manuel valdez
@saur1n.bsky.social
▪️Hacking my way through life
▪️Part time Bug Bounty hunter
▪️Engineer
▪️Teacher
▪️x.com/saur1n
▪️Part time Bug Bounty hunter
▪️Engineer
▪️Teacher
▪️x.com/saur1n
It's just like that sometimes
May 29, 2025 at 12:15 PM
It's just like that sometimes
Swag's here! As part of an active campaign from 12build program run by @intigriti.com, I managed to find a few cool bugs. Great program, good quality💯 t-shirts
#bugbountytips
#bugbountytips
May 23, 2025 at 1:11 AM
Swag's here! As part of an active campaign from 12build program run by @intigriti.com, I managed to find a few cool bugs. Great program, good quality💯 t-shirts
#bugbountytips
#bugbountytips
I'm starting a new series called: Weird SSRF outputs
April 24, 2025 at 3:10 AM
I'm starting a new series called: Weird SSRF outputs
This is the bad thing about sharing testing environments. This guy has been hammering an HTMLi on a invitation email request for three days now, which I'm 99.9% sure has been reported before **several times**.
March 28, 2025 at 3:14 PM
This is the bad thing about sharing testing environments. This guy has been hammering an HTMLi on a invitation email request for three days now, which I'm 99.9% sure has been reported before **several times**.
I feel sorry for triagers seeing this type of... Thing on bug bounty reports
March 13, 2025 at 1:16 AM
I feel sorry for triagers seeing this type of... Thing on bug bounty reports
The entire model handed to you
February 26, 2025 at 3:00 AM
The entire model handed to you
To wrap it up:
- Uncheck that option
- Add Scope items only to the Interception filters and Ignore OPTIONS requests, to keep the history a bit cleaner.
- Uncheck that option
- Add Scope items only to the Interception filters and Ignore OPTIONS requests, to keep the history a bit cleaner.
February 7, 2025 at 3:52 PM
To wrap it up:
- Uncheck that option
- Add Scope items only to the Interception filters and Ignore OPTIONS requests, to keep the history a bit cleaner.
- Uncheck that option
- Add Scope items only to the Interception filters and Ignore OPTIONS requests, to keep the history a bit cleaner.
I guess this is well known by experienced WebApp pentesters/bug hunters/Burp Suite power-users, so this is targeting beginner users.
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
February 7, 2025 at 3:52 PM
I guess this is well known by experienced WebApp pentesters/bug hunters/Burp Suite power-users, so this is targeting beginner users.
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
While loading the Burp Suite extension Autorize, it has by default this box checked:
1/n
Stored XSS is cewl but have you heard about a store full of XSS's? 🙄
February 7, 2025 at 12:28 PM
Stored XSS is cewl but have you heard about a store full of XSS's? 🙄