sᴇᴄᴜʀɪᴛʏ & ɴᴇᴛᴡᴏʀᴋ ᴀɴᴀʟʏsᴛ | ᴇᴛʜɪᴄᴀʟ ʜᴀᴄᴋᴇʀ | ᴠᴀᴘᴛ sᴇᴄᴜʀᴇᴅ 𝟹𝟶 ᴄᴏᴍᴘᴀɴɪᴇs
Joined December 2021
- Tweets 55
- Following 288
- Followers 59
- Likes 461
11 Photos and videos
14 May 2025
Honored to attend BlueHat India 2025
as a Microsoft Most Valuable Researcher (MVR)
An inspiring journey, proud moment, and unforgettable experience.
@MSFTBlueHat @msftsecresponse @msftsecurity
2
5
187
cyber_catz retweeted
14 May 2025
4
23
1,298
2 Jan 2025
Kicking off 2025 with my first swag as a Most Valuable Security Researcher from Microsoft! 🎉
Thanks to the @msftsecresponse team for this recognition. Excited for an impactful year ahead and aiming for the next MVR!
#Microsoft #Mvr #MSRC #Swag
1
2
118
7 Aug 2024
Proud to announce I'm recognized as an MVR by MSRC, ranking 66th globally! Thanks to @msftsecresponse for this honor and acknowledgment of my hard work.
#MSRC #Top100 #Cybersecurity #microsft
2
16
898
23 Jul 2024
Happy to receive my MSRC swag for being a Quarterly Leaderboard Researcher for Q3'2023, Q4'2023, and Q1'2024! This recognition fuels my passion for improving security. Big thanks to the @msftsecresponse team for their support!
#Microsoft #swag #bugbounty
1
12
898
cyber_catz retweeted
16 May 2024
We're excited to welcome security researchers partnering with Microsoft to #BlueHatIndia 🙌
16 May 2024
4
16
6,921
14 Feb 2024
Attacker injects html code in one of the victim chat, once the victim opens the message, the victim IP address and OS and Browser information is also found, I share the vulnerable URL associated with that site user, I got all the user IP, so please provide the impact for this ?
2
183
14 Feb 2024
Immediately i tried to generate xss in forum but unfortunately not working so intercept request and enter“Test123” and its comes in burp<p>Test123</p> now change iframe payload and send request xss will trigger in browser but i can save that forum page could not Does anyone know?
1
1
192
cyber_catz retweeted
6 Feb 2024
Path-based xss with diffrence type methods
1: Inecject payload in every path and check xss
2: append fake parameters in every path and check xss vulnerability
3: made poc for you in your terminal
line - pastebin.com/YTKZUcs6
#infosec #bugbountytips #cybersecurite
40
110
5,139
cyber_catz retweeted
18 Jan 2024
Alhamdulillah, another $1750 bounty from Indeed. First bounty in 2024 so far, looking for more from indeed ✌️✌️
Bypassing previous reports is always fun
#bugbounty
#informationsecurity
#infosecurity
21
13
301
17,383
cyber_catz retweeted
18 Jan 2024
Indirect prompt injection is so crazy I think it might become the new blind XSS. Here’s the attack in a nutshell, illustrated by @WebSecAcademy
7
100
475
50,443
cyber_catz retweeted
27 Nov 2023
I have found about 50 XSS on a single program,
using my automation progress that's you will find it here x.com/0xElkot/status/1595549…
and @SirBagoza Tips on his videos.
#bugbountytips #xss #hackerone #h1
23 Nov 2022
Hi guys , If anyone interested on Bug bounty automation see this article
medium.com/@0xelkot/how-i-ge…
#bugbountytips #SQLi #XSS #LFI #Recon
15
76
371
53,426
This year I Completed 500k in bounties
Most rewarded vulnerabilities and the ones I always focused since the beginning:
1. XSS (all types)
2. Cache Poisoning
3. BACs
Reached this amount totally from scratch, learning from the internet.
No certs.
0 Automation.
0 Collabs.
119
131
1,664
233,942
cyber_catz retweeted
25 Nov 2023
Burp Ex
403 Bypasser
5GC API Parser
Active Scan
Backslash Powered Scanner
CO2
IP Rotate
J2EEScan
JS Link Finder
JS Miner
Logger
Log Viewer
GAP
Distribute Damage
IIS Tilde
Look Over There
Param Miner
Software Vulnerability Scanner
SAML Raider
Autorize
Encode IP
Asset Discovery
20 Nov 2023
Burp with 20 extensions, ffuf , waymore , amass , httpx , naabu , Arjun , Sqlmap , shodan cli , gittools
all this tools favorite equally for me
14
308
1,075
106,634
cyber_catz retweeted
20 Oct 2023
💻 Bypassing AWS Waf | P2💻
1
23
136
11,130
cyber_catz retweeted
12 Oct 2023
iOS Pentesting Series
Learn how to work with useful tools and apps such as Frida, Objection, 3uTools, Cydia, Burp, fsmon, fridump, SSL bypass, reFlutter etc.
Part 1: kishorbalan.medium.com/start…
Part 2: kishorbalan.medium.com/ios-p…
Part 3: kishorbalan.medium.com/ios-p… via @KishorSec
ALT iOS Pentesting Series
6
224
664
83,571
cyber_catz retweeted
6 Jul 2023
I found a SQL on one URL but properly secured.
But found @LiveOverflow new video "HTML Sanitizer Bypass Investigation". I give it a try and I was able to bypass Cloudflare which leads to XSS.
payload: '<00 foo="<a href="javascript:alert('XSS-Bypass')">XSS-CLick</00>-- /
6
75
304
22,818
cyber_catz retweeted
14 Jun 2023
"🎉 GIVEAWAY ALERT! 🎉 We're excited to announce that we've made some improvements to our service at VulnVision! To celebrate, we're giving away 5 FREE accounts to lucky winners. To enter, simply follow @VulnVision and retweet this tweet. Winners will be announced next week.
9
93
64
14,275
cyber_catz retweeted
2 Jun 2023
Accessing Admin Page via Blind XSS $1000 🦊
github.com/NafisiAslH/Knowle…
#bugbountytip
3
41
167
11,363