manuel valdez
@saur1n.bsky.social
▪️Hacking my way through life
▪️Part time Bug Bounty hunter
▪️Engineer
▪️Teacher
▪️x.com/saur1n
▪️Part time Bug Bounty hunter
▪️Engineer
▪️Teacher
▪️x.com/saur1n
Reposted by manuel valdez
Spotted a reverse engineering boutique at Zurich main station
July 5, 2025 at 10:03 AM
Spotted a reverse engineering boutique at Zurich main station
It's amusing to me the amount of apps that implement pretty decent anti-SSRF measures:
- Private IP addresses✅
- Normalization of diff. IPv4/IPv6 representations✅
- TOCTOU DNS rebinding✅
- HTTP Redirects✅
But still this little😈 slips through the cracks:
- 0.0.0.0❌
#bugbountytips
- Private IP addresses✅
- Normalization of diff. IPv4/IPv6 representations✅
- TOCTOU DNS rebinding✅
- HTTP Redirects✅
But still this little😈 slips through the cracks:
- 0.0.0.0❌
#bugbountytips
June 12, 2025 at 6:08 PM
It's amusing to me the amount of apps that implement pretty decent anti-SSRF measures:
- Private IP addresses✅
- Normalization of diff. IPv4/IPv6 representations✅
- TOCTOU DNS rebinding✅
- HTTP Redirects✅
But still this little😈 slips through the cracks:
- 0.0.0.0❌
#bugbountytips
- Private IP addresses✅
- Normalization of diff. IPv4/IPv6 representations✅
- TOCTOU DNS rebinding✅
- HTTP Redirects✅
But still this little😈 slips through the cracks:
- 0.0.0.0❌
#bugbountytips
It's just like that sometimes
May 29, 2025 at 12:15 PM
It's just like that sometimes
Swag's here! As part of an active campaign from 12build program run by @intigriti.com, I managed to find a few cool bugs. Great program, good quality💯 t-shirts
#bugbountytips
#bugbountytips
May 23, 2025 at 1:11 AM
Swag's here! As part of an active campaign from 12build program run by @intigriti.com, I managed to find a few cool bugs. Great program, good quality💯 t-shirts
#bugbountytips
#bugbountytips
I'm starting a new series called: Weird SSRF outputs
April 24, 2025 at 3:10 AM
I'm starting a new series called: Weird SSRF outputs
Hacking is just a weird thing that many discover because it's just something that we inherent (at birth?) and then develop over the years.
It just feels right to be around computers and entangled stuff that most of the time, u cannot wrap your head around it, but guess what? That's the beauty of it
It just feels right to be around computers and entangled stuff that most of the time, u cannot wrap your head around it, but guess what? That's the beauty of it
April 11, 2025 at 8:05 PM
Hacking is just a weird thing that many discover because it's just something that we inherent (at birth?) and then develop over the years.
It just feels right to be around computers and entangled stuff that most of the time, u cannot wrap your head around it, but guess what? That's the beauty of it
It just feels right to be around computers and entangled stuff that most of the time, u cannot wrap your head around it, but guess what? That's the beauty of it
Reposted by manuel valdez
Sometimes all it takes is one weird byte.
REcollapse aims to find it!
Just give it a URL and it will generate a fuzzing list for all regex pivot positions with all possible bytes %00 to %ff!
Check it 👇
REcollapse aims to find it!
Just give it a URL and it will generate a fuzzing list for all regex pivot positions with all possible bytes %00 to %ff!
Check it 👇
April 1, 2025 at 12:18 AM
Sometimes all it takes is one weird byte.
REcollapse aims to find it!
Just give it a URL and it will generate a fuzzing list for all regex pivot positions with all possible bytes %00 to %ff!
Check it 👇
REcollapse aims to find it!
Just give it a URL and it will generate a fuzzing list for all regex pivot positions with all possible bytes %00 to %ff!
Check it 👇
This is the bad thing about sharing testing environments. This guy has been hammering an HTMLi on a invitation email request for three days now, which I'm 99.9% sure has been reported before **several times**.
March 28, 2025 at 3:14 PM
This is the bad thing about sharing testing environments. This guy has been hammering an HTMLi on a invitation email request for three days now, which I'm 99.9% sure has been reported before **several times**.
I feel sorry for triagers seeing this type of... Thing on bug bounty reports
March 13, 2025 at 1:16 AM
I feel sorry for triagers seeing this type of... Thing on bug bounty reports
Reposted by manuel valdez
Antimatter is cool and it's a real thing. I used to work on an experiment where we collided protons with antiprotons to make top-antitop quark pairs (among other things). ⚛️
March 1, 2025 at 3:53 PM
Antimatter is cool and it's a real thing. I used to work on an experiment where we collided protons with antiprotons to make top-antitop quark pairs (among other things). ⚛️
I hate providing reproduction steps with (a) missed step(s). I guess writing reports late at night can take a toll on us sometimes. It can happen but it sucks, especially for the triager assessing the ticket
February 20, 2025 at 3:07 PM
I hate providing reproduction steps with (a) missed step(s). I guess writing reports late at night can take a toll on us sometimes. It can happen but it sucks, especially for the triager assessing the ticket
It's all about that tiny request, that picky little one that gets lost in a sea of junk from your history tab, the one which gives you the keys to the juicy treasure.
