Reeboot_to_init5 @ReebootToInit5 Twitter profile

Last Seen Profiles

@iheartASkahi

@JasimBuheji

@sac4nagem

@ChimereStephen

@nec_clu

@s4myy_

@CindyLauEvans

@Jyossef

@Slaredeeth8fB8

@Lloyd_notLord

@seanb2b

@G2LB2

@Siemers_XC_TF

@aldave_alan

@drawblue

@Jezrhyct_

@chancewarhol

@ninoheee_game

@bron_lolit

@michaelpengson

@NICO140700

@_itarex

@TweetyOnX

@warbler_05_lune

@bellarousoffic1

@thismiaguy

@livgondim

@Deanna_Hood

@aimi561003

@Nocturketch

@DeesseEsmeralda

@xx_buuny_xx

@Lamin15633

@Luisgarza742023

@ryanbeckman6

@CoultersProp

Reeboot_to_init5

@ReebootToInit5

1 year

Seems like today's a good day 👀

25

29

632

Reeboot_to_init5

@ReebootToInit5

1 year

Always check /assets/env.js

13

115

614

Reeboot_to_init5

@ReebootToInit5

3 years

How to Apply for a Job ?? "HACK THEM" before you apply. And along with your CV send them the report too😎. 99.9% it works #bugbounty #infosec #Ethicalhacking #CyberSec

47

51

443

Reeboot_to_init5

@ReebootToInit5

1 year

Bypass WAF with SQLMAP and TOR

8

133

352

Reeboot_to_init5

@ReebootToInit5

1 year

I have made more than 200000$ from SQL Injections. Here's how I made it 1/n 🧵

27

47

264

Reeboot_to_init5

@ReebootToInit5

1 year

Today i found something interesting A Server Side Javascript Code Injection Looks LIT🔥🔥. Server delayed the response for 30 sec...you change the values the delay changes. #BugBounty #bugbountytips

4

29

237

Reeboot_to_init5

@ReebootToInit5

8 months

Since he got 11 of his submissions marked duplicate and NA , he has decided to change his career now. #hackerone #BugBounty 🤣🤣🤣

46

22

242

Reeboot_to_init5

@ReebootToInit5

1 year

If you ever find a jfrog panel ... Always check /ui path or the shown path below...it might reveal lot's of artifacts containing critical data✌️. The severity will be high 👀

7

44

219

Reeboot_to_init5

@ReebootToInit5

2 years

The JSON email tempering method still works. Tried something like this 👇 my email- attacker @gmail .com Victim email -victim @gmail .com On signup page gave victim @gmail .com&attacker @gmail .com The OTP came to victim @gmail .com& attacker @gmail .com but in attacker @gmail .com account.

7

36

203

Reeboot_to_init5

@ReebootToInit5

2 years

Meet anurag....anurag is a savage dev🤣🤣👍 #Notmine 👀

7

10

180

Reeboot_to_init5

@ReebootToInit5

2 years

Vroooo @ADITYASHENDE17 finally bypassed the Akamai WAF and exploited the Boolean based SQL😜😜.. Thanks for the tampering suggestion 😂🙊

7

26

199

Reeboot_to_init5

@ReebootToInit5

2 years

I just published Pawning Half A dozen of Admin Panels & User Management Apps And Reporting 9–10 P1 in a day. Here is how I reported around 8-10 P1 in a single day #bugbounty #bugbountytips

Pawning Half A dozen of Admin Panels & User Management Apps And Reporting 9–10 P1 in a day.

Ok so As the topic Name looks like (complicated ) the writeup is just the opposite and is very simple.

link.medium.com

5

65

181

Reeboot_to_init5

@ReebootToInit5

5 months

Sometimes SQLmap and ghauri both act as dumb tools I clearly have an SQLi and both tools failed to exploit it 👍

18

8

171

Reeboot_to_init5

@ReebootToInit5

1 year

Ther are 7 parameters in the URL....all of them vulnerable for RXSS😂😂🤣🤣....this is legendary 😆😆 #RXSS

11

8

164

Reeboot_to_init5

@ReebootToInit5

1 year

Recently found an account takeover in Facebook Okay so listen carefully 1. Type the email id of the victim 2. Click on forget password 3. Invite the victim at your home for some tea/coffee 4. Beat the shit out of the victim until you don't get their phone. 5. Reset the password.

