Bull @v0sx9b Twitter profile

Pinned Tweet

Bull

@v0sx9b

6 years

Stealing 10,000$ Yahoo Cookies!

10

161

390

Last Seen Profiles

@TanyaF2022

@fceaser

@ZahraJumare

@rob_mrqz

@FSAthletics

@UCLABaseball

@keiuzuki

@Suirencito

@_ogechukwu_

@shimeji75064322

@ErPali_

@familyoftwofilm

@TabiNekoShiro

@JUGGHarden

@txtdariabglh

@ihoroskop

@Darkfans_com

@monospodcast

@GladiatorsTV

@MMALOTN

@RRACsports

@Miraskede

@kaelucism

@hydroanimates

@aicc_io

@AndrewD_123

@victorique2

@Casfetera

@hnojces

@BrothersWeStand

@bibiloni

@ftium4

@AuStadeLillois

@JasonViauCBC

@marihh28_

@Matlagan

Bull

@v0sx9b

3 months

No, this was no lucky find, but 7 months of pain for me! 7 months ago, I saw something I couldn't sleep on, while it consisted multiple pieces to it which i collected over the months, but it was not yet complete or had little hope to![Thread/2]

47

37

580

Bull

@v0sx9b

4 years

Made $95k in #h12004 , thanks to amazing @TheParanoids and @Hacker0x01 ! And shout out to @_tabahi , would not have happened if I wasn’t hacking with him! 😆😎

28

22

423

Bull

@v0sx9b

5 years

Yay, I was awarded a $25,500 bounty on @Hacker0x01 ! #TogetherWeHitHarder #h1213

HackerOne profile - bull

-

hackerone.com

11

7

240

Bull

@v0sx9b

2 years

Nothing Feels Better than your First ever House. Exactly How we(& @_tabahi ) ever imagined it and Luxuries. 🎉 #Bugbounty

17

6

246

Bull

@v0sx9b

1 year

Account takeover on gitlab .com using signin with google:

GitLab disclosed on HackerOne: Account takeover due to insufficient...

Hi, I have found an issue which can be used by an attacker to steal Bitbucket access token along with Other third party access tokens(google, salesforce etc). But the most important one is...

hackerone.com

7

51

240

Bull

@v0sx9b

6 years

Ok! so this was my best month so far. I made $29,532.26 in total, of which $18,000 from @Hacker0x01 and $11,532.26 from @Bugcrowd . 😆🤣😀. Thanks to platforms.

31

19

232

Bull

@v0sx9b

6 years

Yay, I was awarded a $11,500 bounty (in which $1.5k bonus) on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bull

-

hackerone.com

9

5

163

Bull

@v0sx9b

5 years

Yay, I was awarded a $7,500 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bull

-

hackerone.com

5

3

148

Bull

@v0sx9b

6 years

I earned $8,000 for my submission on @bugcrowd #ItTakesACrowd (grab those promotion 2x multiplier rewards)

IamBull on Bugcrowd

View IamBull’s researcher profile on Bugcrowd, a platform and team of experts connecting organizations to a global crowd of trusted security researchers.

bugcrowd.com

5

113

Bull

@v0sx9b

3 months

When I realised the final piece to it, even tough I haven’t tested it yet, knowing it will work and left my desk. Everything around me Blacked out in a way I had near zero consciousness of my surrounding, it lasted pretty long. And It worked! I had an absolute time of my life![2]

6

2

100

Bull

@v0sx9b

5 years

Yay, I was awarded a $5,500 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bull

-

hackerone.com

6

2

93

Bull

@v0sx9b

6 years

Yay, I was awarded a $5,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder #h1702

HackerOne profile - bull

-

hackerone.com

6

4

93

Bull

@v0sx9b

3 years

Excited to have joined Appsec @noon ! 🎉

12

0

94

Bull

@v0sx9b

4 years

Got featured in like every media channel here! 😎

23-year-old ethical hacker earns Dh38,000 a month

Ethical hacking is no new concept and India has seen a breed of such young enthusiasts in the past. What has changed is the money that comes with it as cyb..

