عاقبت رقص کنان پیش خدا خواهم رفت؛
Joined March 2018
- Tweets 48,729
- Following 465
- Followers 1,400
- Likes 132,942
3,316 Photos and videos
MJ_The_DJ🇮🇷 retweeted
Burp SuiteのRCE的なやつ〜
諸々含めて大変優しくしていただき、大感謝☺️
Burp Suite Professional: browser-powered crawl can write attacker-controlled files through file input handling hackerone.com/reports/371227…
5
18
119
6,842
MJ_The_DJ🇮🇷 retweeted
16 Aug 2025
昨日は #PentestSecJP ありがとうございました!
HavocベースでCrowdStrike、MDE、Cortexの検知を回避しつつ、C2を確立するまでの一例とその他諸々を紹介させていただきました😶
当日触れきれなかった部分もあるので、ご興味ある方いたらぜひー
docswell.com/s/kawakatz/ZJQN…
1
43
180
16,649
MJ_The_DJ🇮🇷 retweeted
11 Jul 2025
this is the full write-up about how i turned a simple html injection into ssrf in a pdf generation feature
medium.com/@0x_xnum/how-i-es…
#bugbounty #bugbountytips #bugcrowd
2
28
145
6,294
MJ_The_DJ🇮🇷 retweeted
3 Jan 2025
Breaking Down Multipart Parsers: File upload validation bypass:
blog.sicuranext.com/breaking…
2
8
416
MJ_The_DJ🇮🇷 retweeted
Jun 12
Built 2 free browser-based recon tools for bug bounty 🛠️
No install, no API keys, nothing logged.
🔍 Subdomain enum → recon.rootxvishal.com
🕸️ Passive URL crawler → crawler.rootxvishal.com
Open a tab, type a domain, go. Authorized recon only free sources, so a source may rate-limit/block occasionally.
#BugBounty #Recon #OffensiveSecurity #InfoSec #CyberSecurity #OSINT #PenetrationTesting #AppSec #bugbountytips
20
122
5,351
MJ_The_DJ🇮🇷 retweeted
Jun 12
My new tool
Built a Shodan IP collector that costs $0 in API credits.
Uses facet pages 3-level sub-querying to extract ~95% of all IPs for any query.
SSH(port:"22") 18M IPs? No problem. Free account? Works.
Free & open-source ↓
github.com/aheybati/shodan-f…
#SecurityResearcher
7
55
1,943
MJ_The_DJ🇮🇷 retweeted
Jun 10
Scriptwriting with Claude Fable 5 Higgsfield MCP is on another level.
Both videos made using Seedance 2.0.
Jun 10
Claude Fable 5 Higgsfield MCP is insane.
You can now build a playable game with a full story and stunning visuals from one click. Fable 5 researches your idea and writes the game. Higgsfield MCP generates all the assets.
On Higgsfield Supercomputer and in Claude via Higgsfield MCP.
114
232
2,203
285,769
MJ_The_DJ🇮🇷 retweeted
Jun 10
🚀 Introducing PAWN — our new AI-powered bug bounty research assistant.
• Recon & attack surface mapping
• Scope navigation & Vulnerability triage
• Severity assessment & Report writing assistance
No hype. No magic. Just practical guidance.
Coming soon🐼
#hackmetoo #bugbounty
2
3
115
A few people asked what I mean by "cluster, rank, flag" in my recon workflow.
Here's the 3-step flow I use after gau, Wayback, Shodan, JS miner — and what each word actually means 🧵
#bugbounty #infosec #recon
You know AI is good at analysis.
I use it at step one of every attack — recon.
Not replacing my tools. Fixing the part that used to break me: making sense of the data.
#bugbounty #infosec
1
5
19
1,457
MJ_The_DJ🇮🇷 retweeted
امروز توی یکی از اتوبوسای خط علومتحقیقات_ آزادگان این آگهی رو دیدم. نمیدونم چقدر احتمالش هست که گمشده اینجوری پیدا شه، ولی اعلان رو به اشتراک میذارم. شاید کمکی شد:
49
991
11,049
232,038
MJ_The_DJ🇮🇷 retweeted
I created a Telegram channel where golden tips, summaries, and insights on how to find bugs in write-ups and articles (extracted by AI) are shared. This way, you don't need to spend an hour reading a write-up only to find a simple random XSS.
t.me/WGPE0o0
2
13
1,223
MJ_The_DJ🇮🇷 retweeted
Jun 8
اگر تو قزوین زندگی میکنید و جایی رو میشناسید که نیرو میخواد، لطفاً این پست رو بیتفاوت رد نکنید.
من برنامهنویس وب هستم، ولی الان برای گذروندن زندگی حاضر به کارگری و هر کار شرافتمندانهای هستم.
فقط به خاطر آسیب قدیمی پا و آسم نمیتونم کارهای خیلی سنگین انجام بدم.
20
372
813
27,382
I just published a full write-up about how I discovered a Critical PII leak using google dorking and fuzzing
in a private bug bounty program in bugcrowd .
medium.com/@mrx_w_/how-i-dis…
#BugBounty #BugBountyTips #Bugcrowd #CyberSecurity
@Bugcrowd
6
16
217
8,629
Jun 8
I completed the Web Security Academy lab:
SQL injection UNION attack, retrieving data from other tables
@WebSecAcademy
portswigger.net/web-security…
1
108
MJ_The_DJ🇮🇷 retweeted
Time for another giveaway!
We will pick 6 winners to win one of the following:
1x Annual VIP @hackthebox_eu Licence
5x @PentesterLab 3 Month Licences
To enter:
1️⃣ Follow us @BugBountyDefcon
2️⃣ Like this post ❤️
3️⃣ Re-tweet this post 🔁
Giveaway open until Monday June 15th! GOOD LUCK!
100
358
467
17,088
MJ_The_DJ🇮🇷 retweeted
ویدئوی کامل ضبطشدهی نخستین جلسهی دورهی رایگان «ورود به دنیای هوشمصنوعی»
youtu.be/YVsoJnHK0ow?si=Iy6O…
188
532
5,811
212,297
MJ_The_DJ🇮🇷 retweeted
13 Dec 2022
My first blog post about analyzing windows defender is out! Fuzzing the Shield: CVE-2022–24548 - medium.com/s2wblog/fuzzing-t…
2
179
476
MJ_The_DJ🇮🇷 retweeted
🚀 Course 2: Recon & OSINT is NOW LIVE!
Learn how to discover attack surfaces, uncover hidden assets, and gather intelligence like a pro. 🔍⚡
✅ 7 Modules
✅ 42 Lessons
🌐 hackmetoo.com/register
#OSINT #Recon #BugBounty
1
2
575