22

14

165

Reeboot_to_init5

@ReebootToInit5

2 years

Good morning SQL injection ❤️😎 #Sqli

10

161

Reeboot_to_init5

@ReebootToInit5

2 years

An easy RXSS🥸🥸 #XSS

8

6

151

Reeboot_to_init5

@ReebootToInit5

3 years

I just published Story of A Massive Hack. Hacking almost every user of an organization @ADITYASHENDE17 @e11i0t_4lders0n @thakare_prateek @aish_kendle @MrRajputHacker If you want can give it a read. probably you will find it intyresting. #Hacking

Story of A Massive Hack. Hacking almost every user of an organization

So this writeup is all about Hacking an entire organization which valuation is more than 4 BILLION. Before continuing on the topic …

link.medium.com

4

49

140

Reeboot_to_init5

@ReebootToInit5

2 years

My gf is unbeatable 😂😂❤️ she is literally soooo far awayyyy from cyber security ... doesn't even know the C of "Cyber Security" yet sent me this....because all she knows is that i am in this field.this is the best resource i have received till date😂😂❤️😎

22

5

138

Reeboot_to_init5

@ReebootToInit5

2 years

Inspired By a few people. I did a little good in the past few days, Dropped 9-10 P1 and all got accepted except 1. Thanks to everyone who is an inspiration for me Specially my buddies @ADITYASHENDE17 @MrRajputHacker Also @GodfatherOrwa (thanks for your tips on twitter ❤️)

12

6

139

Reeboot_to_init5

@ReebootToInit5

2 months

Found a 0day (RCE) by mistake 👀👀

20

2

139

Reeboot_to_init5

@ReebootToInit5

2 years

I recently got a 4 digit Bounty amount 😍😍😎. A 1000$ You can also exploit here is how. Steps to reproduce. 1- go to PayPal 2- Open two accounts. 3- deposit 1000$ in one account. 4- now transfer 1000$ into the second account and take a screenshot. 5- Post it #bugbountytips 😎

10

2

117

Reeboot_to_init5

@ReebootToInit5

1 year

@ashoklalla @ianbremmer But the above one is in structure....in India people build their houses anywhere and it looks like nothing more than a mess

1

0

110

Reeboot_to_init5

@ReebootToInit5

3 months

Who is this legendary hacker 👀👀💀

3

118

Reeboot_to_init5

@ReebootToInit5

3 years

Hey guys stop tweeting your Bounty screenshots here and everywhere. Someday Indian govt gonna notice it and will implement 63% tax on it. And you will have to pay even if it's Dupe🥲😹. Be careful 🤫 #bugbountytips #bugbounty #Budget2022

10

17

114

Reeboot_to_init5

@ReebootToInit5

1 year

The moment I saw the request...i knew I was gonna exploit it. I couldn't believe that they were passing the SQL queries on request.... however they tried hard to hide this request. Tip - always check loggers and try to intercept as many requests as you can. #SQL #sqlinjection

4

8

113

Reeboot_to_init5

@ReebootToInit5

1 year

Ghauri >>>>>SQLmap

6

7

108

Reeboot_to_init5

@ReebootToInit5

7 months

Everyday is a 0day I find 0 vulnerability daily. #bugbounty

8

10

108

Reeboot_to_init5

@ReebootToInit5

2 months

90% of bug bounty tips are useless and don't even make sense, so stop tweeting that shit. If you really wanna give tips , give it properly.

