Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Nithin 🦹‍♂️ Profile picture
@thebinarybot
Aug 9, 2022 9 tweets 4 min read Read on X
I've been following @intigriti 's bug bounty tips for quite sometime and they're super valuable.

But it's no use if I just store them with me and not talk about my favourite ones that has worked magic.

So, here's 5 of my recent favourite #bugbountytips from @intigriti

🧵👇
1. Source Code Goldmines

2. Recon

3. Parameter Modification !?

4. Got a 302 and don't know what to do?

5. Bypass WAF

(Bonus) Fuzzing like a pro !

Liked the thread ?

🐦 Kindly RT, so that more people get to see this.
🙏 Consider following @thebinarybot . I post informative content on Bug Bounty Hunting, Penetration Testing and everything Cybersecurity.

#bugbounty #bugbountytips #infosec #cybersecurity
Oh also, do consider following @intigriti .

They post amazing bug bounty tips on a regular basis which will definitely help you due course.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Nithin 🦹‍♂️

Nithin 🦹‍♂️ Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @thebinarybot

Nithin 🦹‍♂️ Profile picture
Apr 10, 2024
Top 10 Browser Extensions for Bug Bounty Hunters and Security Researchers 🧵👇

2024 Edition.
1️⃣ Wappalyzer: A technology profiler that identifies the technologies used on websites, from CMS to JavaScript libraries.

Available in: Google Chrome | Mozilla Firefox

🔗Link:

🔗Link: chromewebstore.google.com/detail/wappaly…
addons.mozilla.org/en-US/firefox/…
2️⃣ Hunter: Quickly find email addresses on websites with a single click.

Available in: Google Chrome | Mozilla Firefox

🔗Link:

🔗Link: chromewebstore.google.com/detail/hunter-…
addons.mozilla.org/en-US/firefox/…
Read 12 tweets
Nithin 🦹‍♂️ Profile picture
Apr 9, 2024
💉 You cannot ignore to lookout for SQL Injection vulnerabilities if you want to make $$$$ bounty.

To master SQL injections, open this thread of massive resources 👇
1️⃣ SQL injection by @PortSwigger

🌟 PortSwigger Academy offers excellent resources to learn about web vulnerabilities like SQL injection, providing interactive labs for practical skill enhancement.

portswigger.net/web-security/s…
@PortSwigger 2️⃣ Cheatsheet by @pentest_swissky

🌟 PayloadsAllTheThings serves as a goldmine 🏆 for database hacking, with cheat sheets 📝 for sneaky tricks to break in and mess around. 🕵️‍♂️💻

github.com/swisskyrepo/Pa
Read 7 tweets
Nithin 🦹‍♂️ Profile picture
Apr 8, 2024
🕵️‍♂️ New to bug bounty hunting? Here's a beginner-friendly thread with 10 must-do steps to kickstart your journey!

From starting small to staying ethical, this list has got you covered.😉
1️⃣ Begin with hacking VDPs

This will help you to develop skills gradually rather than aiming for big rewards right away.

2️⃣ Understand Program Rules:

Familiarize yourself with bug bounty program rules for each company before starting testing to avoid misunderstandings.
3️⃣ Focus on Specific Areas:

Concentrate on specific areas to dig deeper and identify more vulnerabilities instead of covering everything at once.
Read 10 tweets
Nithin 🦹‍♂️ Profile picture
Mar 31, 2024
Top 5 DevSecOps platforms to learn Cybersecurity in 2024 👇
1️⃣ AppSecEngineer: This platform offers hands-on, full-stack security training tailored to various skill levels and roles, including developers, cloud beginners, and security architects.

appsecengineer.com
2️⃣ Avatao: Avatao stands out with its gamified platform and hands-on training approach, providing an immersive learning experience for developers and security professionals alike.

avatao.com
Read 7 tweets
Nithin 🦹‍♂️ Profile picture
Mar 28, 2024
Github dorks are super useful and can easily get you $$$$ bounty with correct dorks 🚀

So what should I dork for?

Learn in this thread below 👇
1️⃣ First, what are GitHub dorks?
These are advanced search queries specifically crafted to find sensitive information like API keys, passwords, credentials, and more, often left exposed in code repositories.
2️⃣ Sensitive Information: Search for these words in different combinations:

Token, Secret, Credential, Access Key, Private Key, Authentication, Username, Database, Password, API Key, access_key
Read 7 tweets
Nithin 🦹‍♂️ Profile picture
Feb 24, 2024
If you want to master SQL injections, open this thread!

💉 SQL Injection is a P1 vulnerability and can easily help you earn $$$$💸 Image
2️⃣ Cheatsheet by @pentest_swissky

🌟 PayloadsAllTheThings serves as a goldmine 🏆 for database hacking, with cheat sheets 📝 for sneaky tricks to break in and mess around. 🕵️‍♂️💻

github.com/swisskyrepo/Pa…
@pentest_swissky 3️⃣ Hacking with SQLi by @secaura_

🌟 This is one of the BEST videos out there on SQL injections.

Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(