sometimes the only vulnerable thing is my patience. #bugbounty
November 9, 2025 at 5:05 PM
sometimes the only vulnerable thing is my patience. #bugbounty
mit hilfe von #KI erstellte bug reports um #BugBounty abzugreifen - ein echtes problem für #opensource entwickler
hat sich #curl entwickler @daniel.haxx.se letztens auch aufgeregt und radikal durchgegriffen - wer solche bug reports einreicht wird direkt gebannt
www.youtube.com/watch?v=bgBz...
hat sich #curl entwickler @daniel.haxx.se letztens auch aufgeregt und radikal durchgegriffen - wer solche bug reports einreicht wird direkt gebannt
www.youtube.com/watch?v=bgBz...
www.youtube.com
November 9, 2025 at 7:48 AM
mit hilfe von #KI erstellte bug reports um #BugBounty abzugreifen - ein echtes problem für #opensource entwickler
hat sich #curl entwickler @daniel.haxx.se letztens auch aufgeregt und radikal durchgegriffen - wer solche bug reports einreicht wird direkt gebannt
www.youtube.com/watch?v=bgBz...
hat sich #curl entwickler @daniel.haxx.se letztens auch aufgeregt und radikal durchgegriffen - wer solche bug reports einreicht wird direkt gebannt
www.youtube.com/watch?v=bgBz...
I've never quite before seen so many bugbounty hackers / cybersecurity professionals excited about AI. Not because of AI per se, but because it will generate so much new income.
We have almost quite literally taken everything we've learnt, thrown it out the window, and reintroduced injection […]
We have almost quite literally taken everything we've learnt, thrown it out the window, and reintroduced injection […]
Original post on swecyb.com
swecyb.com
November 10, 2025 at 1:04 PM
I've never quite before seen so many bugbounty hackers / cybersecurity professionals excited about AI. Not because of AI per se, but because it will generate so much new income.
We have almost quite literally taken everything we've learnt, thrown it out the window, and reintroduced injection […]
We have almost quite literally taken everything we've learnt, thrown it out the window, and reintroduced injection […]
Document your insights as if crafting a blog entry, even just for yourself. Clear writing elevates skilled hackers to exceptional ones.
#CyberSecurity #BugBounty
#CyberSecurity #BugBounty
November 2, 2025 at 5:05 PM
Document your insights as if crafting a blog entry, even just for yourself. Clear writing elevates skilled hackers to exceptional ones.
#CyberSecurity #BugBounty
#CyberSecurity #BugBounty
Dear [Bug Bounty Hunter],
Do you want to get excluded? Because this is how you get excluded. #bugbounty
Do you want to get excluded? Because this is how you get excluded. #bugbounty
October 30, 2025 at 11:29 AM
Dear [Bug Bounty Hunter],
Do you want to get excluded? Because this is how you get excluded. #bugbounty
Do you want to get excluded? Because this is how you get excluded. #bugbounty
the hardest part of bug hunting? naming your burp project files. #bugbounty
October 25, 2025 at 2:33 AM
the hardest part of bug hunting? naming your burp project files. #bugbounty
Using #owasp tool Amass 5.0.0 for recon. Hope this helps!
#bugbountytips #bugbounty #CyberSecurity #resonnaissance #EthicalHacking
medium.com/@marduk.i.am...
#bugbountytips #bugbounty #CyberSecurity #resonnaissance #EthicalHacking
medium.com/@marduk.i.am...
Amass 5.0.0 Usage for Recon
OWASP Tool
medium.com
October 21, 2025 at 11:49 AM
Using #owasp tool Amass 5.0.0 for recon. Hope this helps!
#bugbountytips #bugbounty #CyberSecurity #resonnaissance #EthicalHacking
medium.com/@marduk.i.am...
#bugbountytips #bugbounty #CyberSecurity #resonnaissance #EthicalHacking
medium.com/@marduk.i.am...
My debut EP is out now! 🤘
#Nerdcore anthems for the #bugbounty and #redteam community.
Available on all major streaming platforms.
open.spotify.com/album/79pGUi...
music.apple.com/ca/album/kal...
#newmusic
#Nerdcore anthems for the #bugbounty and #redteam community.
Available on all major streaming platforms.
open.spotify.com/album/79pGUi...
music.apple.com/ca/album/kal...
#newmusic
October 15, 2025 at 10:13 AM
My debut EP is out now! 🤘
#Nerdcore anthems for the #bugbounty and #redteam community.
Available on all major streaming platforms.
open.spotify.com/album/79pGUi...
music.apple.com/ca/album/kal...
#newmusic
#Nerdcore anthems for the #bugbounty and #redteam community.
Available on all major streaming platforms.
open.spotify.com/album/79pGUi...
music.apple.com/ca/album/kal...