Bug Bounty poem :)
Bug Bounty poem :)
February 19, 2025 at 5:01 AM
It's all about that tiny request, that picky little one that gets lost in a sea of junk from your history tab, the one which gives you the keys to the juicy treasure.
Bug Bounty poem :)
Bug Bounty poem :)
Reposted by manuel valdez
It’s the same picture
February 12, 2025 at 5:30 AM
It’s the same picture
Reposted by manuel valdez
Arp 321.
a compact group of five galaxies located in the constellation Hydra. It's a fascinating object for astronomers because these galaxies are in close proximity and interacting with each other.
Processed Hubble data by Dr. Mehmet Hakan Özsaraç.
www.flickr.com/photos/mhozs...
🔭 🧪
a compact group of five galaxies located in the constellation Hydra. It's a fascinating object for astronomers because these galaxies are in close proximity and interacting with each other.
Processed Hubble data by Dr. Mehmet Hakan Özsaraç.
www.flickr.com/photos/mhozs...
🔭 🧪
February 8, 2025 at 9:06 PM
Arp 321.
a compact group of five galaxies located in the constellation Hydra. It's a fascinating object for astronomers because these galaxies are in close proximity and interacting with each other.
Processed Hubble data by Dr. Mehmet Hakan Özsaraç.
www.flickr.com/photos/mhozs...
🔭 🧪
a compact group of five galaxies located in the constellation Hydra. It's a fascinating object for astronomers because these galaxies are in close proximity and interacting with each other.
Processed Hubble data by Dr. Mehmet Hakan Özsaraç.
www.flickr.com/photos/mhozs...
🔭 🧪
Reposted by manuel valdez
Even physical games are bricked without PSN access if you need to pair a disc drive. This is why real physical media and disc drive access is vital.
Welcome to the future - nobody owns anything, and all art and entertainment is disposable, temporary, and lost forever.
Welcome to the future - nobody owns anything, and all art and entertainment is disposable, temporary, and lost forever.
February 8, 2025 at 11:01 AM
Even physical games are bricked without PSN access if you need to pair a disc drive. This is why real physical media and disc drive access is vital.
Welcome to the future - nobody owns anything, and all art and entertainment is disposable, temporary, and lost forever.
Welcome to the future - nobody owns anything, and all art and entertainment is disposable, temporary, and lost forever.
I guess this is well known by experienced WebApp pentesters/bug hunters/Burp Suite power-users, so this is targeting beginner users.
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
February 7, 2025 at 3:52 PM
I guess this is well known by experienced WebApp pentesters/bug hunters/Burp Suite power-users, so this is targeting beginner users.
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
Stored XSS is cewl but have you heard about a store full of XSS's? 🙄
February 7, 2025 at 12:28 PM
Stored XSS is cewl but have you heard about a store full of XSS's? 🙄
Reposted by manuel valdez
We've updated our URL validation bypass cheat sheet with this shiny Domain allow list bypass payload contributed by dyak0xdb!
February 6, 2025 at 9:17 AM
We've updated our URL validation bypass cheat sheet with this shiny Domain allow list bypass payload contributed by dyak0xdb!
By testing for SSRF be on the lookout of any Axios http clients, these instances follow redirects by default which devs sometimes don't know it.
Therefore, there is a high chance defenses could be bypassed by entering the evil host after the redirection.
Don't forget 301,308 redir codes ;)
Therefore, there is a high chance defenses could be bypassed by entering the evil host after the redirection.
Don't forget 301,308 redir codes ;)
February 5, 2025 at 11:43 PM
By testing for SSRF be on the lookout of any Axios http clients, these instances follow redirects by default which devs sometimes don't know it.
Therefore, there is a high chance defenses could be bypassed by entering the evil host after the redirection.
Don't forget 301,308 redir codes ;)
Therefore, there is a high chance defenses could be bypassed by entering the evil host after the redirection.
Don't forget 301,308 redir codes ;)
Reposted by manuel valdez
"The best possible knowledge of a whole does _not_ include the best possible knowledge of its parts -- and this is what keeps coming back to haunt us."
-Erwin Schrödinger, on quantum entanglement, 1935
-Erwin Schrödinger, on quantum entanglement, 1935
January 13, 2025 at 6:52 PM
"The best possible knowledge of a whole does _not_ include the best possible knowledge of its parts -- and this is what keeps coming back to haunt us."
-Erwin Schrödinger, on quantum entanglement, 1935
-Erwin Schrödinger, on quantum entanglement, 1935
Spotting bugs left and right just to sit back thinking about bb reports... That right there *is* the struggle!
January 14, 2025 at 10:08 PM
Spotting bugs left and right just to sit back thinking about bb reports... That right there *is* the struggle!