Deepak bug_vs_me @bug_vs_me Twitter profile

Pinned Tweet

Deepak bug_vs_me

1 year

WordPress Plugin WPML Version < 4.6.1 RXSS vulnerability Found by :- @bug_vs_me and @falcon_charan on 13th MArch 2023 Nuclei template:- and payload:- https://xxxxxxx/wp-login.php?wp_lang=%20=id=x+type=image%20id=xss%20onfoc%3C!%3Eusin+alert(0)%0c

30

177

546

Last Seen Profiles

@moveandlearnuk

@ShopHQOfficial

@ZavierIndia

@HEROSHIMO

@pasutri_plbg69

@NasirSmith99

@qadir__

@JewishWhites

@sirromanroy

@DefneAsu01

@Nightbuyer

@ZachIsHere

@otozuki_teru

@Eternal_Energy_

@Serra

@XP_Leagues

@rfknrltm_

@boyerism

@AHOY_Pirates

@RyanMurph2024

@realgazakure

@yomogi1402

@KSAembassyPK

@riverportgin

@mitchramsey95

@janfrodeno

@reallydrsam

@AteneOBF

@Gizmyyy

@Rowdy_House

@Krevelenn

@PrepRedzoneNE

@JeffGrenz

@SexMattersOrg

@EricaKHanson

@NikiMarinis

Deepak bug_vs_me

@bug_vs_me

1 year

whenever you saw any email input field! 70% bug hunters don't try XSS there as compared to name field. always try this in email input field! "<img/src/onerror=alert(0)" @xss .com This don't work every time but give it a try found 2 XSS today using this! #bugbountytips

35

235

801

Deepak bug_vs_me

@bug_vs_me

1 year

Trying to improve my stats on HackerOne and spend 20 days 2 Hr/per day. Found some medium, high and critical issues! Tip: - always check company's/Organization employees GitHub account for leaked ghp_ token, and check access to each repo of main organization #bugbountytips

36

105

671

Deepak bug_vs_me

@bug_vs_me

6 months

\u0022\u003c%26quot;%26gt;%26lt;"';}};“></SCRIPT><img src=x onerror=alert(69)>${{7*7}} My favourite xss payload

13

126

571

Deepak bug_vs_me

@bug_vs_me

2 years

Found critical IDOR! Attacker can delete all files on server within 2 minutes Tips: - use match and replace tool in burp Create 1 attacker account and 1 victim account and replace set match to attacker account and replace set to victim account and test all functions of web app!

36

91

536

Deepak bug_vs_me

@bug_vs_me

1 year

The 1st time I tried Bugcrowd! And found 1 P2 level vulnerability Tip:- always try to check if the website is hosted on Netlify! Then try:- for example the main domain name is Deepak So i tried 60% people set Netlify CMS to public signup #bugbountytips

17

89

434

Deepak bug_vs_me

@bug_vs_me

6 months

Me and @ArmanSameer95 , we both earned a $20,000 bounty on @Bugcrowd , it's always fun to collaborate with experienced and talented bug bounty hunters, Best collaboration ever 💯, Always try to find a way to escalate Vulnerability impact, 😉 #bugbounty #Hacking

57

11

434

Deepak bug_vs_me

@bug_vs_me

2 years

2500 USD bounty Bug :- HTMLI #bugbounty #hacking

36

24

423

Deepak bug_vs_me

@bug_vs_me

9 months

Easy P1 :- ------------------- { "otp":"123456" =403 + wrong otp } ------------------- { "otp": true =200 +rest token } -------------------- @devangsolankii remeber 👀 #bugbountytips

15

78

377

Deepak bug_vs_me

@bug_vs_me

7 months

Yay, I was awarded a $7,500 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

37

9

335

Deepak bug_vs_me

@bug_vs_me

1 year

I just published All about XSS — Cross site scripting! Not in deep just for beginners! Let me know if any correction needed #BugBounty

All about XSS — Cross site scripting!