#newmusic
Apple Increases Maximum Bug Bounty to $2 Million for Critical iPhone Exploits killbait.com/en/apple-inc... #technology #apple #bugbounty #cybersecurity
Apple Increases Maximum Bug Bounty to $2 Million for Critical iPhone Exploits
Apple has raised its maximum bug bounty payout to $2 million for chains of software exploits that could enable spyware, reflecting the high value of vulnerabilities in its protected ecosystem.
killbait.com
October 11, 2025 at 10:11 PM
Apple Increases Maximum Bug Bounty to $2 Million for Critical iPhone Exploits killbait.com/en/apple-inc... #technology #apple #bugbounty #cybersecurity
Super interesting read on GitHub's bug bounty spotlight, @xiridium! Started with CTFs, now dives deep into apps to find nuanced logic bugs. They even use ChatGPT like a junior dev. Best part? They spend their bounties on Lego! 🧱 Sounds like a dream gig. #BugBounty #Cybersecurity
October 7, 2025 at 5:01 PM
Super interesting read on GitHub's bug bounty spotlight, @xiridium! Started with CTFs, now dives deep into apps to find nuanced logic bugs. They even use ChatGPT like a junior dev. Best part? They spend their bounties on Lego! 🧱 Sounds like a dream gig. #BugBounty #Cybersecurity
Check old API versions.
Developers rarely fully decommission /v1/ or /beta/ endpoints. Send OPTIONS/TRACE requests and diff responses to find legacy logic. #BugBounty
Developers rarely fully decommission /v1/ or /beta/ endpoints. Send OPTIONS/TRACE requests and diff responses to find legacy logic. #BugBounty
October 5, 2025 at 4:05 PM
Check old API versions.
Developers rarely fully decommission /v1/ or /beta/ endpoints. Send OPTIONS/TRACE requests and diff responses to find legacy logic. #BugBounty
Developers rarely fully decommission /v1/ or /beta/ endpoints. Send OPTIONS/TRACE requests and diff responses to find legacy logic. #BugBounty
Uncle Rats Top 10 Essential Bug Bounty Tips [1-5] FREE course Part 1/2
twuai.com/search/lYA-f...
#infosec #cybersec #pentesting #bugbounty #ethical #hacking101
twuai.com/search/lYA-f...
#infosec #cybersec #pentesting #bugbounty #ethical #hacking101
Uncle Rats Top 10 Essential Bug Bounty Tips [1-5] FREE course Part 1/2
https://thexssrat.podia.com/006-bbg-uncle-rat-s-top-10-bug-bounty-tips-essential-bug-bounty-tips-for-every-level?coupon=AUTUMNLOVE
Uncle rat's courses:
https://thexssrat.podia.com
Become a member of...
twuai.com
October 2, 2025 at 10:24 PM
Uncle Rats Top 10 Essential Bug Bounty Tips [1-5] FREE course Part 1/2
twuai.com/search/lYA-f...
#infosec #cybersec #pentesting #bugbounty #ethical #hacking101
twuai.com/search/lYA-f...
#infosec #cybersec #pentesting #bugbounty #ethical #hacking101
Retrieval apps are prime targets.
A poisoned document in your knowledge base can silently inject commands every time it’s queried.
Scan and sign content before indexing.
#BugBounty #AIsecurity #PromptInjection #RAG
A poisoned document in your knowledge base can silently inject commands every time it’s queried.
Scan and sign content before indexing.
#BugBounty #AIsecurity #PromptInjection #RAG
September 27, 2025 at 4:10 PM
Retrieval apps are prime targets.
A poisoned document in your knowledge base can silently inject commands every time it’s queried.
Scan and sign content before indexing.
#BugBounty #AIsecurity #PromptInjection #RAG
A poisoned document in your knowledge base can silently inject commands every time it’s queried.
Scan and sign content before indexing.
#BugBounty #AIsecurity #PromptInjection #RAG
Bug bounty hunters: MCP integrations can leak data if external inputs aren’t sanitized.
A simple “check my calendar” call can sneak a jailbreak prompt into an LLM and expose inbox contents.
Audit context flows, not just model outputs.
#BugBounty #AIsecurity #MCP
A simple “check my calendar” call can sneak a jailbreak prompt into an LLM and expose inbox contents.
Audit context flows, not just model outputs.
#BugBounty #AIsecurity #MCP
September 21, 2025 at 10:06 PM
Bug bounty hunters: MCP integrations can leak data if external inputs aren’t sanitized.
A simple “check my calendar” call can sneak a jailbreak prompt into an LLM and expose inbox contents.
Audit context flows, not just model outputs.
#BugBounty #AIsecurity #MCP
A simple “check my calendar” call can sneak a jailbreak prompt into an LLM and expose inbox contents.
