🔐💰 Question of the day: How can you maximize payouts for 'Low' risk open redirect issues? 🤑 I've personally earned over $30,000 in bounties by chaining open redirect submissions to ATOs. These 'Low' severity bugs can often be escalated through a double redirection, resulting…

Anyone knows of a way to make open redirect a xss?
the normal javascript:alert() payload is being blocked by cloudflare
#bugbountyHelp

If you want to be good at finding XSS, you need to understand how HTML/javascript work. Copying/pasting a payload everywhere works for some cases, but you'd be missing a lot of cases. What's filtered, your context, and what's possible with this combination are extremely important

Found XSS in private bug-bounty ..
document was filtered, so as () ..
my final payload -> javascript:setTimeout`\x64ocument.write\x28\x64ocument.\x63ookie\x29`

#bugbountytip #BugBounty

Search for all leaked keys/secrets using one regex!

regex: gist.github.com/h4x0r-dz/be69c…

#BugBounty #bugbountytip

Thread 🧵:👇 Found Open-redirect >> xss >> ato
1) Try normal XSS payload -
javascript:alert(1)
javascript:%61lert(1)
javascript:&#37&#54&#49lert(1)
javascript:%26%2337%26%2354%26%2349lert(1)

#BugBounty #bugbountytips #infosec #403bypass

Update no 3: Reported 15 submissions (total).

Critical one:

Used Js Miner & twitter.com/h4x0r_dz/statu… for finding sen* info in JS files.

Found a JS file disclosing access token without any endpoint.

(1/3)

Excited to share my Bug Bounty Script It automates security tests & reconnaissance for target domains including, web server scanning, subdomain enumeration XSS vulnerability scanning, and more!🐞🔍 Check it out GitHub: [github.com/shubham-rooter…]
#BugBounty #SecurityTesting #bug