Hi i am Deepak , part time bug hunter pursuing B.com

link.medium.com

14

106

319

Deepak bug_vs_me

@bug_vs_me

1 month

All Thanks to Bug bounty and @Hacker0x01 @Bugcrowd @inspectiv @intigriti for amazing platform for hackers

49

8

328

Deepak bug_vs_me

@bug_vs_me

1 year

Yay, I was awarded a $$,$$$ bounty on @Hacker0x01 ! My highest bounty till now 🤪! Thank you @github #TogetherWeHitHarder #BugBounty #Hacking

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

46

10

313

Deepak bug_vs_me

@bug_vs_me

7 months

Discovered a Stored XSS on a well-tested domain. My mindset for successful bug hunting: No app is bug-free. People find critical bugs in older programs 6-7 years old program. Treat every program as new and start hunting! 🔍 #bugbounty #XSS

25

21

304

Deepak bug_vs_me

@bug_vs_me

1 year

Checkout This :- #bugbountytips

ALL ABOUT XSS CROSS SITE SCRIPTING -- BASIC KNOWLEDGE

Hi i am Deepak , part time bug hunter pursuing B.com In this write-up i will discuss about XSS not in deep but for beginners who want to learn about XSS...

hacklido.com

6

102

289

Deepak bug_vs_me

@bug_vs_me

4 months

Yay, I was awarded a $5,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

40

7

263

Deepak bug_vs_me

@bug_vs_me

2 years

Bug bounty vulnerability: - CSRF to gain Admin permission

9

33

264

Deepak bug_vs_me

@bug_vs_me

1 year

$1000 bounty for reporting GitHub Api token, having Access to all repositories Public and private with Read and write access, #bugbounty

10

261

Deepak bug_vs_me

@bug_vs_me

1 year

Yay, I was awarded a $2,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder First critical submission on @Hacker0x01 Bug/vulnerability :- secret key exposed in Code ! #bugbounty #Hacking

24

8

249

Deepak bug_vs_me

@bug_vs_me

2 years

XSS TO ADMIN ACCOUNT TAKEOVER Thanks to @0xGodson_ @tirtha_mandal #bugbounty #hacking #bughunter

21

249

Deepak bug_vs_me

@bug_vs_me

5 months

Yay, I was awarded a $3,500 bounty on @Hacker0x01 ! #TogetherWeHitHarder

22

5

247

Deepak bug_vs_me

@bug_vs_me

1 year

bored?? 1. Go to burp >> Match and replace 2. set response body false to true 3. set request body false to true then browse HackerOne reports 😂 you can see Triager UI and some other features!

5

32

233

Deepak bug_vs_me

@bug_vs_me

1 year

Bug hunter? slow internet? want a VPS for free $0 as beginners? $200 credit for a year Pre required:- A College ID, Github Account , A credit card ( Don't worry not costing you single rupee ) Solution:- Go to

19

58

230

Deepak bug_vs_me

@bug_vs_me

9 months

Drop down interesting bug bounty writeups you ever read or you wrote! Because i saw many writeups which are very interesting and valuable but have very little exposure to the community! Let me and others learn from below posted writeups!! #BugBounty

21

78

239

Deepak bug_vs_me

@bug_vs_me

7 months

First time found SSTI excited to exploit!

22

10

227

Deepak bug_vs_me

@bug_vs_me

1 year

If you found XSS and in CSP policy unsafe-inline, inline script is disabled and script can be loaded from whitelisted domains "script-src 'self. You can't upload script to current domain, but you see YouTube or google in whitelist domains IN CSP you can use this script below! .

3

49

212

Deepak bug_vs_me

@bug_vs_me

1 year

Just wrote a bash script which collect all wild and non-wild in scope domains from all programs i had set this script to collect paid programs only but you can change it in the script #bugbountytip

4

60

211

Deepak bug_vs_me

@bug_vs_me

1 year

$500 for Stored xss! First it was accepted as medium severity as i can't steal session cookies because it's secured, but i found that a endpoint exposed csrf token for doing various tasks I can't code so i created full exploit using chatGPT and now it's marked as high #bugbounty

13

19

211

Deepak bug_vs_me

@bug_vs_me

6 months

Done! 💯 it was good journey with a lot of $$$$$😂

19

1

207

Deepak bug_vs_me

@bug_vs_me

10 months

Yay, I was awarded a $2,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder Bounty for previous XSS REPORT BYPASS 🙏 JAI SIYA RAM

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

25

4

207

Deepak bug_vs_me

@bug_vs_me

1 year

First I reported XSS trigged as medium! I am not satisfied with that later I chained it with account takeover! Got additional. $650 Tips: - if application have feature of Api key and you can't steal session cookies! 1/n