www.khaleejtimes.com

5

11

90

Bull

@v0sx9b

4 years

Pic at Yahoo! Office LA with @_tabahi n @rootxharsh 😎

HackerOne

@Hacker0x01

4 years

Meet Shivam! Based in India, Shivam, @v0sx9b , is a full-time hacker. Shivam quit the traditional route of going to college and getting a desktop job and opted to pursue hacking as a full-time career. 🐂 More here: #TogetherWeHitHarder #HackForGood

8

22

229

1

79

Bull

@v0sx9b

6 years

India's first live hacking event! Stoked and stoned to get this beautiful @Hacker0x01 h1-91832 MVH belt. Got to meet some Awesome hackers. Thanks for this amazing event, I had a very good time.

7

3

81

Bull

@v0sx9b

6 years

I earned $1,500 for my submission on @bugcrowd #ItTakesACrowd #XXE

IamBull on Bugcrowd

View IamBull’s researcher profile on Bugcrowd, a platform and team of experts connecting organizations to a global crowd of trusted security researchers.

bugcrowd.com

0

4

79

Bull

@v0sx9b

4 years

New #bugbountycar inhouse! Thanks to #bountylife @Hacker0x01 @Bugcrowd

Tabahi

@_tabahi

4 years

Me and ⁦ @v0sx9b ⁩ got this sweet car with our bounties! #bugbountycar

10

6

162

0

73

Bull

@v0sx9b

4 years

My interview with HackerOne! 👀

HackerOne

@Hacker0x01

4 years

Meet Shivam! Based in India, Shivam, @v0sx9b , is a full-time hacker. Shivam quit the traditional route of going to college and getting a desktop job and opted to pursue hacking as a full-time career. 🐂 More here: #TogetherWeHitHarder #HackForGood

8

22

229

2

4

65

Bull

@v0sx9b

6 years

Very Excited to say i have joined @SynackRedTeam ! 😀🙂😁

12

0

68

Bull

@v0sx9b

4 years

Go go @_tabahi , #2 ! 😁 great job! #h12010

5

2

67

Bull

@v0sx9b

6 years

Yay, I was awarded a $5000 bounty on @Hacker0x01 ! #TogetherWeHitHarder #h1415

HackerOne profile - bull

-

hackerone.com

6

3

67

Bull

@v0sx9b

5 years

I earned $3,000 for my submission on @bugcrowd #ItTakesACrowd #ssrftoRce #p1

IamBull on Bugcrowd

View IamBull’s researcher profile on Bugcrowd, a platform and team of experts connecting organizations to a global crowd of trusted security researchers.

bugcrowd.com

4

0

64

Bull

@v0sx9b

6 years

Yay, I was awarded a $10,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bull

-

hackerone.com

6

1

62

Bull

@v0sx9b

6 years

I earned $5,000 for my submission on @bugcrowd #ItTakesACrowd

IamBull on Bugcrowd

View IamBull’s researcher profile on Bugcrowd, a platform and team of experts connecting organizations to a global crowd of trusted security researchers.

bugcrowd.com

6

0

61

Bull

@v0sx9b

6 years

I earned $5,000 for my submission on @bugcrowd #ItTakesACrowd #p1 #sqli #zeroday

IamBull on Bugcrowd

View IamBull’s researcher profile on Bugcrowd, a platform and team of experts connecting organizations to a global crowd of trusted security researchers.

bugcrowd.com

1

4

61

Bull

@v0sx9b

7 years

Reflected XSS on @Bugcrowd and so many other website's Main domain! I could read all your Submissions! Stay tunned

5

3

57

Bull

@v0sx9b

6 years

Headed to Argentina for #h15411 ! Too excited about it! 😆

8

0

55

Bull

@v0sx9b

4 years

Just got @Hacker0x01 #h1213 poster framed! Reminds me of that one time in LA!

