Just got an awesome swag box from YesWeHack ⠵ - the swag game is strong with these ones. Very HQ stuff.

Appreciate y'all!

.­Mathias Karlsson blew our minds with his latest HTMX research including this tasty CSP bypass.

<img src=x hx-on:htmx:load='alert(0)' />

Bypasses lack of unsafe-inline, but uses unsafe-eval.

🔥 v0.36.1 is out!

Introducing 'Active Workflows', a new workflow type to execute actions against individual requests.

Run CLI tools, analyze requests/responses with JS, modify/send new requests, and more.

「BBJP_Podcast #3」を公開しました。

Bug Bounty JP Podcast #BBJP_Podcast
podcasters.spotify.com/pod/show/bbjp-…

Results rolling in with the Nahomies!

CaidoReflector v1.0 is out! :D
github.com/bebiksior/Caid…

Automatically look for paramater reflections in the HTTP response. Currently it supports GET and POST requests with query string body (json is not supported yet).

Shots fired on the pod last week on whether programs are incentivised NOT to pay.

Ah the life of an HTML sanitization framework haha

Working on this one. I'm naturally long winded.

Officially Top 5 All-Time on HackerOne's Leaderboard following a 10G💰 bounty from a public program 🤠

hackerone.com/leaderboard/al…

#BugBounty

Wowwww this is awesome.

Particularly important HackerNotes this week - payloads for the 0-days & gadgets included.

Can't wait for the the live hack-along session happening tomorrow on the Critical Thinking - Bug Bounty Podcast Discord channel🔥

Awesome new update to EvenBetter