6

24

202

Deepak bug_vs_me

@bug_vs_me

2 years

google Dorking to find api key Eg:- inurl: xsolla "api_key" #bugbounty #HackerOne #bugbountytips

8

37

200

Deepak bug_vs_me

@bug_vs_me

5 months

DONE ✅ Congrats to all Researchers! Thanks @EpicGames @Hacker0x01 for opportunity! #BugBounty

Deepak bug_vs_me

@bug_vs_me

9 months

Soon i will be on this list! Congrats to all top researcher 💯💯

7

1

56

32

3

202

Deepak bug_vs_me

@bug_vs_me

1 year

XSS --- severity - 8.9💀 Don't just report xss with alert popup, always try to chain it with critical action like i chain it with org takeover, where when script execute! ORG admin upgrade attacker to Admin and Original Admin remove himself from Org within 1 click!

12

192

Deepak bug_vs_me

@bug_vs_me

2 years

$500 stored xss Tips :- Try large size payloads and when payload get shortened by web application to adjust payload into UI it's getting triggered! #bugbounty #bugbountytip #hackerone #Hackers #Pentesting

12

22

186

Deepak bug_vs_me

@bug_vs_me

2 years

Yay, I was awarded a $1,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder #bugbounty

8

5

186

Deepak bug_vs_me

@bug_vs_me

1 year

Yay, I was awarded a $3,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

15

6

185

Deepak bug_vs_me

@bug_vs_me

1 year

Small start of 2023 with $75 hope this ends in $$$$$ +++ Bug/vulnerability :- Html injection + xss possibility, as i was able to break line but all event listeners filtered so i reported it as HTMLI +++ Payload used = "<img/src="imageurl">" @xss .com

12

21

180

Deepak bug_vs_me

@bug_vs_me

1 year

Mind blowing 🤯 writeup by @win3zz must read, #BugBounty #bugbountytips

How I made $31500 by submitting a bug to Facebook

How did I found SSRF in Facebook — the story of my first bug bounty

link.medium.com

2

52

184

Deepak bug_vs_me

@bug_vs_me

2 years

First write-up must read Thank you #bugbounty #bugbountytips

CSRF Attack — 0 click account delete - 1st write-up

I am Deepak, Started bug bounty 5–6 months age, I am noob in this field correct me if you found something wrong in this post.

medium.com

16

50

182

Deepak bug_vs_me

@bug_vs_me

1 year

I was using YouTube usually and suddenly got a video showing a POC video of a vulnerability that i uploaded on HackerOne 😂😂 For the 1st 20 seconds I didn't realise that it's my POC video

10

3

174

Deepak bug_vs_me

@bug_vs_me

1 year

Yay, I was awarded a $650 bounty on @Hacker0x01 ! First I reported a XSS but with the help of ChatGPT, I am able to craft a attack which steal key having read and write permission Medium 4.4 >>>>>> High 7.7 #TogetherWeHitHarder

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

7

9

175

Deepak bug_vs_me

@bug_vs_me

1 year

Today i received 6-7 bounties into my bank! And now i don't know for which bug and from which platform i received the bounty 😂! #workhard

27

5

168

Deepak bug_vs_me

@bug_vs_me

1 year

I was very busy with exams nowadays and wasn't able to hunt bugs for the past 20 days, yesterday I spent 1 hr on a target and found xss where the content type is text/html but in body there is json body so using bad characters i am able to generate a error msg leads to xss $300

10

6

167

Deepak bug_vs_me

@bug_vs_me

11 months

Yay, I was awarded a $2,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

28

1

167

Deepak bug_vs_me

@bug_vs_me

1 month

Got H1 clear verified 🙂, thanks @Hacker0x01 . I will take this as motivation and start hacking again 💪

19

1

167

Deepak bug_vs_me

@bug_vs_me

4 months

January has been a very good month for me as I have reported over 13 vulnerabilities (6 critical), all of which were bug bounty targets!

27

1

165

Deepak bug_vs_me

@bug_vs_me

1 year

Android hacking resources by @devangsolankii #Hacking #bughunting

GitHub - Devang-Solanki/android-hacking-101: This repo is a helpful starting point for those...

