Hello everyone, this story is not about Bug Bounty. I wanted to show you something else. Is it bug hunter, blackhat or whitehat which one? I’ve been setting up a website called lu3ky.online for a few days. …

Hello, my name is Ahmed Abdullah we were able to organize a hacking conference for 3 days in Iraqi Kurdistan in Sulaimani, I am a hacker and researcher on the HackerOne platform lu3ky-13 During these three days, we were able to introduce HackerOne and HackerOne work to our people, especially…

bypass two-factor authentication in Android apps and web All #TikTok Apps Edit descriptionwww.youtube.com #bugbounty #bug #bounty

سەرەتا سلاوتان لێبێت من احمد عبدالله لە (سایبەر شێلد)دەمەوێت لەم نووسینەمدا باسی ئەوەتان بۆبكەم كە چۆن ببیتە بەگ باونتەریكی سەركەوتویان ببیت بە هاككریكی سەركەوتو دەزانم ئیستا كەدیت ئەم بابەتە ئەخوێنیتەوە ریك چاوت دەچیتەسەر ئەوبرە پارەیەی نووسیومە سەرەتا دەمەوێت بلیم ئەگەر تۆ ناتوانی بیتە ئەم جیهانە قوولە تكایە كاتی خۆت مەكوژە…

Mr. Robot: Self Xss from Informative to high 1200$ ,csrf, open redirect,self xss to stored Hello all bug bounty hunters sorry for any mistake if I forget something to use this writeup for your RECON or you’re RESEARCHING, I found 2 w 3 bugs with the same idea I submitted this bug to private programs but I changed everything here name website and panel and…

I’m here to tell you how I account takeover in TikTok I submitted this bug in HackerOne and I got 1000$ for this bug this domain’s third party and out of scope he pays bounty because it’s Critical bug First:- how did I find this domain? i take this URL…

I’m here to tell you how I found SQL injection on this website at HackerOne just in 5 minutes and I got 350$ without any tools to recon just I used my mind and google search after 2 or 3 minutes I found a zip on a website like https://intensedebate.com/intensedebate.zip…

how i bypassed microsoft authenticator time-based stop otp refreshing funny POC my name is Ahmed a Abdulla I would like to report stop otp refreshing that allows to an attacker stop refreshing OTP in 30s and an attacker can brute force account and steal code login all account in one time an attacker can bypass 2FA via brute force cuz the refreshing OTP is stopped Microsoft authenticator I test on iPad mini 3 Version 12.4.9

How I Found Sql Injection on 8x8 , Cengage ,Comodo ,Automattic ,intel ,IBM ,MTN Group ,uis.cam.ac.uk ,volvocars.biz ,asus.com — What is SQL injection (SQLi)? SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other…