ikajakam
@mechanisedbeat
Indian 🇮🇳 Techno music producer and performer. VAPT | Red Teaming | GRC | ISO 27001 Lead Implementer
#Wordlist Generator from Live Site + Wayback URLs create custom wordlists using #cewl & #waybackurls Perfect for : • Directory brute-forcing • Param #fuzzing • #Recon #bugbounty #pentesting github.com/ikajakam/Wordl…
Thank you so much amazing hacker!!! <3 I always love having @mechanisedbeat there <3 I feel validated by a powerful hacker on my side like this <3 I do this every other week, next up, we have the full methodology Grab your endless bundle or the last lesson in the series for…
had a great live session on #XSS with @theXSSrat @Sourajit_04 @NDeepak_ thank you for this deep dive
had a great live session on #XSS with @theXSSrat @Sourajit_04 @NDeepak_ thank you for this deep dive
ikajakam.github.io/posts/csrf/ Wisdom <3 @mechanisedbeat
Gotta say this because they aren’t treating my complaint with any regard @ParkMolenheide WHAT THE FUCK You make me pay 700 EURO FOR 2 YEARLY PASSES and you guys can’t even give me anything but paper pieces of crap I’m gonna loose in a month? I’m sorry but that is not…
$6K++ in Bounties in 2 Weeks with @0xb3ludan @Sourajit_04 we hit hard, learned fast and stacked bounties. From late-night hunting to real-time triage, we pushed through confusion, bugs and burnout. Wrote about the journey here : medium.com/@ikajakam/from… #bugbounty #pentesting
From Confusion to First Bounty medium.com/@ikajakam/from… #bugbounty #bugbountytips #bugbountytip
I remember back in the day (2021), @Hogarth45_ did something like: "Paying Mortgage with Bug Bounties" and did weekly blog posts hogarth45.medium.com/paying-mortgag… hogarth45.medium.com/mortgage-with-… hogarth45.medium.com/mortgage-with-… hogarth45.medium.com/mortgage-with-… hogarth45.medium.com/mortgage-with-…
Thankfull that my mortgage is on fire, too 😂
API CTF identify & #exploit broken #APIs, insecure #endpoints & #XSS >>>> tarkash.surapura.in #CyberSecurity #BugBounty #APISecurity #Pentesting
tarkash.surapura.in yoo #hacker come #curl into my #API LAB curl -X POST tarkash.surapura.in/api/register -H "Content-Type: application/json" -d '{"username": "masino", "password": "tamburo"}' > Login to get JWT > Use token to access /api/form /api/upload #pentesting #BugBounty
can you POP #XSS > tarkash.surapura.in #API #APIhacking #lab #CAPIE #APISEC #pentesting #bugbounty
Made a #bash script to auto-gen custom #wordlist using #CEWL + #waybackurls 🛠️ Great for #recon 🔍 in #pentesting or #bugbounty → Extracts juicy words → Dedupes → Saves as final_wordlist.txt GitHub: github.com/surapura/Wordl… Try it & ⭐️ if useful!
STUDENT POST github.com/surapura/Wordl… "little bash automation script i made using CEWL and waybackurls to generate custom wordlist, appends results of both tools which can be further used with arjun, ffuf, dnsx"
Last night we held our first lesson in the cybercrusade and it was a BANGER @zaproxy , I thank you for being part of my teachings, just as I do for @Burp_Suite !! I've made a few students open their eyes to the wonders of both you guys and thanks to @mechanisedbeat for also…
Here ... I will give you a free one on the house ;-) thexssrat.podia.com/ultimate-begin…
While #hunting with @0xb3ludan , We discovered that modifying the operationName #parameter in a #GraphQL mutation request granted access to unauthorized data. The #API failed to verify ownership before returning the response with sensitive information. 🚨
Success in bug bounty is directly proportional to time spent ⏰
Yes, I believe you can make it Yes, I believe I have it in you Yes, I believe you know how to pick the path of a champion Just do it