This repo is a helpful starting point for those interested in exploring the world of Android hacking and bug bounties. The resources mentioned have personally assisted me. - Devang-Solanki/android-...

github.com

1

60

158

Deepak bug_vs_me

@bug_vs_me

2 years

Finally, My Name into Apple HOF 😎 #bugbounty

16

6

158

Deepak bug_vs_me

@bug_vs_me

2 months

Yay, I was awarded a $$$$ bounty on @Hacker0x01 ! #TogetherWeHitHarder RXSS to ATO

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

16

2

156

Deepak bug_vs_me

@bug_vs_me

1 year

Just earned a bounty of $1000 by reporting a bug on BugBase! It was an amazing experience hunting on the platform. #cybersecurity #bugbase #bugbounty #bounty #security #vulnerabilities

BugBase | Continuous Vulnerability Assessment Platform

Discover, manage, and proactively address vulnerabilities with BugBase's comprehensive suite of services. Our offerings include managed bug bounties, Penetration Testing as a Service (PTaaS),...

bugbase.ai

7

13

151

Deepak bug_vs_me

@bug_vs_me

1 month

@_xploiterr I have good alternative onerror="& #106 ;& #97 ;& #118 ;& #97 ;& #115 ;& #99 ;& #114 ;& #105 ;& #112 ;& #116 ;& #58 ;& #97 ;& #108 ;& #101 ;& #114 ;& #116 ;& #40 ;& #41 ;"

2

30

156

Deepak bug_vs_me

@bug_vs_me

1 year

First bounty of $$ excitement + happiness >>>>>> $10,000 bounty now! 🙃

18

8

152

Deepak bug_vs_me

@bug_vs_me

9 months

When you wake up and see this (triage and bounty) paid really makes my day 💯

19

2

153

Deepak bug_vs_me

@bug_vs_me

2 months

Yay, I was awarded a $$$$ bounty on @Hacker0x01 ! DOM XSS on extension #TogetherWeHitHarder

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

25

2

151

Deepak bug_vs_me

@bug_vs_me

2 years

Earned 61k INR bounty for finding a vulnerable in crypto wallet in which i can able to over-write crypto wallet password #bugbounty #hacking

17

7

153

Deepak bug_vs_me

@bug_vs_me

2 years

Good Start of November Collab with @devangsolankii helped a lot #bugbounty #hacking

12

8

147

Deepak bug_vs_me

@bug_vs_me

4 months

Someone is going to be in trouble.😂

15

3

147

Deepak bug_vs_me

@bug_vs_me

5 months

Yay, I was awarded a $500 bounty on @Hacker0x01 ! #TogetherWeHitHarder 3rd bypass :) access control, always try to set param in url and in body sometimes backend take id from url and validate user but do changed in id in the body! [ both different ids]

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

10

5

146

Deepak bug_vs_me

@bug_vs_me

1 year

Yay, I was awarded a $$$ bounty on @Hacker0x01 ! And I completed 500 reputation points on HackerOne. Prior, I was not active on HackerOne, but in the past 2 months, I reported a few vulnerabilities and completed 500+ points! #TogetherWeHitHarder

17

2

145

Deepak bug_vs_me

@bug_vs_me

2 months

One Dm from @DoTV3N to bypass XSS to 1 CLICK ATO 😉

10

0

146

Deepak bug_vs_me

@bug_vs_me

1 year

🫠

12

4

137

Deepak bug_vs_me

@bug_vs_me

1 year

Earned swag from Sony ! #BugBounty

11

4

138

Deepak bug_vs_me

@bug_vs_me

6 months

Small thing may help you to resolve ip address ssl CN Bash to get SSL CN Steps:- Wget bash -i <ipaddresshere>

6

23

136

Deepak bug_vs_me

@bug_vs_me

8 months

Yay, I was awarded a $$$$ bounty on @Hacker0x01 ! #TogetherWeHitHarder XSS bypass third time on same param! Program implemented fix using regex to prevent XSS but they forgot to set same for uppercase letters so i was able to bypass restriction!

