Here is the solution for both of the challenges!

We will be conducting a web recon workshop again for beginner-intermediate bug bounty hunters where you will learn how to dive deep into the target in this month! Stay Tuned

In a recent penetration testing engagement, I was able to find an api endpoint which was disclosing every user's information present on the web page without any authentication!!

Here's what i did:
1. Used ffuf with valid cookies and headers to enumerate the content.
2. After the discovery of this endpoint, I simply remove the required cookies & headers.
3. I was still able to fetch the data!

As always, a proper reconnaissance is necessary to uncover interesting vulnerabilities!

Finally we have completed our first workshop i.e Web Reconnaissance! I really hope that all our participants have learned something new & interesting that will help you all to upskill your recon game! Keep Hacking Everyone🤖

New Batch for this same workshop will be releasing soon this month! Stay Tuned❤️

New video will be releasing within an hr!

Hi everyone, the new video is out! learn how you can use sqlmap effectively to hunt for sql injection vulnerabilities!
Check it out:
https://youtu.be/ciHcdiQ_GJ8

Today i spent most of my time in crafting a payload that can bypass cloudflare and finally got one! I immediately tested the payload on few websites that were protected by cloudflare and successfully got the xss triggered!!!!

Reported this issue to the bug bounty program! Hoping for the best❤

I will release a video on it very soon!

Here's the xss payload: <button%20popovertarget=x>Click%20me</button><img%20onbeforetoggle=alert(1)%20popover%20id=x>XSS

For those who were asking me how i created this, I actually used the same method discussed in this video: https://www.youtube.com/watch?v=4_VbPem6gxI

Hi everyone, We are excited to announce the second batch for web reconnaissance workshop!


If you are a beginner or someone who wants to upskill your recon game then this workshop is for you! Throughout these 7 days, we will explore various methods & techniques that will not only help you to get the basics but also it will help you in creating your own methodology!

You can use the link below to register into this workshop
-------------------------
For People Living In India:
Link: https://pages.razorpay.com/bepracticalWorkshop
--------------------------
For People Outside India:
Link:

https://pages.razorpay.com/bepracticalInternational

[Please make sure to Pay Using PayPal Only]
--------------------------

Last Date Of Registration: 15th July 2024

Looking forward to see you all in this workshop!!!

5 days left for registration!

This was the feedback of previous workshop on reconnaissance. We are really grateful that those who enrolled into the session got to learn something new/interesting and were able to improve their recon game!🎉

Hey everyone,

I'm thrilled and deeply grateful for the incredible response to our first web reconnaissance workshop! Your enthusiasm and feedback were amazing, and it's clear that many of you are eager to enhance your bug bounty hunting and penetration testing skills.

Due to high demand and many not being able to join the first batch, I'm excited to announce another round of the workshop! This is your chance to dive deep into web reconnaissance, learn practical techniques, and connect with a passionate community.

Why Join This Workshop?

-> Full Practical Session
-> Live Q&A session
-> Demo On Real Target

I genuinely appreciate your support and interest. Let’s continue this journey together and take our skills to the next level!

Reserve Your Spot Now:

India: https://rzp.io/l/bepracticalWorkshop
Other Countries: https://rzp.io/l/bepracticalInternational
Thank you once again for your love and support. Let’s make this second batch even more amazing!

Stay curious and keep hacking,

Here's some more information about the workshop

1. Timing: 7:00pm to 8:30pm
2. Duration: 7 days(20th July - 27th July)
3. Language: English
4. Last Date Of Registration: 15th July
5: Recordings for each session will be shared.

3 more days to register!

Hi, If anyone is having any trouble in payment using PayPal then please let us know

New video will be releasing tomorrow! Stay tuned❤

Also, there's only 2 more days remaining for registration!

Hi everyone! I have just released a new video in which i tested some of the popular tools on target protected by WAF.


To know which tool is better, Check out the video:

https://youtu.be/_oLyUxRMnJk

Hi everyone, Today is the last day to register in the workshop!

For those who have registered into the workshop which is going to be held on 20th July 2024, Your mobile number will be added in our group on 18th July 2024.Thank you. Keep learning, Keep Hacking!!!

19K subs completed!!🥳 Thank you everyone for your support❤️