@PentesterLandEn profile picture
PentesterLand @PentesterLandEn

WNMC Penetration Tester RedTeamer BugHunter

Joined February 2024
  • Tweets 151
  • Following 81
  • Followers 3,770
34 Photos and videos
Pinned Tweet
PentesterLand@PentesterLandEn
21 Jul 2025
I love Bug Bounty because it has helped me get everything I desire and build them myself #bugbounty_results
35
12
452
33,428
In this month i bypassed many wafs -> xss Simple tip use: location.href = window.name How? When your string in event or js structure and waf detects () or ` or etc You can use this trick and call the vuln path with another domain(attacker domain) 1/2 #bugbountytips

Dave Vieira-Kurz (@secalert) on X

🇧🇷 Full-time Security Ninja since 2007. I have Shuriken throwing stars in my tool chain. 🇩🇪

x.com
PentesterLand@PentesterLandEn
Jun 10
I earned $7,500 for my submission on @Bugcrowd After 6 months again i tried to find reservation second order idor (on YouTube i taught that) & again it worked It”s not common vulnerability but when you find that,you can be sure it will be “triagged” #bugbountytips #ItTakesACrowd
1
15
198
10,726
add payload on window.open(“target.com/?q=<img src onerror=‘location.href=window.name’> ”, “javascript:<YourPaylod>”) The first input in window.open depends on your attack senario #bugbounty #xss #javascript #bugbountytips 2/2

1
4
30
850
I earned $7,500 for my submission on @Bugcrowd After 6 months again i tried to find reservation second order idor (on YouTube i taught that) & again it worked It”s not common vulnerability but when you find that,you can be sure it will be “triagged” #bugbountytips #ItTakesACrowd
5
6
224
16,818
Radhe Radhe 🙏 May also end with 4 digits 😄 Bounty announced within 4 hours — probably my fastest bounty of 2026 so far. Multiple reports currently Triaged, and in Pending state. Consistency beats luck. Keep hunting. #BugBounty #BugBountyHunter #bugcrowd #rocksec #hacking
13
7
191
5,695
We are trying to cover all vulnerabilities on real world applications Use specific tricks & tips in our hunt for technical vulns (server & client side) and logical vulnerabilities YouTube: PentesterLandEn, i show some tips but in live hunt we work just on real targets #bugbounty
neema _ نیمای دست قیچی@neemaaf
Jun 9
Being part of the @PentesterLandEn mentoring Now, we”re taking it to the next level by more live hunting sessions for our community. We arent just talking theory; we’re hunting, find vulns, and building the hacker mindset together Want to join us? pentesterland_supporter on tlg
2
11
626
More than 10,000$ just by one service? 🚨 During Red Team or Bug Bounty engagements, you may find a Nexus Repository Manager instance and ignore it. I reported many reports with it in h1 & bugcrowd instagram.com/p/DYWO5dvDVCW/… #BugBounty #RedTeam #bugbountytips #bugbountytip

‎آموزش هک | برنامه نویسی | تکنولوژی (@pentesterland)‎ • Instagram photos and videos

instagram.com
5
42
1,634
Tomorrow at 6:00 PM UAE time, this class will begin. The goal is to teach all possible topics from foundational to advanced levels, turn them into a customized methodology, and ultimately apply them to high-value targets and public bug bounty platforms. #pentest #bugbounty
This tweet is unavailable
2
9
1,026
For join to class and register send message on telegram to: pentesterland_supporter
4
475
I hope you enjoy my presentation. All labs are based on real POCs.(do”nt miss service hunting concept which method i earned 10k just for one report last month on public program on H1) youtu.be/QRoFIWwQUCI?si=jk5i… Special tnx @HackwithIndiaa #bugbountytips #bugbountytip #bugbouny

PentesterLand | Live PoC worth 20000$ at India’s Biggest Live Hacking...

