@sanjaymenon π₯π₯
YesWeHack β ΅ :verified:
Global Bug Bounty & VDP Platform - #YesWeRHackers
:crt_w_prompt: https://yeswehack.com/programs (Public programs)
:blocky_white_cursor: https://firebounty.com (BB & VDP search engine)
:hacked: https://zerodisclo.com (CVD tool)
@Crudge Hi π Once posted, you can't edit your report π«£
#20 Vulnerable Snippet {{ solution }} βοΈ
See more content on our blog: https://blog.yeswehack.com/category/yeswerhackers/
Bug: SQL injection π
Lang: PHP π, MySQL π¬
Check out the explanation in the image below!π
#YesWeRHackers #BugBounty #YWHSnippet
RT @yeswehack@twitter.com
Vulnerable Code Snippet π
Level: Easy πͺ²
Does it only work once?!
For all #BugBounty hunters, it is available on Github for hands-on testing! π https://github.com/yeswehack/vulnerable-code-snippets/tree/main/new
#YesWeRHackers
Found the issue? Explain how in the comments! π
π¦π: https://twitter.com/yeswehack/status/1618972101943107584
Vulnerable Code Snippet π
Level: Easy πͺ²
Does it only work once?!
For all #BugBounty hunters, it is available on Github for hands-on testing! π https://github.com/yeswehack/vulnerable-code-snippets/tree/main/new
#YesWeRHackers
Found the issue? Explain how in the comments! π
The DOJO challenge is still on! πΉοΈ
Will you win the YesWeHack Swag? π
Get direct access to the challenge below π
#YesWeRHackers #BugBounty
RT @yeswehack@twitter.com
β° DOJO Challenge #21 - EvilTwin-Admin
π Top 3 reports win a swag pack!
ποΈ Submit your solution before 10/02/2023
Check it out here π https://dojo-yeswehack.com/practice/4401d46f16b6
#BugBounty #YesWeRHackers #YWHDOJO
π¦π: https://twitter.com/yeswehack/status/1612841833905770498
#19 Vulnerable snippets solution! βοΈ
See more content on our blog: https://blog.yeswehack.com/category/yeswerhackers/
Github repo updated as usual!
β‘οΈhttps://github.com/yeswehack/vulnerable-code-snippets
Vuln: Open Redirect βοΈ
Lang: JavaScript β‘οΈ
Check out the explanation in the image below!π
#YesWeRHackers #BugBounty #YWHSnippet
RT @nullcon@twitter.com
βWe are thrilled to πWelcome back @yeswehack@twitter.com as our π₯Silver Sponsor! πThey have been fabulous with their support for the #Infosec community, right from our 1st edition of #NullconBerlin
ποΈGet ready for the adventureβ‘οΈhttp://bit.ly/3Tq3Em2
#NullconDE2023 #GreenCon #Sponsor
π¦π: https://twitter.com/nullcon/status/1617444033726484484
RT @yeswehack@twitter.com
Vulnerable code snippets time!π
Level: Easy πͺ²
~ [#]vulnerable..?
Try it out at Github: https://github.com/yeswehack/vulnerable-code-snippets/blob/main/new/vcode/19-new.php
#BugBounty #YesWeRHackers
Found the bug? Explain how in the comments! π
π¦π: https://twitter.com/yeswehack/status/1616435388507201536
Vulnerable code snippets time!π
Level: Easy πͺ²
~ [#]vulnerable..?
Try it out at Github: https://github.com/yeswehack/vulnerable-code-snippets/blob/main/new/vcode/19-new.php
#BugBounty #YesWeRHackers
Found the bug? Explain how in the comments! π
Happy Lunar New Year from all of us at @yeswehack@twitter.com ! π§¨
We would like to wish everyone a prosperous year of the Rabbit. π May this year bring you happiness, good health, and many opportunities for growth and development. Thank you for being a part of our community. π
Not 1οΈβ£, not 2οΈβ£, but 3οΈβ£ public #BugBounty programs by @openxchange@twitter.com are now available on our platform, to earn up to β¬5K! Before you start digging, check out our interview with @MartinHeiland@twitter.com, CISO at OX, to know what you can expect from these programs π https://blog.yeswehack.com/yeswehack-news/a-sneak-peek-into-open-xchange-public-bug-bounty-programs/
π‘ Want to find out how to discover IDORs by doing code reviews? Check out this video from @Farah_Hawaa@twitter.com π
A great opportunity to check our code snippet challenges! π
π https://github.com/yeswehack/vulnerable-code-snippets
RT @Farah_Hawaa@twitter.com
NEW VIDEO π¨
In this one, I am showing how I analyse some code snippets to find an IDOR vulnerability π
Click below to watch:
π¦π: https://twitter.com/Farah_Hawaa/status/1615690238621540352
Pimp My Burp #7 is out! π₯·
We take a dive into the Burp extension HaE! π€―
This extension can detect custom regex patterns and highlight them for you so you don't miss the juicy bugs!
Find out more π https://blog.yeswehack.com/yeswerhackers/pimpmyburp/pimpmyburp-7-how-hae-burp-suite-extension-help-you-daily-hunting/
RT @Farah_Hawaa@twitter.com
NEW VIDEO π¨
In this one, I am showing how I analyse some code snippets to find an IDOR vulnerability π
Click below to watch:
π¦π: https://twitter.com/Farah_Hawaa/status/1615690238621540352
#18 Vulnerable snippets solution! βοΈ
Congrats @budanthara@twitter.com!
See you in DM for the swag π
See more content on our blog: https://blog.yeswehack.com/category/yeswerhackers/
Type: Local File Inclusion
Lang: PHPπ
Check out the explanation in the image below! π
#YesWeRHackers #YWHSnippet
π£ @Nullcon@twitter.com Berlin is offering a #BugBounty scholarship awarding FREE conference tickets to lucky bug hunters.
Apply here before 20 January β https://share.hsforms.com/1md3-olgVTmOXS-t9nsSGcg4d2c8
RT @c14dd49h@twitter.com
Thanks you @yeswehack@twitter.com for my first rewards π π #bugbounty #Rewards #yeswehack
π¦π: https://twitter.com/c14dd49h/status/1614565501115535361
Vulnerable Code Snippets Time π₯·
Level: Medium π
This web application does not like dot dot slash!
Try it out at Github: https://github.com/yeswehack/vulnerable-code-snippets/tree/main/new
#BugBounty #YesWeRHackers
Found the issue? Explain how in the comments! π
π The best solution gets an exclusive swag!
π₯ W00t! Nice catch @drak3hft7@twitter.com ! Who will be the next one? π
RT @drak3hft7@twitter.com
Thanks to @yeswehack@twitter.com for this reward.
thanks to this I got this award: #SURGEON. This achievement is awarded to hackers winning the Max Reward on a program.
#bugbounty #cybersecurity #securityresearch #YesWeRHackers
π¦π: https://twitter.com/drak3hft7/status/1613545851644690432
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst