InfoSec Enthusiast | Iโm here to avoid my friends on Facebook
Joined May 2010
- Tweets 389
- Following 324
- Followers 1,104
- Likes 2,332
91 Photos and videos
TvM retweeted
Jan 12
Happy Arcanum-versary!
@arcanuminfosec 's 1st giveaway for the week is FOUR seats to our EPIC Advanced Client-Side Hacking course by myself and @xssdoctor !
๐ 1 Like = 1 Entry!
โป๏ธ 1 Share = 2 Entries!
Winners announced 1/21!
Syllabus for the course below ๐
52
295
589
19,848
No matter how much you think you know about Recon, a @Jhaddix talk will always prove thereโs more to learn. Constant value every single time. ๐ต๏ธ
โ#CyberSecurity #Pentesting #BugBountytips #BugBounty
youtu.be/B1YcflQRvOI
1
159
๐คฏ Jumping into Bug Bounty? Stop manually sifting through minified JS!
โIt's a known fact: Javascript files are a GOLD MINE for security bugs. This extension turns minified chaos into readable code instantly. ๐
โ chromewebstore.google.com/deโฆ
โ#BugBounty #WebSecurity #infosec
153
My Twitter algorithm is convinced I need more low-quality content and questionable influencers. ๐คฆ I'm fighting back!
Send me your best recommendations for top-tier #Cybersecurity and #BugBounty accounts to follow. Help me fix my feed before it's too late! ๐
1
82
Great writeup โ concise well-explained. A fantastic primer for new bug bounty hunters just getting started, perfect for learning how small issues chain into account takeover๐ zere.es/posts/cache-deceptioโฆ
by @j_zere
#bugbounty #appsec #infosec
10
33
2,274
Resolutions for 2025:
โ read the books I bought
โ finish the udemy courses
โ finish all the @PortSwigger labs
โ read bookmarked articles
โ view all YouTube "watch later" videos
โ
1
164
Step by step guide to becoming a Cyber Security Expert in 2025 roadmap.sh/cyber-security
107
Here's a nice way to spend the evening...๐ฟ
It took a while, but it's here.
Thank you @defcon @Rhynorater
youtu.be/TqKb7h8VFcA
7
621
youtube.com/@fatalsec
YouTube channel full of good information for those who want to gain hands-on experience in mobile security. Very useful when the targets have a mobile application ๐ฑ๐
@SecFatal
3
179
I've just seen the latest episode, and once again... ๐คฏ
Thank you @fransrosen & @ctbbpodcast for sharing ๐
The X-Correlation between Frans & RCE - Research Drop (Ep. 86)
youtube.com/watch?v=YLdqWZ_Eโฆ
1
10
49
20,775
Btw @Rhynorater, will the talk โTop War Stories from a TryHard Bug Bounty Hunterโ be available online? ๐
1
2
459
Successfully installed the Burp certificate on Android 14 (rooted/Magisk) ๐ซ
Download the zip: github.com/AdguardTeam/adguaโฆ
Edit post-fs-data.sh:
AG_CERT_HASH=9a5ba575
AG_CERT_FILE=/sdcard/9a5ba575.0
Install the zip as a Magisk module, reboot.
Done! #bugbountytips #BurpSuite
1
3
282
Hi @OSINT_Tactical / @Gralhix , do you know of any blogs or posts (apart from gralhix.com๐
) with real cases in which OSINT played a decisive role? That could help a noob like me discovering new techniques and see them work in practice.
155
My methodology relies heavily on dirty bash one-liners (sed,grep,awk) to automate tasks and it's getting slower and slower when I need to process large files
I decided to ask ChatGPT to help me convert some of the scripts to rust๐ฆand damn it,it's gone from several mins to 5/10s
1
1
325
I knew people said that Rust is fast, I didn't know it made that much difference... ๐คฏ
Note: I've never programmed anything in rust and it compiled everything on the first try, just copy paste the ChatGPT output to a file
#rustlang #bugbountytip #ChatGPT
140
Quick-and-dirty way to return all combinations of url paths. e.g. Use as input for web fuzzers/nuclei to maximise findings...๐ป๐ชฒ
cat links | rev > _tmp ; for i in {1..10}; do sed -r "s/^[^/]*?\///g w /dev/stdout" _tmp -i ;done | rev |sort -u| sed "s/$/\//";rm _tmp #bugbountytips
1
7
714
Hi @djpaterson93, I like the way you explain how the features work and maybe you can enlighten me about Burp XSS Reflected scans (Insert Points -> only URL param values). It sends 5 requests per param,even if they are dummy, which are never reflected in the response...
4
589
Is this normal? Because when I have thousands of links to test,some with dozens of parameters,it seems inefficient to me to send thousands of "unnecessary" requests, but I'm probably not contemplating some scenario๐
And unlike Open Redirect Reflected it only tests with 2 request
143