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

15

3

132

Deepak bug_vs_me

@bug_vs_me

11 months

Hi beginners bug hunters just advice please don't ask simple questions in DM or Tagging other hunters without doing your own research! First Do some research and invest some time to find solutions on your own, If you still can't find solutions then ask me, i always reply, (1)

3

16

129

Deepak bug_vs_me

@bug_vs_me

3 months

Thanks @Bugcrowd

8

1

130

Deepak bug_vs_me

@bug_vs_me

2 years

@mk_jsq @stephenrobles Really! you are comparing this with apple watch? 🤣

3

0

123

Deepak bug_vs_me

@bug_vs_me

1 year

$2,000 bounty for exploiting Django Debug mode exposed information about environment variables and vulnerable to many CVSS and i was able to extract AWS key/secret in error logs! #BugBounty #Hacking #bugvsme

17

7

125

Deepak bug_vs_me

@bug_vs_me

2 years

👽 WTF, when you got Good and bad news at the same time 😋 ------ 😐 #BugBounty

14

5

127

Deepak bug_vs_me

@bug_vs_me

9 months

So it's worth it

Deepak bug_vs_me

@bug_vs_me

9 months

Just wrote 200 lines of javascript using AI to show an xss impact to be high, this took me 9 hours, hope for best 👀, I just used as many functions to extract all data and created a script which works on each and every user, get I'ds combined with Post req. + csrf and all,

8

4

100

12

6

128

Deepak bug_vs_me

@bug_vs_me

2 years

XSS on Admin panel #bugbounty #hacking #hackerone #bugcrowd

8

10

122

Deepak bug_vs_me

@bug_vs_me

11 months

Because of bad triger i lost my $4,500 My report marked as informative reported on 16 may And on 1 june reported again with good poc and today i got duplicate on 2nd report And what i see is the same poc and the explanation report got triaged which is reported on 17 May :(

23

3

122

Deepak bug_vs_me

@bug_vs_me

2 years

Got one more Critical vulnerablity #bugbounty

15

8

124

Deepak bug_vs_me

@bug_vs_me

1 year

🙏 xss was easy to find on this endpoint but no one reported maybe they can't be able to bypass CSP! As it's limited modified or control over script that's why they set it as low! 😬 #bugbounty

Deepak bug_vs_me

@bug_vs_me

1 year

If you found XSS and in CSP policy unsafe-inline, inline script is disabled and script can be loaded from whitelisted domains "script-src 'self. You can't upload script to current domain, but you see YouTube or google in whitelist domains IN CSP you can use this script below! .

3

49

212

4

10

117

Deepak bug_vs_me

@bug_vs_me

4 months

why XSS not works in 1st case ? in 1st case i used ' ' and in 2nd and 3rd case i used ` ` New line in 1st case is causing problem syntax error, any way to execute XSS here i have full control user variable value <> '"` is encoded only /\()-+ is allowed and var = "xx\" (1/n)

6

11

119

Deepak bug_vs_me

@bug_vs_me

10 months

Yay, I was awarded a $$$ bounty on @Hacker0x01 ! #TogetherWeHitHarder Always try to read the js file carefully if you don't understand something using ChatGPT to understand JS code, i found DOM XSS,

HackerOne profile - bug_vs_me

🧑‍💻 -

hackerone.com

7

3

119

Deepak bug_vs_me

@bug_vs_me

1 year

If you are not satisfied with severity set by triager, do speak to them and explain in detail why severity should be increased! vulnerability was XSS to account takeover. Here I explained in detailed to them. See result: - #bugbountytips

3

5

110

Deepak bug_vs_me

@bug_vs_me

1 year

Got BOUNTY for bypassing the credit limit, Turn on burp and explore web application later examine each and every api request that logged into burp! This takes a lot of time but is worthy it in the End 😉 #BugBounty

6

5

116

Deepak bug_vs_me

@bug_vs_me

10 months

Crossed 1,000+ reputation on @Hacker0x01 ! 🎉 Started hunting seriously in Feb 2023, mainly on paid programs (95%) 🕵️‍♂️ Previously focused on self-hosted BB programs. Amazing experience with HackerOne! 💻 #BugBounty

21

1

114

Deepak bug_vs_me

@bug_vs_me

1 year

$1250 equilateral bounty in crypto Bug/vulnerability:- improper Authentication allows any user to act as Admin! I tested all the endpoints which i found using "gau" and found vulnerable one Tip:- Manual hunting (80%)+ some recon (20%) = good bounty #bugbounty #Hacking

12

7

112

Deepak bug_vs_me

@bug_vs_me

3 months

Updates a bash script to get H1 assets from your private and public programs! #bugbountytip

GitHub - bug-vs-me/h1-asset-fetcher: Tools for bug bounty

Tools for bug bounty. Contribute to bug-vs-me/h1-asset-fetcher development by creating an account on GitHub.

