Gaurav Kumar(GDATTACKER) @gdattacker

@ArunKr1shnan @teambi0s @huntr_ai can you help me out in knowing more about the stripe connect thing on huntr

10 LINKS THAT WILL CHANGE HOW YOU LOOK AT THE INTERNET FOREVER. Save this list. Most people will never see it. 1. haveibeenpwned.com Shows every data breach your email has ever leaked in. 2. behindtheemail.com Reveals every social profile and login tied to any email address. 3. amiunique.org Tells you how trackable your browser fingerprint really is. 4. dnsleaktest.com Checks if your VPN is actually working or silently exposing your real IP. 5. justdeleteme.xyz Direct links to delete your account from any major service. 6. virustotal.com Scans any file or link against 70+ antivirus engines in seconds. 7. exposing.ai Shows if your face was used to train AI models without consent. 8. browserleaks.com Exposes every piece of data your browser leaks to websites. 9. shouldiremoveit.com Tells you which apps on your PC are bloatware or spyware. 10. 12ft.io Removes paywalls from news sites so reading stays free. Thanks me later.

keyboard_arrow_left Previous keyboard_arrow_right Next

@Meta @instagram @facebook what's wrong with your team many real account are facing issues with verification some get approved some can't i have my fb verified around 2016 via passport i had instagram linked with same facebook account and got this although it got verified again

🌐 MyIP: One of the Most Comprehensive Open-Source Network & IP Analysis Toolkits More than just a "What's My IP" website. MyIP combines IP intelligence, DNS leak detection, WebRTC analysis, ASN research, browser fingerprinting, speed testing, global latency checks, MTR diagnostics, censorship detection, and network troubleshooting into a single platform. Features: ✅ IP & ASN Intelligence ✅ DNS Leak Testing ✅ WebRTC Leak Detection ✅ Browser Fingerprinting ✅ Global Latency & MTR Tests ✅ Whois & MAC Lookup ✅ Service Status Monitoring ✅ Network Availability Checks ✅ Censorship Detection 🔗 github.com/jason5ng32/MyIP #CyberSecurity #Networking #Privacy #OSINT #WebRTC #DNS #InfoSec #OpenSource #SelfHosted #GitHub

Releasing leaklens, github.com/dinosn/leaklens a secret scanner which combines katana from project discovery, titus from praetorian-inc team and js-leaks for automated secret scan on websites.

@TitsecOP @ihebhamad514 Someone has already claimed the bucket but has not enabled static hosting

@ihebhamad514 Nah

Need to Extract API Endpoints from an Android APK Without Source Code? A Claude Code skill designed to decompile Android APK/XAPK/AAR files and automatically extract APIs, endpoints, authentication flows, and network logic. Features: • APK/XAPK Decompilation • Retrofit & OkHttp API Extraction • Ktor & Apollo (GraphQL) Support • R8 Obfuscation-Resistant Analysis • Kotlin Metadata Recovery • Authentication & HMAC Detection • Call Flow Tracing • Windows & Linux Support Perfect for mobile app security assessments, API reconnaissance, malware analysis, and Android reverse engineering. 🔗 github.com/SimoneAvogadro… #Android #ReverseEngineering #MobileSecurity #CyberSecurity #AppSec #APK #Pentesting #BugBounty #InfoSec #GitHub

Time-Based Blind SQL Injection in Dataapps UUID Pro Tip: Don't just test UUIDs for IDOR, they're often unparameterized DB inputs. That makes them prime SQLi candidates. #penetrationtesting #cybersecurity #bugbounty

keyboard_arrow_left Previous keyboard_arrow_right Next

@vercel @vercel_dev @vercel_support i have sended mail multiple times but why deduction of payment request being sended to me while i have deleted my account a long time ago

JS sourcemaps are a goldmine for bug bounty hunters! 🤠 1. Grab any target's source map files 2. Unpack them using sourcemapper 3. Run metis on the TypeScript source files Example! 👇

🤖 Autonomous Pentesting & AI Security: 400+ Resources in One Place A curated repository focused on the rapidly growing intersection of Cybersecurity, AI Agents, MCP Servers, Autonomous Pentesting, and Agent Security. Inside you'll find: 🧠 Agentic AI Security Research 🔌 Security-Focused MCP Servers ⚔️ Autonomous Pentesting Frameworks 🛡️ AI Agent Security Testing Tools 🔍 OSINT & Threat Intelligence Integrations 📊 Security Datasets for AI Training 🏗️ Multi-Agent Frameworks 🎯 CTF & Cyber Range Research 🔬 LLM Red Teaming & AI Security Resources Highlights include integrations for: • Burp Suite MCP • BloodHound MCP • Ghidra MCP • Binary Ninja MCP • Nuclei MCP • Shodan MCP • VirusTotal MCP • Jadx MCP If you're exploring the future of AI-powered security operations, autonomous vulnerability discovery, AI red teaming, or agent security engineering, this repository is worth bookmarking. 🔗 github.com/raphabot/aweso… #AISecurity #AgenticAI #CyberSecurity #MCP #LLMSecurity #RedTeaming #ThreatIntelligence #Pentesting #InfoSec #ArtificialIntelligence

HICIERON UN CAPCUT GRATIS Y SIN MARCAS DE AGUA, Y TIENE 55K STARS EN GITHUB CapCut te mete marca de agua, te bloquea funciones y encima te cobra suscripción. Un grupo de devs se cansó y construyó la alternativa open source. → Editor de vídeo completo, sin marcas de agua ni paywalls → Compatible con web, escritorio y móvil → Open source con licencia MIT → Servidor MCP incluido para agentes de IA → Se está reescribiendo en Rust desde cero con API, plugins y scripting Se llama OpenCut y es exactamente lo que CapCut debería haber sido desde el principio. Te lo explico abajo (link de la repoo también) ⬇️

@KartiPC @NTA_Exams You should also shut down all the shopping malls since there might be a theft in one of them. And close the roads because I heard someone was speeding.

