@bug_bounty_tips profile picture
Bug Bounty Tips @bug_bounty_tips
Joined March 2023
  • Tweets 45
  • Following 5
  • Followers 3,348
44 Photos and videos
Fuzz all the things, they say. So next time you're testing a Drupal site, remember @adrien_jeanneau's excellent #BugBountyTip! #HackWithIntigriti #BugBountyTips
2
28
72
5,621
BOUNTY TIP: Get yourself a nice bounty present by buying giftcards with birthday discounts 🎁! Repeat & recycle your gift cards to generate infinite money. πŸ’°πŸ€‘Thanks, and happy (real) birthday, @securinti! πŸ‘‘πŸŽ‚#BugBountyTip #HackWithIntigriti
6
25
3,688
Alternate data streams sound like this 🀯 to you? Well, thankfully we have @almroot jumping in to help, telling us how to leak source code or bypass authentication with that πŸ¦€ #bugbountytips πŸ‘‡
1
16
83
8,474
SSO redirects can be deceiving 😈 Always scan SSO endpoints before redirection! Thanks for the #BugBountyTip, @Th3G3nt3lman! #BugBountyTips
2
11
44
3,270
A PDF file can tell more than you think! Great advice from @QuintenBombeke! #BugBountyTip #HackWithIntigriti #BugBounty
7
29
2,460
Local file inclusion vulnerability found but no idea for further exploitation scenarios? Well, try going for a remote file inclusion vuln πŸ”₯ @PinkDraconian is coming in to help us out today! 🎸 #bugbountytips πŸ‘‡
1
8
41
2,704
Woa, this #BugBountyTip from @hakluke works surprisingly well! Someone please automate this πŸ™ #BugBountyTips
6
48
221
11,990
Context is key. Find out what your target cares about to score higher bounties. Great advice from @jackds1986! #BugBountyTip #HackWithIntigriti
4
14
1,260
Ever put yourself into the shoes of a DEV? It's not an easy job and sometimes you forget to remove some dev tools from production code πŸ› οΈ @alph4byt3 is helping us out today with his #bugbountytip! He also has a handy tool to share -> hubs.li/Q01Gc7fQ0 #bugbountytips πŸ‘‡
1
35
105
7,171
In #BugBounty, one character can make a huge difference. Always make sure to also append a slash to your directory bruteforces, so you don't miss out on directory listings! Thanks for the #BugBountyTip, @StanFaas! #BugBountyTips #HackWithIntigriti
3
54
213
17,106
Start your weekend & your recon with this #BugBountyTip from @hacker_! But remember... always stay in-scope! πŸ˜‰#HackWithIntigriti
13
69
4,513
Ever dreamed of magically finding SSRF vulnerabilities? πŸ¦„ Well, thanks to @Regala_ and today's #bugbountytip, this is finally becoming reality! #bugbountytipsπŸ‘‡
8
210
602
41,136
Everyone uses generic wordlists, so unless you want to find duplicates, create your own! Target based wordlists are easy to compile and often result in easy bounties, even on public programs. Thanks for the #BugBountyTip, @Rhynorater! #BugBountyTips
18
65
3,734
Bug bounty tip: if none of your XSS payloads are firing - try to insert them through the API! 😈#BugBountyTip #HackWithIntigriti
1
16
78
5,107
Finding juicy information is not always a one-step process! πŸ’‘ @Random_Robbie helps you with today's #bugbountytip to find your way through the maze! #bugbountytips πŸ‘‡
15
74
3,483
One character, 5 digit bounties! πŸ’° This #BugBountyTip from @filedescriptor (@0xReconless) is a classic example of "think like a developer". πŸ‘‡ #BugBountyTips #HackWithIntigriti
14
51
3,915
Have you ever checked the text version of a HTML e-mail for template injection? Always make sure to inspect the original e-mail source for hidden treasures πŸ•΅. Thanks for the #BugBountyTip, @honoki! #HackWithIntigriti
7
36
3,138
Found a potential SSRF vuln but no luck? Don't give up just now! πŸ’ͺ @joohoi is helping us out today with his #bugbountytip πŸ§‘β€πŸ’» #bugbountytips
1
19
98
4,050
This is your weekly reminder that you can use any arbitrary amount of 0️⃣'s in an IP address to bypass SSRF blacklists. Thanks for the #BugBountyTip, @naategh_! πŸ‘Œ
9
59
10,958
The X-Forwarded-For header turns out to be a perfect place to hide your blind XSS or SQL injection payloads, according to @_zulln. Thanks for the tip, Linus! #BugBountyTip #HackWithIntigriti
2
26
109
7,133
Load more