2

54

Bull

@v0sx9b

6 years

And yahoo swag just arrived! My favourite. Thanks @YahooSecurity , loved it.😆😛

3

0

52

Bull

@v0sx9b

5 years

Yay, @tabahi_90 and I were awarded a $12,000 bounty on @Hacker0x01 ! #TogetherWeHitHarder #h1702

HackerOne profile - bull

-

hackerone.com

0

1

51

Bull

@v0sx9b

5 years

On my way to singapore for @Hacker0x01 #h165 ! ✈️ 👋 🙂

2

0

51

Bull

@v0sx9b

4 years

#h12004 was fun! Submitted only criticals! Checkout

2

0

46

Bull

@v0sx9b

6 years

It was an honor to sit down with @yaworsk and thanks to @tabahi_90 for encouraging me to do it!

yaworsk

@yaworsk

6 years

Sorry to all that came before him but think I just recorded my favorite Web Hacking ProTips interview to date with @v0sx9b . His #bugbounty success makes so much sense now. We talked a lot about the mental game to hacking and his approach to it is awesome. Hopefully up tomorrow.

9

6

90

3

0

47

Bull

@v0sx9b

7 years

My first swag is so awesome! Thanks @Bugcrowd and the team, me and my cat loved it! 😊❤❤ #ItTakesACrowd

7

0

42

Bull

@v0sx9b

6 years

Some of the best of my times! Awesome event and got to meet all the hackers! Thanks @Hacker0x01

HackerOne

@Hacker0x01

6 years

So proud to host an amazing group of talented hackers and partner with the Paranoids of @oath for yet another incredible event! We had the greatest percentage of first-time participants at a live hacking event EVER! We ❤️ you Argentina! #h15411 #eko14

3

28

164

0

1

42

Bull

@v0sx9b

4 years

Just resigned from @SynackRedTeam ! 😏

3

0

38

Bull

@v0sx9b

7 years

Yahoooo, I was awarded a $10,000 bounty on @Hacker0x01 !

HackerOne profile - bull

-

hackerone.com

3

1

39

Bull

@v0sx9b

6 years

Yahoo hall of fame 2018! XD happy new year

3

0

37

Bull

@v0sx9b

7 years

Whoo hoo! made it to #1 in #MasterCard hall of fame on @Bugcrowd

5

1

35

Bull

@v0sx9b

7 years

If you wondering, this is stealing cookies and will probably do a writeup!

Bull

@v0sx9b

7 years

Yahoooo, I was awarded a $10,000 bounty on @Hacker0x01 !

3

1

39

3

1

28

Bull

@v0sx9b

6 years

You may steal headers above your Typical CRLF(which you cant push down with crlf to html body) by using a-c-expose-headers, a-c-allow-origin and a-c-allow-cred to read it with xhr such as /path/%0d%0a a-c-expose-headers: set-cookie

Bull

@v0sx9b

6 years

Stealing 10,000$ Yahoo Cookies!

10

161

390

2

3

27

Bull

@v0sx9b

7 years

Yay, I was awarded a $3,200 bounty on @Hacker0x01 ! #togetherwehitharder

HackerOne profile - bull

-

hackerone.com

1

0

28

Bull

@v0sx9b

7 years

oh no! I have just started to love yahoo XD

2

0

26

Bull

@v0sx9b

7 years

All you ever wanted to know! Thanks for effort @prakharprasad

1

3

25

Bull

@v0sx9b

6 years

I got so excited seeing Leets @fransrosen and @jobertabma in real. It was pleasure seeing them and @Hacker0x01 😄😄😄🤣

HackerOne

@Hacker0x01

6 years

Hackers hanging at @nullcon . @fransrosen @jobertabma Say 👋 and come by #hackerholi !

5

11

105

0

25

Bull

@v0sx9b

7 years

Ssrf to AWS meta-data exfiltration via pdf generator for today.😎😁 #bugcrowd #bugbounty

3

4

24

Bull

@v0sx9b

5 years

On my way to LA! #h1213 see yaa! 🤟😎

1

0

21

Bull

@v0sx9b

6 years

I will be at my first security conference ! @nullcon ! Who else i will see there?