@Olacabs ordered a cab driver denied on call because he found the ola charges to be less. but ola charged me cancellation charges what's my fault?

If you want a CloudFlare XSS Bypass just ask Google (or Gemini)! "brutelogic cloudflare bypass" It misses the meme where the latest bypass with (alert)(1) was shared here though. But it brings you a good record of bypasses!

keyboard_arrow_left Previous keyboard_arrow_right Next

XSS Bypass Pro Tip Look for "customElements.define()" in libraries and inline JavaScript code used by application. That function registers a new DOM element and WAFs are not expecting them. Example below creates the <py-script> element which leads to an interesting bypass.

BRute Logic @BRuteLogic

3 years ago

PyScript #XSS pyscript.net <py-script> '\74img/src/onerror\75alert(1)\76' </py-script> PoC brutelogic.com.br/lab/wasm/pyscr… #WAF #bypass #bugbounty

2 107 330 71K 119

Statement : Shutting down Telegram is a band aid solution and is a disproportionate answer to exam fraud The Internet Freedom Foundation objects to the directions announced today in the National Testing Agency's press release on action against the Telegram platform. On the NTA's recommendation, the Ministry of Electronics and Information Technology has, under Section 69A of the Information Technology Act, 2000, restricted access to the whole of Telegram in India until 22 June 2026, and has separately ordered the platform to switch off message-editing for every Indian user until 30 June 2026. This is a blunt, nationwide measure aimed at the conduct of rampant fraud rackets, and on the Government's own admission is constitutionally incompatible. At the outset it is important to note that Section 69A and the Blocking Rules of 2009 framed under it allow the Government to block access to specific “information” on a computer resource. They do not extend to switching off an entire intermediary, still less to ordering a company to redesign its product by removing a feature for a whole country. In Shreya Singhal v Union of India, the Supreme Court upheld Section 69A because it is narrow and hedged with procedural safeguards. Reading it to authorise shutting down a platform that lakhs use is an overbroad restriction by the NTAs own admission. For the message-editing direction the release identifies no source of power at all. If one exists, the order must say so. The release argues against itself A restriction on access has to be the least intrusive measure that achieves its aim as per the constitutional test of proportionality laid down in Justice K.S. Puttaswamy v. Union of India (2017) and applied in Anuradha Bhasin v. Union of India (2020). The NTA's own narration shows the block fails its nodal agency, the release says, “has secured the prompt take-down of a substantial number of Telegram channels, groups and bots”, and this targeted work “is the reason the harm caused by these rackets has been contained to the extent it has”. If channel level takedown contained the harm, the case for a blanket block collapses and hence the Government has reached for a heavier tool while conceding that a lighter one was working. The collateral cost sits on the record too as noted in the press release. The block, the NTA accepts, “affects lakhs of citizens who use the Telegram platform for legitimate personal, educational, professional and informational purposes”. The release also says there is "no such paper available outside the secured examination chain" and that “the security of the examination is unaffected by the action taken”. If the exam is secure and no leak exists, what is being suppressed is rumour, and rumour cannot justify closing a platform when specific blocking and criminal prosecution remain available. Students use of Telegram The block of telegram is reactive and ineffective and will punish ordinary users instead of addressing the systemic source of exam leaks. This blocking comes in the final days of NEET preparation, when thousands of students depend on Telegram for study groups, doubt-clearing, and shared resources. Also, it is important to consider that the source of exam papers leak will occur from inside the system, among insiders and across the printing and logistics chain, with the platform being the most downstream channel for distribution. Hence, switching off Telegram, is merely a deflection from the repeated failures that will continue while media attention is directed towards this Telegram ban. Lack of transparency At present only a press release from the NTA has been provided, which recommended the block but the reasoned order of MeitY, the authority that issued it, has not been released. The Anuradha Bhasin decision requires that orders restricting access be published so they can be tested in court. Here the order, and the reasoning of the committee behind it, stay out of view, and we do not know whether Telegram was heard at all. An announcement of a block is no substitute for an order the affected party can challenge. Blunt to enforce and very easy to evade Usually, app-level blocks run through IS-level DNS and IP filtering. They are over inclusive, sweeping in lawful use, yet simple to evade as a determined exam leak racket moves to a VPN or a mirror within minutes while ordinary users lose the service for a week. We ask the Government to: 1) Publish the MeitY Section 69A order and the NTA recommendation behind it, with reasons; 2) State the legal basis for the message editing direction, or withdraw it; 3) Confirm whether Telegram was given a hearing under the Blocking Rules, and place the committee's record before any court that hears a challenge; and 4) Lift the platform-wide restriction and rely on the targeted takedowns the NTA itself credits with containing the harm. We emphasise that the NEET (UG) 2026 re-examination is worth protecting and it concerns the future of lakhs of aspirants. It requires securing the entire process of examination rather than reaching for purported band aid solutions that instead cause more harm. The State cannot switch off a service used by lakhs to answer the wrongdoing of a few, and cannot do it through an order no one affected is allowed to read. On its own facts, the Government has done both. New Delhi, 16 June 2026.

keyboard_arrow_left Previous keyboard_arrow_right Next

JWT Auth Bypass TestBed 403.brutelogic.net/authz/jwt Test your skills: 18 main tests with variations. A proprietary tool with 40+ techniques for Brute One will be available this week to spot all these cases in the wild in a matter of seconds. brutelogic.net/brute-one

@kornbuilds @airsignbreeze try connecting with the grievance officer first of the meta if they can help