Hey everyone! I hope you all enjoyed the latest video. Well, This is the code i have written in the back end to simulate the attack and here's a small question for you all -> Can you spot where is the actual vulnerability and how we can fix it?

I think you all should read this awesome article: https://medium.com/@mokhansec/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732

This week was awesome for me! While doing a pentest for a client, Got these many vulnerabilities within one day

Tip: Recon is the key!

We've hit over 8K members on our telegram channel! Thanks to all of your love and support guys!

Let's keep hacking and pushing forward!!

Hey everyone, Since we have about 8K members, I think it is better to help each other in bug bounty specially those who are new to it

So to all the intermediate~advance bug bounty hunters or penetration teeters, comment down your one advice that an aspiring bug bounty hunter should follow ⬇️(mine's in the comment section as well)

Got some free time today so spent in on H1.. Fortunately, Got some pretty cool vulnerabilities.. Let's hope they are not duplicate

Hi Everyone, Just finished shooting the video.. Planning to release it within 1~2 days! I am sure you all will learn something valuable from it.

Keep hacking!!

Seems like all of my reported vulnerabilities are triaged.. And with this.. I am currently in top 10 hacker of their program😇

The imp thing always is to do proper recon..all of these vulnerabilities have been found in a single subdomain!

Hi everyone, New video will be releasing tomorrow at 6pm IST... This will be an interesting one as it covers something which is not known to many people!

I hope you all will like it!!

New video is out! Learn how we can bypass weak host header injection protection in modern web apps

Video Link: https://www.youtube.com/watch?v=AAhZp1A4I0A

Hi everyone! Excited to share that i have now reached over 500+ reputation on HackerOne

Planning to spend more time on bug bounty this time!

9 hr straight on a program and finally got this credential.. Next step is to see how I can use it!

Finally, I was able to use it on a graphql endpoint!

26,000 subs completed.. Yayy🥳

As always, Thanks a lot for all your support guys!!!

Let's keep hacking!!

New video will be releasing tomorrow, Stay tuned!!! ❤️

Hi everyone! New video is out and this time..It is on a real application!

https://www.youtube.com/watch?v=0CvqGP1isCE

Just got this news!! The vulnerability was chained together with open redirection and csrf on no authentication field(fun fact: both were out of scope but i was able to chain them together to show the impact) 😄

One of the most critical vulnerability

Recently gave CAPen exam & successfully completed it with merit!

The exam was highly practical & simulates real world scenario...If you are an intermediate level penetration tester, you won't face any issues in passing this exam

If anyone's interested, feel free to check out their website :https://secops.group/pentesting-exams/ (They are running 70% off on every certification. Great opportunity for beginners!)

Hi everyone! New video will be releasing tomorrow at 11am IST! Stay Tuned❤️