Bugv’s Post

Right now Uploaded a Amazing New Video. The title is: "Advance Bug Bounty: Hunting For Sensitive Data Exposure" Here's the Link: https://lnkd.in/dTSYeUqH Here's I'm Sharing my Methodology and how to Hunt for Different Vulnerabilities. Happy Hunting! #hacking #livebugbounty #cybersecurity #blackhat #xss #webhacking #LiveHacking #security

Sucessfully attended the webinar on Bug Hunting: Easy To Find Web Vulnerabilities, conducted by Nextgen Cybersafe, learnt new techniques! credential: https://lnkd.in/gYY_-q54 #vapt #bughunting #webinar #cybersecurity

Bug bounty tip: Always start with a deep dive into the target's scope before hunting! 📜 Recently, I submitted a vulnerability only to learn it was out of scope, reminding me of the importance of reading up on the allowed domains and vulnerability types first. Every attempt is a chance to sharpen those skills! 🔍 #BugBounty #CyberSecurity #AlwaysLearning

Bug Bounty Tip #13: Uncovering Hidden Parameters Through URL Crawling! 🕵️♂️🔍 Learn how to enhance your bug hunting skills by systematically crawling through URLs to uncover hidden parameters. Ready to uncover those elusive vulnerabilities? #BugBounty #Cybersecurity #EthicalHacking #InfoSec

Super excited to have participated in the Mass Hunting XSS Vulnerabilities sharing session with Merdeka Siber Academy and speaker Ahmad Danish Putra. Even though I’ve learned about XSS before, this session introduced a different, more efficient way to hunt XSS vulnerabilities at scale. It truly expanded my understanding of how to systematically and quickly discover XSS vulnerabilities. Big thanks to Merdeka Siber and Danish for the valuable knowledge! Now I feel more confident to explore and dive deeper into web security and vulnerability hunting 💻🔒 #CyberSecurity #XSSHunting #MerdekaSiber #Infosec #WebSecurity #LearningJourney

🛠️ Advanced Bug Hunting with Burp Suite – CyberMonday Deal! 🛠️ Take your bug hunting skills to the next level with this advanced Burp Suite course. Learn to find vulnerabilities like a pro – now 35% OFF for CyberMonday! 🔗 Learn More & Enroll: https://lnkd.in/ezs2RbiT Hurry – CyberMonday savings are only here for a limited time! #BugHunting #BurpSuite #CyberSecurity #CyberMonday

I got a critical vulnerability which is "API1:2023 Broken Object Level Authorization " within 10 minutes of hunting. Sometimes Bug Hunting is so easy, you need to do it smartly. Tips: [+]Focus on Reconnaissance to get better results. [+]Combine the reconnaissance process in one/two bash scripts. [You can use Osmedeus for good results.] [+] Check the reconnaissance result properly and find out the potential endpoint. [+] I got a potential API url using Osmedeus, then I use burp suite to exploit OWASP Top 10 API Vulnerabilities. [+]Intercept the request using the burp suite to get potential endpoints. [+] After collecting the potential endpoints, try to playing with them.[Fuzzing is good] [+]I got an interesting endpoint which is used to update user information.User information basically updated by user id number. [+]When I used my id number, I was able to see my information such as email, date of birth,phone number, address, etc. [+]I collected another user id number by fuzzing, and I was able to expose his/her information also.[ Fuzzing/create other ac for another user] [+] Boom, It is BOLA vulnerability as I am able to expose other user PII data from my personal account. Note: Osmedeus is a good tool, but time consuming. You can use it on your VPS. #bugbounty #hunting #cybersecurity #ctf #apisecurity #pentesting #webhacking #bola

Boost your bug bounty hunting game with these powerful browser extensions! From reconnaissance to vulnerability scanning, these tools make your workflow faster and more efficient. Start exploring now! 🚀🔐 #bugbounty #cybersecurity #ethicalhacking #pentesting #infosec #hackingtools #websecurity

Bug : Previlege escalation Quick tip for bug hunters : Always test for privilege escalation by attempting to perform actions beyond your assigned role. For example, try accessing admin features while logged in as a regular user. You might find that certain functions aren't properly restricted. Happy hunting! . . . . #bugbounty #cybersecurity #bugbountytips #hackerone #infosec #cybersec #vulnerability #hacking

🚨 YesWeHack Bug Bounty Program | Part 5: Open Redirect Mass Hunting PoC 🚨 Excited to share Part 5 in my bug bounty series with YesWeHack, where I explore Open Redirect vulnerabilities and demonstrate mass hunting techniques! 🔎🛡️ These vulnerabilities are often underestimated but can lead to phishing attacks and other serious security issues if not handled properly. In this session, I cover: ✅ Identifying Open Redirects and understanding their risks ✅ Mass Hunting Techniques: How to automate your search for vulnerabilities on live targets ✅ Real-Life Exploitation Scenarios ✅ Ethical Reporting: Submitting Open Redirect issues to YesWeHack responsibly 👨💻 Watch Part 5 here: [https://lnkd.in/ge48PprH] #YesWeHack #BugBounty #OpenRedirect #MassHunting #Cybersecurity #PoC #LiveTargetHunting #EthicalHacking #ResponsibleDisclosure #SecurityResearch #InfoSec #WhiteHat