Socorro

急に配信切ってすまん友達から電話来た、ところで彼氏欲しい

How I found +100 XSS on Private Program 🧙‍♂️

github.com/NafisiAslH/Kno…

#bugbountytip

#Xss in #medium & #google & #apple ?????
Noooo.. in google translator😂
Sina
.
.
.
.
#xss
#hack
#penetration
#Vulnerability
#hack erone
#bugcrowd
#Security
#google
#translator

運動会でぶっ転んで2位だったけど頑張った！！

Cross-Site Scripting (XSS) in GraphQL

escape.tech/blog/cross-sit…

今盛岡の遊園地で1人で遊んでる

Faster. Sleeker. More intuitive. See how our website can support your information needs for trading across our exchanges.

I've successfully uncovered the trendy XSS vulnerability [CVE-2023-29489] on a high-profile target :D

E-mail address payloads📓

The following payloads are all valid e-mail addresses that we can use for pentesting of not only web based e-mail systems.

1/.XSS (Cross-Site Scripting):

test+(<script>alert(0)</script>)example.com testexample(<script>alert(0)</script>).com '

Si c'est pas lui c'est qui ?

Very rare but awesome to see! One of our members taking a 1.5k past 6 figures in a little over a month in the room! $SPX $TSLA $ABNB

spartantrading.com

数字でしか見てないからわかんないだろうね
PS4proからXSSに変えたけど、同じゲームやっても圧倒的にXSSのが優れてるよ。

Blind XSS for beginners by syntax error

medium.com/bugbountywrite…

Basic of XSS

#asecurity #BugBounty #bugbountytips
(1/2)

Bug Bounty Hint

Bypassing Cloudfront XSS WAF

1) alert = window['al'+'ert']
2) bypass () with ``
3) replace space with /
4) encode symbols:
🔹< = %3c
🔹> = %3e
🔹' = %22
🔹[ = %5b
🔹] = %5d
🔹` = %60

Not Encoded Payload:
<svg/onload=window['al'+'ert']`1337`>

Cheers

It's now possible to scan multiple URLs at once for XSS vulnerabilities!

esse cabelo combina dmais cmg 💋

✨ The #Golden Age

youtu.be/-bYS9qcDMOw

Found a way how to use strong & smart WAF filter against itself and bypass XSS filter 😄

I will publish this trick in few days 😀