github.com

2

20

118

Deepak bug_vs_me

@bug_vs_me

1 year

Just earned a bounty of $250 by reporting a bug on BugBase! It was an amazing experience hunting on the platform. #cybersecurity #bugbase #bugbounty #bounty #security #vulnerabilities

BugBase | Continuous Vulnerability Assessment Platform

Discover, manage, and proactively address vulnerabilities with BugBase's comprehensive suite of services. Our offerings include managed bug bounties, Penetration Testing as a Service (PTaaS),...

bugbase.ai

7

17

113

Deepak bug_vs_me

@bug_vs_me

1 year

Got bounty for DOM XSS - Reflected collaboration with @ReebootToInit5 who provided me endpoint to Test XSS and we together found this XSS. #BugBounty

9

4

113

Deepak bug_vs_me

@bug_vs_me

1 year

$250 bounty for race condition vulnerability >Always try Race condition vulnerability on premium features like a user can allow to do only 15 transactions( Free plan ) but due to race condition vulnerability, Attacker able to perform 200 transactions #bugbounty #bugbountytips

7

5

114

Deepak bug_vs_me

@bug_vs_me

6 months

22 years completed on Earth,

63

0

114

Deepak bug_vs_me

@bug_vs_me

2 years

Great weekend Earned $750 1 XSS bug (250)and 1 crypto wallet showing sensative information without password verification (bypass)(750) #hacking #bugbounty #Web3

11

2

107

Deepak bug_vs_me

@bug_vs_me

1 year

Thank you @github When you order 1 and got 2 😂 #swag #BugBounty

7

1

110

Deepak bug_vs_me

@bug_vs_me

1 year

Today was my farewell at college, In the 3 years of the time period, i just went to college for 20 days only, College life ended 🙃!

10

1

106

Deepak bug_vs_me

@bug_vs_me

4 months

In January, I submitted 32 vulnerabilities to 5 programs on @Hacker0x01 . #TogetherWeHitHarder

10

0

112

Deepak bug_vs_me

@bug_vs_me

11 months

Demotivate can't be able to find any Vulnerability or bug from the past 10-15 days on ( BBP) Bug bounty hunters what do you do in this situation?, Any suggestions? Thank you #bugbounty

26

6

110

Deepak bug_vs_me

@bug_vs_me

1 year

Today i received a private invitation on HackerOne and i had reported a high severity bug in that program, but they are running 2 programs 1 VDP and 1 BB, is this acceptable on HackerOne?? even though both programs have the same scope, I feel scammed for $2000 🙃 #BugBounty

13

1

110

Deepak bug_vs_me

@bug_vs_me

2 years

Hope it's not Duplicate 🤞 #bugbounty #Hackingtime

9

7

107

Deepak bug_vs_me

@bug_vs_me

4 months

February Goal to report 30 vulnerabilities to the bug bounty programs on all platforms, It's Hard, let's see 💪

14

1

108

Deepak bug_vs_me

@bug_vs_me

3 months

🙃

11

3

106

Deepak bug_vs_me

@bug_vs_me

9 months

Any way to close a script tag?? i am using </script> but blocked by Akamai </Scr</Script//> -- blocked %3c%2f%53%43%52%49%50%54%2f%2f%2f%2f%3e -- blocked

20

15

105

Deepak bug_vs_me

@bug_vs_me

1 year

Hi #Bugbounty community and Bug hunters, Any suggestions or alternatives for XSShunter? How can someone host their own XSShunter with minimum cost, Or anyone can build a xsshunter with a database managed by the user itself so data stored safely if possible??

23

12

105

Deepak bug_vs_me

@bug_vs_me

1 year

XSS = 🫀

9

3

102

Deepak bug_vs_me

@bug_vs_me

9 months

If you send 3-5 hours a find a bug! Try to invest 30 minutes to write a good report with a high impact demonstration! I was checking my old reports and noticed i could have increased severity i wrote a good report and showed maximum impact ! For example:-

3

12

105

Deepak bug_vs_me

@bug_vs_me

1 year

Reminder :- Focus on heath guys, go to GYM or Running or any physical activity minimum 1 hr a day, Don't just sit in front of PC and then go to sleep, Physical activity or GYM really give mind/brain a refresh and kills stress

14

6

103