12

7

102

Reeboot_to_init5

@ReebootToInit5

1 year

I am gonna find 1 vulnerability in epic games in the next 3 days , or i won't hack for this entire month 😤😤. If it is accepted I will be giving 1 pentesterlab/pretty recon to 1 person 🥸 It's me vs me .....plus epic games😤😤... let's do it🎉

25

4

103

Reeboot_to_init5

@ReebootToInit5

1 year

I just published Chaining Self Blind XSS with Broken Access Control To Make it Non Self Blind XSS I guess this one was fun😃😅

Chaining Self Blind XSS with Broken Access Control To Make it Non Self Blind XSS

okay so the first thing it is not gonna be a fancy write up as i am running out of time, but definitely excited for this vulnerability so…

link.medium.com

7

37

100

Reeboot_to_init5

@ReebootToInit5

11 days

Thanks for the 0day bro @krishnsec 🫂

9

3

102

Reeboot_to_init5

@ReebootToInit5

1 year

Fu*k the WAF game is too strong 🥲👀 The only way to left to get the DB is to point a gun on admins head and ask him to disable the WAF 🤷 #SQLi

11

3

98

Reeboot_to_init5

@ReebootToInit5

10 months

Howwwwww😧

12

5

97

Reeboot_to_init5

@ReebootToInit5

2 years

That's how you find a P1 in a minute 😝😝 #bugbounty #bugbountytips #infosec

9

5

94

Reeboot_to_init5

@ReebootToInit5

1 year

@anishbakshi @kadaipaneeeer His ultimate goal is to feed children and the poor by whatever he does and it takes courage....so aapse req hai bkwass na kre

3

0

89

Reeboot_to_init5

@ReebootToInit5

2 months

Thanks bug bounties ❤️🙌 Bought a plane today ✅✅

11

1

90

Reeboot_to_init5

@ReebootToInit5

1 year

Here is a priceless gift that i received from @souravbaghz ...Jai shree Krishna 🙌❤️❤️

15

2

88

Reeboot_to_init5

@ReebootToInit5

7 months

SQLis are easier to find than SSRFs Change my mind #BugBounty

9

0

85

Reeboot_to_init5

@ReebootToInit5

8 months

My P4 guys😎✌️ @RootxRavi @krishnsec

7

2

88

Reeboot_to_init5

@ReebootToInit5

2 years

When you get blocked by any kind of protection mechanism or WAF Next time try this This is something which the developers or internal employees of the company uses. @MrRajputHacker @ADITYASHENDE17 Give it a try sometimes 😉😉 #infosec @bugbounty

1

16

85

Reeboot_to_init5

@ReebootToInit5

1 year

I don't care about it being duplicate, but i am liking the speed of the traiger....45 seconds 😂😂🤣🤣

15

1

82

Reeboot_to_init5

@ReebootToInit5

2 years

Me after putting 263 Blind XSS payload everywhere,.... trying to find out which one and from where did it execute 😂😂👀 #bugbounty

8

5

77

Reeboot_to_init5

@ReebootToInit5

2 years

Lol😂😂😂..... safety expert it is🤣😝 What a great safety expert 🤫🤫

10

1

73

Reeboot_to_init5

@ReebootToInit5

2 years

My friend watching me put anything in the feed back form and asking me have you lost your mind ?? Why are you coding in the feedback form??🤣🤣 ("><script src=></script>) Me -coding this Java script everywhere gives money 😂😂 #BugBounty

3

2

77

Reeboot_to_init5

@ReebootToInit5

2 years

There's a small vulnerbilty of HTML injection that i have found a lot when it comes to signup somewhere or invite users from their email. Way to exploit 1-in the first name parameter put the HTML payload something like <img src="https//malicious website dot com"> #bugbountytips

1

21

72

Reeboot_to_init5

@ReebootToInit5

4 years

One of the best writup on Cross site Web Socket Hijacking (CSWSH). Where we can escalate it to account takeover. . #bugbountytip #bugbounty

0

23

73

Reeboot_to_init5

@ReebootToInit5

2 years

The application has added one param which is txt , this is basically being used for tracking the user IP , But also is beneficial for exploiting an SQLi 😜😜... here's to one more SQLi Check all the params , you never know 😉 #SQL #bugbounty #bugbountytip

3

11

73

Reeboot_to_init5

@ReebootToInit5

2 years

Have anyone Ever reported something like an Unauthenticated Password change to some org😂😂🤣....I can Literally Brutefroce Current password for thousand of users and change their password @MrRajputHacker @ADITYASHENDE17 Piro Logic by Dev😜 #Bugbountytips #Bugbounty

12

9

69

Reeboot_to_init5

@ReebootToInit5

4 months

I earned $600 for my submission on @bugcrowd #ItTakesACrowd Gareebi pro max 💀

12

0

73

Reeboot_to_init5

@ReebootToInit5

1 year

Finally an invite from @Bugcrowd after months 😂😂🤣 😛

9

1

70

Reeboot_to_init5

@ReebootToInit5

2 years

Sometimes your Stored XSS payload doesn't get triggered But, It can do something else , it can crash the application. Well this is how After login , in email parameter in the account provided the payload "onclick=prompt(1)><svg/onload=prompt(1)>" #bugbountytips #infosec

3

11

71

Reeboot_to_init5

@ReebootToInit5

2 years

Can anyone confirm if it means that it has actually come from internal systems and the IP being disclosed is internal?? #BugBounty

10

5

68

Reeboot_to_init5

@ReebootToInit5

1 year

Now you guys will say it's not real😏😏

12

3

69

Reeboot_to_init5

@ReebootToInit5

8 days

Got a lab for testing for interview purpose Found 1- RCE 2- SQLi 3- stored XSS 4- Reflected XSS 5- Admin account takeover by IDOR in profile 6- Admin ATO via reset password 7- Admin ATO via stored , blind xss All in 10-20 minutes , wish BB was like this someday 🤣🤣💀

5

14

178

Reeboot_to_init5

@ReebootToInit5

1 year

Just hit one BXSS. Had an option to add an entity in my account ( the entity i can't disclose) ...added multiple entities with BXSS payloads and then invited another user with one of the entities...the user logs in using the invite and the payload fires(entity name is vulnerable)

7

66

Reeboot_to_init5

@ReebootToInit5

1 month

I had earned a couple thousand $$$$ last month from bug bounty on the @Bugcrowd , with one Collab. Bugs exploited SSTI/RCE , Priv escalation Xss Tip - deeeeeeeeeeeeeeeeeeeeeeep Recon 💀

13

3

66

Reeboot_to_init5

@ReebootToInit5

1 year

Meet satoro gojo of Bug Bounty😜🤝 I guarantee he is coolest bug hunter you can ever meet - Funny+ cool+ Zero ego ❤️⚡️ @krishnsec

6

3

66

Reeboot_to_init5

@ReebootToInit5

2 years

Story of an account takeover in 30 minutes.😹😹🤣🤣 #infosec #bugbounty #bugbountytips

4

7

65

Reeboot_to_init5

@ReebootToInit5

2 years

Looking for default admin credentials 👀👀😂

7

0

65

Reeboot_to_init5

@ReebootToInit5

2 months

The recent CVEs found by assetnote on Service now , Well don't bother trying to find out in BBP programs, it's almost patched everywhere 🤣🤣💀

4

5

65

Reeboot_to_init5

@ReebootToInit5

3 years

What is this behaviour ??🥺 Interviewer - What will you do if you found SNMP port Open?? Me - Will Google it Interviewer - Me - I don't understand why did he cut the call in middle of the interview 🙄😐 I mean that's how we hack things right?? Googling??🙄🤷 #infosecurity

6

3

61

Reeboot_to_init5

@ReebootToInit5

1 year

I created my own application and connected it to a DB, i exploited a time based SQL injection, then emailed it to my other email ID. From my other email ID , reverted on the email that this is indeed a valid finding and then awarded 200k$ in bounty. Waiting for the bounty 🥳

10

3

60

Reeboot_to_init5

@ReebootToInit5

1 year

Exploited a quick blind XSS, There is a portal , for you to register you have to send your full name and your email id. There is an option to write a comment explaining why you want that account. Put a Blind XSS there and it gets executed within 2 minutes 😍 #bugbountytips

3

4

59

Reeboot_to_init5

@ReebootToInit5

8 months

Me looking for private invites from @Bugcrowd #BugBounty

6

1

61

Reeboot_to_init5

@ReebootToInit5

3 years

Don't ever doubt a Hacker!!! We can destroy a database just to find our our crush Mobile number 😭😂😂😎. But always stays Ethical 🙋 Mereko to mil gaya crush ka number 😂😂 baki ke 8-10 lac numbers ka kya kru frndss?? #infosec

8

6

56

Reeboot_to_init5

@ReebootToInit5

2 years

I earned $400 for my submission on @bugcrowd #ItTakesACrowd

5

2

57

Reeboot_to_init5

@ReebootToInit5

4 months

Finally i bought the white colour 😁😁🥰🙌 I think 4 are enough 😎

15

0

58

Reeboot_to_init5

@ReebootToInit5

1 year

Finally, buying a car and a tank from my bounties 💪😎 Thanks to #BugBounty 🫡

9

0

58

Reeboot_to_init5

@ReebootToInit5

18 days

Hey @Bugcrowd i was thinking maybe someday in future 👀👀, how about a live hacking event being hosted in India ?? I am pretty sure all our hackers will love this event and the place. A lot of hackers will be excited for this event in India 🥷

6

5

58

Reeboot_to_init5

@ReebootToInit5

1 year

What a shame @bounceshare I reported a critical vulnerability and your team fixed it without even replying to my emails. No one's gonna trust you guys even if you are running a BB program. Remember that you are cheating with researchers where you sink in the future.

12

5

57

Reeboot_to_init5

@ReebootToInit5

7 months

So i sent an XSS report to the Dev team in my org, and they fixed it really quick and sent it back to me for revalidation The fix <script>alert (1)</script> --> 403 Same payload URL encoded - Pop up😂😂😂

3

1

57

Reeboot_to_init5

@ReebootToInit5

11 months

This blocker is a living proof that sometimes, how unfair a program can be 😂😂 @Bugcrowd Lol it's been 5 months and the customer didn't respond to the RAR🤣🤣 Deep down they know they were unfair ☠️

2

1

55

Reeboot_to_init5

@ReebootToInit5

1 year

Nothing specific about Cyber Security But these people have amazing personalities and are very grounded. Would like to give a shout out to the best people I have met online. @krishnsec @ADITYASHENDE17 @bug_vs_me @MrRajputHacker Retweet if you agree/comment your fav ones🥳

6

7

54

Reeboot_to_init5

@ReebootToInit5

5 months

Tuesday motivation 💪😎👍

10

3

53

Reeboot_to_init5

@ReebootToInit5

1 year

Hi infosec community and hackers. I need a little help from the community. One of my colleagues dad has been in ICU for weeks and his condition is critical. We have already invested more than we had and now we ran out of money. We are raising funds for his treatment. #infosec

1

22

52

Reeboot_to_init5

@ReebootToInit5

5 months

Creating users with Usernames like Admin And keeping the password as Admin , Admin @123 , If the application allows , it's fun, someone's gonna report it as default credentials 🤣🤣🤣 #bugbounty

11

1

52

Reeboot_to_init5

@ReebootToInit5

1 year

Hack me if you can😏😏

16

2

49

Reeboot_to_init5

@ReebootToInit5

2 years

Sometimes i feel i know nothing... nothing at all ...not even zero , I am in minus actually in infosec. Got a JD for a Job in infosec and my mind is totally blank. Feels like i am so behind of everything 🥺🙄. Here is the JD in the thread below 👇

7

8

51

Reeboot_to_init5

@ReebootToInit5

2 months

I totally suck at Bug Bounties and I am willing to accept it 👍✅ But , i guess I won't be able to quit it 😮‍💨

11

0

50

Reeboot_to_init5

@ReebootToInit5

2 years

Blind XSS is so much fun and tricky sometimes, You will have to wait for it to trigger. And these were present very deep in the application, i am literally crying trying to create video POC🥲🥲🥲 Can someone suggest a good way to remember where we exploited it ?? #BugBounty

5

2

50

Reeboot_to_init5

@ReebootToInit5

2 years

50 years from now , lying on my bed breathing my last moments and someone asks Any last wishes?? Me - Give me my laptop and an application, want to exploit an RCE👀😂😂😂 #bugbounty #hacking

2

5

49

Reeboot_to_init5

@ReebootToInit5

4 years

20 Hours, $18, and 11 Million Passwords Cracked by Alice Henshaw 😍😍😍

20 Hours, $18, and 11 Million Passwords Cracked

I thought I’d see how successfully everyday developers, without specialist knowledge, could hack millions of passwords.

link.medium.com

0

13

48

Reeboot_to_init5

@ReebootToInit5

7 months

Whenever I open twitter There are 2 mandatory tweets that I see 1st from @bug_vs_me saying congratulations 🎉 to hunters 2nd from @sachin_pandey98 saying 🔥🔥🔥 to hunters I don't close twitter until I have seen these both😜😜🤣

15

0

49

Reeboot_to_init5

@ReebootToInit5

2 years

How to make BXXS critical....well put in on the employee management system or HRMS😝😝😝...have everything from UN number to PAN card😅 #bugbounty #XSS

3

2

46

Reeboot_to_init5

@ReebootToInit5

1 year

I thought i hit a jackpot....but ....then the documentation came where NPM accepts their users revealing their email addresses and NPM usernames 🤔

3

4

47

Reeboot_to_init5

@ReebootToInit5

4 years

I just published Breaking Into Banks

Breaking Into Banks

Hacking banks ….whoaa!!! sounds something Very complex hacking process where you will just break into bank’s server and computers and…

link.medium.com

0

16

47

Reeboot_to_init5

@ReebootToInit5

1 year

I just gave an interview and the interviewer was not ready to accept that there's something called RCE and DNS exfiltration via SQLi Now i am depressed AF, because i have literally exploited it a few weeks ago Idk wtf i did exploit then🥺🥺🤷...i am going back to basics 🥲

5

1

45

Reeboot_to_init5

@ReebootToInit5

2 years

I died laughing 😂😂🤣🤣 @cyph3r_asr

12

5

46

Reeboot_to_init5

@ReebootToInit5

11 months

In October 10 of my reports were marked NA(Blindly) , my 13 of reports got duplicated, 42 reports were rejected and finally 21 were ignored and I got frustrated 263 times. #Together we get depressed harder 💪💪👽

8

1

47

Reeboot_to_init5

@ReebootToInit5

2 years

Does everyone think implementation of a 6 digit OTP is safe and enough?? Took 45 mnts and 30k request to bruteforce the correct OTP🫡

8

1

46

Reeboot_to_init5

@ReebootToInit5

3 years

@brawling_virago Kitne v tension me raho baap ko baap hi bulaoge na?? Ya fr bologe sun bsdk😂

0

2

42

Reeboot_to_init5

@ReebootToInit5

1 year

Find something in services and then enjoy Exploiting it in tons of organization 😅👀 A full read SSRF #SSRF

3

5

44

Reeboot_to_init5

@ReebootToInit5

3 months

@_FaridKhan Koi ni puchh raha bhai 💀💀

3

0

44

Reeboot_to_init5

@ReebootToInit5

1 year

@Cathrinmachin @ianlauerastro Guys nebula is in the picture 🖼️.

2

0

32

Reeboot_to_init5

@ReebootToInit5

1 year

I can say i have been fuzzing like a noob, today i found out how to fuzz✌️🔥....and what can be acevived through fuzzing 🔥

10

4

44

Reeboot_to_init5

@ReebootToInit5

5 months

Woke up and saw I have Lost around 12k$ in liquidation yesterday 🥲👍 But I know my stupid self, it won't stop 🥲 #BTC

46

3

35

Reeboot_to_init5

@ReebootToInit5

1 year

Submitted a vulnerability on H1, and it's been 20 minutes I haven't received the notification which says it's duplicate. Seems will get good news🤣🤣🤣

5

0

42

Reeboot_to_init5

@ReebootToInit5

3 years

WebSockets not Bound by CORS? Does this mean… by Drew Branch Something We rarely Hunt. But is present almost everywhere. @thakare_prateek @aish_kendle @ADITYASHENDE17

WebSockets not Bound by CORS? Does this mean…

Attackers, utilizing malicious JavaScript, could exfiltrate WebSocket data from victim-established communication channels within web apps.

blog.securityevaluators.com

1

19

42

Reeboot_to_init5

@ReebootToInit5

1 year

I earned $450 for my submission on @bugcrowd #ItTakesACrowd 4 reports more to go👀😷

4

0

42