1- Fuzz tagert

2- login/cpanel redirect me to endpoint that's display all login attempets with users IP and usernames

#bugbountytips #BugBounty

sorry it's wrong photo but i get 2 high bugs from this endpoint, second bug is

1- I tell you before that's endpoint print usernames
2- so i put xss payload in username input
3- now this endpoint is vurnable to stored xss

just replace photos 😂

#bugbountytips…

POC of sample type of cache posining you can test it
By: lazy pentester

https://t.co/dvNCjtxJZb

#bugbounty #bugbountytips

Good tips if you start burp suite to avoid hanging
Part 1

Firstly go to scope settings Click on (use advance scope control)
click on add and add your scope for example add (yahoo) word

#bugbounty #bugbountytips

Just don't forget to check resolved reports

1 critical = 2 criticals

Bug details after real reolve 😂

#bugbountytips #bugbounty

Quick tip that's will help you to choose your program

when you see (Safe Harbor - Gold 1) in program at hackerone that's meaning

1- Quick reply
2- Quick relove reports
3- reply in weekend day's
4- Collaborative to solve problems

#bugbountytips #BugBounty