Meet Jarvis, the Iron Man-inspired Claude Code setup steered by @Icare1337 🤖
This self-managing, multi-agent system has turbocharged his Bug Bounty workflow, but one rule remains ironclad: every finding needs human validation 👇
Medusa by @Ch0pin is a game-changer for mobile bug hunters 📱🕵️
With its FRIDA-powered framework, you can automate tasks like bypassing SSL pinning, tracing function calls, and modifying app behaviour in real time. Perfect for uncovering vulnerabilities in Android & iOS apps! 🔍
Tips&Tricks🕵️
#BugBountyTip! We all love the SQL injection payload:
➡️0'XOR(if(now()=sysdate(),sleep(10),0))XOR'Z
We have added some adjustments to the payload that may bypass some WAFs & to help you with the hunt!❤️🔥
#YesWeRHackers#BugBountyTips
Bypassing modern WAFs can be tricky. First, we can use a tool like Wafw00f to find out the WAF used by the application. Then we can use this information to obfuscate or encode our payloads to bypass the firewall🔥🧗
Read more advanced techniques here : blog.yeswehack.com/yeswerhackers/…
🚨 Attention hackers and bug hunters! We just published an in-depth article on detecting and exploiting prototype pollution #vulnerabilities in JavaScript, written by @BitK_ & @sakiirsecurity. Check it out to stay ahead of the game & sharpen your skills 👇
Last-minute costume idea: hacker at @yeswehack 🕷️💻
Don't have what you need? Try your luck to win a swag pack!
To enter:
👉 Follow us
👉 Comment your fav Halloween emojis
Winners (one here, one on LinkedIn) will be announced Monday, 11AM CET.
Good luck, spooky hackers! 💀
Dalfox 🦊 is an advanced XSS scanner and parameter analyser that also offers the ability to collect XSS payloads from other sources remotely, such as PortSwigger's XSS cheat sheet! 👇
Dalfox : github.com/hahwul/dalfox#YesWeRHackers#bugbountytips
Tips&Tools!🕵️
We compared some fuzzer tools!😼👇
Dirsearch, FFuF, Feroxbuster, GoBuster
» Speed💨
» Accuracy🎯
» Features⚙️
Which one is your favorite? ⚔
#YesWeRHackers#BugBountytip#BugBountytips