4

0

22

Bull

@v0sx9b

6 years

Find more bugs! 👇

Tabahi

@_tabahi

6 years

Just published my first bug bounty write up! 😀

3

61

199

0

1

21

Bull

@v0sx9b

4 years

Check out my 2019 Year In Review on @Hacker0x01 : ! #TogetherWeHitHarder

1

0

17

Bull

@v0sx9b

6 years

Buenos Aires

1

0

18

Bull

@v0sx9b

3 years

Purrrrrr + 1

0

18

Bull

@v0sx9b

6 years

@Hacker0x01 @okta Thanks @Hacker0x01 ! Cant tell how I am feeling! 💓😊😁

1

0

16

Bull

@v0sx9b

4 years

Awesome! 👏 helpfull!

Sam Curry

@samwcyo

4 years

Slides for "Attacking Secondary Contexts in Web Applications" -

13

362

784

0

1

16

Bull

@v0sx9b

7 years

Stay safe ya all yahoo accounts! XD #bugbounty #hackerone

0

16

Bull

@v0sx9b

7 years

I earned $900 for my submission on @bugcrowd #ItTakesACrowd

IamBull on Bugcrowd

View IamBull’s researcher profile on Bugcrowd, a platform and team of experts connecting organizations to a global crowd of trusted security researchers.

bugcrowd.com

0

15

Bull

@v0sx9b

6 years

🤗

0

1

14

Bull

@v0sx9b

6 years

Spot good programs who occasionally offer bonus/promotion rewards

0

14

Bull

@v0sx9b

7 years

I dropped my college to Hack companies you get placed into (or wish to) #unqualifiedfortech

1

12

Bull

@v0sx9b

6 years

In such response 200 OK Set-Cookie: session Lang: en[your crlf Injection here] Non sensitve: headers

0

12

Bull

@v0sx9b

6 years

In 2017, I have submitted 22 vulnerabilities to 6 programs on @Hacker0x01 ! Check out my full recap at . Here's to many more reports to come! #TogetherWeHitHarder

1

2

11

Bull

@v0sx9b

7 years

Finally Cracked! Thank you for the challenge and awesome research.

James Kettle

@albinowax

7 years

I've built a replica of the most interesting vulnerability found in my Cracking the Lens research. Can you crack it?

3

33

81

1

0

10

Bull

@v0sx9b

3 years

Check out my 2020 Year In Review on @Hacker0x01 : ! #TogetherWeHitHarder

0

9

Bull

@v0sx9b

7 years

Yay, I was awarded a $1,500 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bull

-

hackerone.com

0

9

Bull

@v0sx9b

7 years

A week vacation at thailand with @tabahi_90 ! All Thanks to @Bugcrowd !

1

0

10

Bull

@v0sx9b

5 years

@tabahi_90 @Hacker0x01 Nice one!

1

0

9

Bull

@v0sx9b

6 years

@jobertabma @Hacker0x01 Thanks for the amazing event! Glad you liked my findings, super stoked to get MVH belt!😆😁😆

0

10

Bull

@v0sx9b

4 years

@Hacker0x01 Thank you @Hacker0x01 ! 👋 ❤️

0

9

Bull

@v0sx9b

7 years

Yay, I was awarded a $500 bounty on @Hacker0x01 ! #TogetherWeHitHarder

HackerOne profile - bull

-

hackerone.com

0

9

Bull

@v0sx9b

8 years

First bug resolved and got paid on @Hacker0x01 . Yeaaa #bugbounty

1

9

Bull

@v0sx9b

7 years

Yay, I was awarded a $150 bounty on @Hacker0x01 ! #togetherwehitharder

HackerOne profile - bull

-

hackerone.com

1

0

8

Bull

@v0sx9b

6 years

finally cracked the ctf. It was hard and fun and so much. Thanks for the challenge :)

Jobert Abma

@jobertabma

6 years

Hackers, hack your way to NYC this December for h1-212! An engineer of launched a new server for a new admin panel. He is completely confident that the server can’t be hacked, so he hid a flag. Details: . #TogetherWeHitHarder

3

47

126

0

6

Bull

@v0sx9b

7 years

@gerben_javado @TomNomNom Took some time, but done!