🔴 HackwithIndiaa — India’s Biggest Cybersecurity Live Event🔴Watch...

youtube.com
1
6
55
4,696
For register and enjoy the conditions and receive a section of previous course(Bonus of @HackwithIndiaa live) You can send a message to the following address in Telegram: pentesterland_supporter #BugBounty #Pentest #redteam
PentesterLand@PentesterLandEn
27 Dec 2025
A Broken Access Control scenario no one has talked about before. Not a recycled bug. Not a misconfiguration. A new access control logic pattern with real exploitation impact. 🔥 Watch: youtu.be/X3oj-nx6580?si=mYnh… #bugbountytips #bugbountytip #bugbounty
1
12
1,145
PentesterLand retweeted
PentesterLand@PentesterLandEn
27 Dec 2025
A Broken Access Control scenario no one has talked about before. Not a recycled bug. Not a misconfiguration. A new access control logic pattern with real exploitation impact. 🔥 Watch: youtu.be/X3oj-nx6580?si=mYnh… #bugbountytips #bugbountytip #bugbounty
9
55
295
34,944
I created a writeup post with my language but if you add comment on this post on instagram it will send to your direct and you can use translations for change it to your language Just add comment on this post and check your : instagram.com/reel/DSXVKl7Do… #bugbountytips #BugBounty

‎آموزش هک | برنامه نویسی | تکنولوژی (@pentesterland)‎ • Instagram reel

instagram.com
PentesterLand@PentesterLandEn
29 Dec 2025
I earned $10,000 for my submission on @bugcrowd #ItTakesACrowd Extra bounty When the target pays more than the bounty amount, I’m like this: Do not miss the last video on YouTube channel: PentesterLandEn instagram.com/reel/DS1lHg7iC…
6
5
103
5,386
I earned $10,000 for my submission on @bugcrowd #ItTakesACrowd Extra bounty When the target pays more than the bounty amount, I’m like this: Do not miss the last video on YouTube channel: PentesterLandEn instagram.com/reel/DS1lHg7iC…
11
8
378
16,750
New vulnerability type Subclass of BAC Discoverer: Me You can use this for earn many bounties, because it is unique If you have any questions, ask me on YouTube and i”ll answer to all questions #broken_access_control #bugbountytips #new_idor #bugcrowd #hackerone
PentesterLand@PentesterLandEn
27 Dec 2025
A Broken Access Control scenario no one has talked about before. Not a recycled bug. Not a misconfiguration. A new access control logic pattern with real exploitation impact. 🔥 Watch: youtu.be/X3oj-nx6580?si=mYnh… #bugbountytips #bugbountytip #bugbounty
2
33
4,402
Dear Erfan, Keep pushing forward with even more strength. You are incredibly talented and have a bright future ahead of you. Your results in bug bounty and penetration testing will become even more impressive and outstanding in the near future I am proud of you ❤️‍🔥🙏🏼 #bugbounty
Erfan@Erfix_Hunter
9 Dec 2025
Today I’m excited to share another milestone in my bug hunting journey. I recently submitted a vulnerability report to Google’s Vulnerability Reward Program, and the issue was accepted, with the severity upgraded from S4 to S2 by the Google security team Mentor @PentesterLandEn
11
1,781
Consider incorporating SVG Smuggling and HTMLSmuggling vectors into your bug bounty reports(XSS). They frequently result in higher-impact findings and increased bounty rewards. Trust me😉 by these techniques, over 70% of them escalated to P2/P1 severity #bugbountytips #BugBounty
4
9
107
6,510
Stay tuned for the next videos The next video is about a little-known method of broken access control and the video after that is about a 100% private method of broken access control #bugbountytips #bugbountytip
1
16
1,197
I love Bug Bounty because it has helped me get everything I desire and build them myself #bugbounty_results
35
12
452
33,428
Update:
0:28
3
28
1,489
The questions people ask @grok say more about us than about AI. That’s when it hit me: AI will control us not with force, but by shaping what we want to know. And the wild part? We’ll gladly let it. 😁
1
18
2,679
Load more