. Good day!
#bugbounty
#bugbountytips
#bugcrowd
9
23
155
I found a vulnerability in private program, to use premium plan forever by downgrading the free premium plan on 29th day [out of 30 days free trial] and again upgrading to free premium plan on same day and getting another 30 days free premium trial
#bugbounty
#bugbountytips
7
23
148
Closing this weekend with another P1. IDOR attack able to read any conversation thread on the platform disclosing some private messages and PII details of all users part of conversation.
#bugbounty
#bugcrowd
#bugbountytips
6
8
152
P1 bounty in bday month is always special 🧡
Simple IDOR attack by enumerating the Order ID value. One endpoint closed as duplicate. I did further research and found another endpoint fetching the order details. lucky me not dup this time : )
#bugbounty
#bugcrowd
10
7
151
Here is my 2nd writeup this month. How I was able to fetch user details through signup endpoint
Do share If you come across similar reports/writeup's.
#BugBountyTips
#bugbounty
#infosec
#bugcrowd
4
54
149
Always check "unsubscribe" option at the bottom of email. sometimes this will give you un-authorized access to victims email settings. The url format [not always] will be like :
https://target/unsubscribe/Subscription.aspx?email=<victims_email>
#bugbounty
#bugbountytips
3
42
150
Sometimes you just gotta be smart 😂
1. Victim set SMS notifications off
2. Target has a flaw where anyone can add any users phone number
3. Attacker adds same phone number > Activate SMS notifications
4. Victim continues to receive SMS notifications
#bugbountytips
#bugbounty
6
17
143
Posting this since it’s special and it came after series of dups on that program 🧡 Yay, I was awarded a $1,500 bounty on
@Hacker0x01
!
#TogetherWeHitHarder
#bugbounty
12
1
141
I just published Bypassing email update restriction to change emails of team members writeup
#wrietup
#medium
#bugbountytips
#BugBounty
5
59
137
I’ve stopped posting about swags and rewards these days but this swag pack of Hackerone hoodie is special 🧡 Thanks for sending this
@Hacker0x01
#bugbounty
#hackerone
#hoodie
3
1
142
"Is programming mandatory to do Bug bounties?" Since this is a common question everyone is sending via DM,I would like to reply here-"No, in the beginner stage programming is not required, basic would be more than enough but to find major security loopholes you need to
#bugbounty
10
8
131
Last 3 days hunting on Hackerone 🔥 5 High , 3 medium and 1 Low. Since 3 days passed by I hope and wish none of them are dups 😂🙏🏼
#hackerone
#bugbounty
10
5
137
Stored Blind XSS story: When your bug bounty program gives you test credentials, still don’t forget to fill-up new business signup forms,demo forms etc., I filled one such form and got Stored Blind XSS after couple of days.
#bugbountytips
#blindxss
6
17
136
When user trying to update password, the request is not protected with csrf but asking for current password. This time tried signup via OAuth, now for password change current password is not required. CSRF attack to update password 🔥
#bugbountytips
#bugbounty
6
33
130
Lost another P1 . Login request parameter is vulnerable to Sql injection.
#bugbounty
#bugbountytips
#SQL
3
11
137
As I always say don't worry too much about finding Critical/P1's. Try to break stuff to find cool bugs : ) I just published short writeup which falls under this category I found similar issues in multiple programs thought its good to share with you guys.
6
34
135
Although I found many valid finds on
@Hacker0x01
platform. Since my joining I always failed to find a valid non-duplicate find one Hackerone. I did it last night and I’m happy : )
#hackerone
#bugbounty
14
5
130
Why analysing source code is Imp.:
1. Testing subdomain where signin/signup options not visible in UI
2. Used Linkfinder to find endpoint:"/profile"
3. <target>/profile took me to signup/Signin page
4. Found application wide CSRF including email update
#bugbounty
#bugbountytip
0
40
128
Useless endpoint to RXSS:
1. Used Linkfinder to check if I can find any sensitive endpoints
2. Ended up finding this: "php/terms/view?liso=<somethingsomething>" but no sensitive data exposed but one of the parameter is vulnerable to Reflected XSS.
#bugbounty
#bugbountytips
5
34
132
Finally!! Member of
@SynackRedTeam
@synack
..
@ADITYASHENDE17
@niksthehacker
Thanks for the referral and boost up! 🔥🤝
#bugbounty
#synack
14
3
127
Another P1! Algolia Misconfiguration issues are still out there. Check the permissions allowed for the disclosed Algolia API key and show them the Impact.
#bugbountytip
#bugbounty
#bugcrowd
5
14
129
As I promised myself bounced back. Last 30 days 8000$+ 😇🙌🏼
#bugbounty
#bugcrowd
Didn’t reach my goals in bugbounties this year But I’m damn sure I’ll bounce back next year!🤘🏼
8
0
80
4
7
125
CSRF protection missing for select and cancel promotion action in a private program. Received a bounty of 800$ . More to come 🧡
#hackerone
#bugbountytips
#bounty
#infosec
8
5
124
Thanks for the 4K love. A btech boy who is completely clueless of what he is doing in college to till now, It’s a long journey. I’m extremely fortunate to make 4K family on Twitter. I’ll continue to be helpful for others with my little knowledge. Jai hind 🇮🇳
#bugbounty
10
1
122
Always check if you can increase the impact before reporting. I escalated the severity by showing how I can change admin details and fetch sensitive data using console.
#bugbountytips
#bugbounty
#hackerone
6
8
120
When you see a complex website don’t ignore immediately(I used to do it back then). Focus on your strengths first, my strengths are Access control,business logic,Authentication issues. Once you do that then you will get confidence to test other attacks.
#bugbountytips
#bugbounty
4
13
115
This is where I spend most amount of time in a day hacking. Show me your place! 😄
15
0
115
When you are testing E-commerce websites, try to find any expired discount/coupon codes and check if they are still working. I found couple of codes via Google dorking which are supposed to be expired by now, reported via h1 and got rewarded today.
#bugbounty
#BugBountyTip
6
16
112
“Don’t ever let someone tell you, you can’t do something. You got a dream, you got to protect it. You want something, go get it. Period!” - 👏🏼 My fav dialogue from Pursuit of Happiness 🧡
3
7
113
10
2
112
Not a severe one but loved the way I found this:
(1/2)
1.
http://time.<redacted>.com
- Response in UI - "Nothing here"
2. Used waybacktool and found few paths and one interesting path is like this:
http://time.<redacted>com/mc/v1/authorize/ussd/ask_msisdn?
3
19
114
I’ve always dreamt of replacing “-“ with some under 100 rank and here it goes for the first time I’m on 90 days top 100 list 🧡 Thank you
@Hacker0x01
10
1
111
1. Creating a resource - IDOR protection exists
2. Editing already created resource - IDOR protection missing
#bubounty
#BugBountyTips
#IDOR
2
7
107
Quick suggestion to beginners: For XSS related bugs first check with html payload. Don’t go directly with injecting XSS payload because sometimes if one payload didnt work we simply skip further testing. In this case you can atleast end up reporting HTML injection/SSTI bugs : )
4
26
108
Thanks for this awesome swag
@Hacker0x01
I’ll consider this as my Christmas gift 😍🧡
#hackerone
#bugbounty
#swag
5
3
105
7
3
108
CORS + CSRF writeup is in draft state. I will try to publish by tomorrow, sorry for the delay 🙏🏼😇
5
2
104
I’m shocked to see a recent fake bounties news in twitter but plz try not to highlight their name/image, Although I’m completely against of this fake screenshots thing attracting beginners but we should be little sensitive about such matters - “Just my opinion”
#BugBounty
7
6
103