0

7

Bull

@v0sx9b

7 years

I just got rewarded $1,500 for my submission on @bugcrowd .

0

7

Bull

@v0sx9b

5 years

@tabahi_90 @Hacker0x01 Absolutely great job! Nice bug man congrats on five fig. ! 😮

1

0

7

Bull

@v0sx9b

6 years

@jobertabma @Hacker0x01 @Bugcrowd Thank you! 😁 and looking forward to see you at @nullcon

0

7

Bull

@v0sx9b

7 years

If you have forgotten, this will bypass most of the CRLF blacklist filters- Just bypassed one!

0

3

6

Bull

@v0sx9b

6 years

@kazan71p @caseyjohnellis @Bugcrowd Wooo! Congrats man!

0

6

Bull

@v0sx9b

4 years

@bhavukjain1 @Apple Congrats man! 😬

0

6

Bull

@v0sx9b

8 years

Some quick triage and reward before weekend! #bugbonty awesome on @Bugcrowd

0

6

Bull

@v0sx9b

4 years

@w_hat_boy @tabahi_90 Really! I can’t get enough 😍

0

5

Bull

@v0sx9b

6 years

@mongobug xss would read data from bank and even perform actions using locker key(csrf token) and i have many more and can write a full blogpost on scope.

1

0

6

Bull

@v0sx9b

6 years

@jobertabma @yaworsk @YouTube Thank you @jobertabma ! 😁😇

0

6

Bull

@v0sx9b

6 years

@caseyjohnellis @Bugcrowd Thanks 😁. My first P1 not to be dup took significant time. Company removed the service as fix. Lol

0

5

Bull

@v0sx9b

6 years

@bhavukjain1 @Bugcrowd

1

0

6

Bull

@v0sx9b

5 years

@Hacker0x01 @inhibitor181 Absolute legend there! Congrats on MVH man! 🙌

0

6

Bull

@v0sx9b

4 years

@TheParanoids @Hacker0x01 👀 Thank you @TheParanoids !

0

5

Bull

@v0sx9b

6 years

@stokfredrik @Hacker0x01 Woo! Congrats 👏

0

5

Bull

@v0sx9b

5 years

@tabahi_90 @TheParanoids @Hacker0x01 Too good!

1

0

5

Bull

@v0sx9b

6 years

@tabahi_90 @Hacker0x01 Huge! Rocking 🤣

1

0

5

Bull

@v0sx9b

6 years

@mongobug Yes alot! I have many reports in small scope program on out of scope assets resolved! When the cookie scope is set to *.target.com its right their game over. Subdomain takeover / rce would steel them. Even if it’s cookies not scoped wide, alot CORS allow *.target.com and small1/2

2

0

5

Bull

@v0sx9b

6 years

@bugbountyforum @orange_8361 Thank you, amazing! 🍊

0

5

Bull

@v0sx9b

6 years

@akita_zen Sure man! I have checked in, where are you?

0

5

Bull

@v0sx9b

7 years

So many programs are just advertising themselves with big reward. :/

0

1

5

Bull

@v0sx9b

3 months

@silentgh00st Thank you!

0

4

Bull

@v0sx9b

6 years

@mongobug I think those poorly protected houses DO have direct link with bank(in most cases) and alot of programs have been setting up wrong scope due to budget reasons/ less understanding etc (not talking about those who have no intentions to break into bank)

1

0

4

Bull

@v0sx9b

7 years

@locomotivecms zero day xss on @Bugcrowd ! How i could read your submission data!

2

3

4

Bull

@v0sx9b

6 years

@uraniumhacker Thanks man! 🤣

0

4