Audit context flows, not just model outputs.
#BugBounty #AIsecurity #MCP
Just dropped a guide: “Bug Bounty Hunting for GenAI.”
If you hunt bounties, prompt-injection, RAG leaks, and poor integrations are paying out now. Short checklist:
toxsec.com/p/bug-bounty-hunting-for-genai.
#bugbounty #promptinjection
If you hunt bounties, prompt-injection, RAG leaks, and poor integrations are paying out now. Short checklist:
toxsec.com/p/bug-bounty-hunting-for-genai.
#bugbounty #promptinjection
Bug Bounty Hunting for GenAI
ToxSec | How to deal with GenAI in bug bounty programs.
toxsec.com
September 16, 2025 at 2:25 PM
Just dropped a guide: “Bug Bounty Hunting for GenAI.”
If you hunt bounties, prompt-injection, RAG leaks, and poor integrations are paying out now. Short checklist:
toxsec.com/p/bug-bounty-hunting-for-genai.
#bugbounty #promptinjection
If you hunt bounties, prompt-injection, RAG leaks, and poor integrations are paying out now. Short checklist:
toxsec.com/p/bug-bounty-hunting-for-genai.
#bugbounty #promptinjection
Got a couple of nice reports accepted today (high 7.5/medium 6.5) but I still have some under review after weeks. I hate waiting :) #infosec #hacking #bugbounty
September 13, 2024 at 3:32 PM
Got a couple of nice reports accepted today (high 7.5/medium 6.5) but I still have some under review after weeks. I hate waiting :) #infosec #hacking #bugbounty
Microsoft has expanded its Copilot AI bug bounty program, offering up to $5,000 for moderate vulnerabilities and adding Telegram and WhatsApp integrations #AI #MicrosoftAI #BugBounty #MicrosoftCopilot #AIsecurity #Cybersecurity #GenAI
Microsoft Expands Copilot AI Bug Bounty Program with New Rewards and Broader Coverage - WinBuzzer
Microsoft has expanded its Copilot AI bug bounty program, offering up to $5,000 for moderate vulnerabilities and adding Telegram and WhatsApp integrations.
buff.ly
February 10, 2025 at 4:47 PM
Microsoft has expanded its Copilot AI bug bounty program, offering up to $5,000 for moderate vulnerabilities and adding Telegram and WhatsApp integrations #AI #MicrosoftAI #BugBounty #MicrosoftCopilot #AIsecurity #Cybersecurity #GenAI
November 16, 2024 at 10:40 AM
Little known trick to bypass CSP feat. @joaxcar.bsky.social #bugbounty #bugbountytips #bugbountyhunter
January 23, 2025 at 10:15 AM
Little known trick to bypass CSP feat. @joaxcar.bsky.social #bugbounty #bugbountytips #bugbountyhunter
Web #AppSec interview questions! Reply with your best answer (and/or share this post!), I'll post mine tomorrow.
Question 61: Explain how CRLF Injection works and describe possible ways it could be exploited.
#InfoSec #Cybersecurity #BugBounty #Hacking
Question 61: Explain how CRLF Injection works and describe possible ways it could be exploited.
#InfoSec #Cybersecurity #BugBounty #Hacking
November 4, 2023 at 2:04 PM
Web #AppSec interview questions! Reply with your best answer (and/or share this post!), I'll post mine tomorrow.
Question 61: Explain how CRLF Injection works and describe possible ways it could be exploited.
#InfoSec #Cybersecurity #BugBounty #Hacking
Question 61: Explain how CRLF Injection works and describe possible ways it could be exploited.
#InfoSec #Cybersecurity #BugBounty #Hacking
Bolsonaro 50 13 22 partido (Meu pix/zap: 17996801536) gringo musica penis Marçal viado Vasco Seleção UOL GLOBO lixo lesbicas historia discord facebook hacking pentest bugbounty bug free robux Adobe photoshop 2028 crackeado pro apk graça @leiarcaica3.bsky.social @leiarcaica3.bsky.social Chama no pv
October 4, 2024 at 5:05 PM
Bolsonaro 50 13 22 partido (Meu pix/zap: 17996801536) gringo musica penis Marçal viado Vasco Seleção UOL GLOBO lixo lesbicas historia discord facebook hacking pentest bugbounty bug free robux Adobe photoshop 2028 crackeado pro apk graça @leiarcaica3.bsky.social @leiarcaica3.bsky.social Chama no pv
How I Earned $$ | Open Redirection
https://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip
https://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip
December 9, 2024 at 3:08 PM
How I Earned $$ | Open Redirection
https://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip
https://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip
Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Program
https://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip
https://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip
December 3, 2024 at 6:10 PM
Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Program
https://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip
https://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5
#bugbounty #bugbountytips #bugbountytip