YesWeHack ⠵

@yeswehack

Global Bug Bounty & Vulnerability Management Platform 🎯 https://yeswehack.com/programs 👾 https://dojo-yeswehack.com 💡 https://www.yeswehack.com/blog

World

Joined July 2012

3KFollowing

38KFollowers

Pinned

YesWeHack ⠵@yeswehack · Jul 15

However your day’s been, it’s about to get better. Our @_leHACK_ video is out 😎 This edition had everything: a buzzing booth, heaps of swag, a fortune wheel, and of course, our #LiveHackingEvent. Press play and relive #leHACK2025 👇 youtube.com/watch?v=gZAOHn…

12.0K

YesWeHack ⠵@yeswehack · Jul 25

🔍 You can now track @yeswehack's #BugBounty programs and scopes on @zoomeye_team ’s Bug Bounty Radar! See which scopes suit your hacking skills 👉zoomeye.ai/bugbounty #YesWeRHackers #BugBountyTips

yeswehack's tweet image. 🔍 You can now track @yeswehack's #BugBounty programs and scopes on @zoomeye_team ’s Bug Bounty Radar!

See which scopes suit your hacking skills 👉zoomeye.ai/bugbounty

#YesWeRHackers #BugBountyTips

6.0K

YesWeHack ⠵@yeswehack · Jul 24

Ever heard of httpx? ⚡ A fast, powerful tool to probe URLs, detect live hosts, status codes, titles, tech stack & more. Supports HTTP/2, CDN/IP detection, filters & custom headers - perfect for massive recon 👉 github.com/projectdiscove… #BugBountyTips #YesWeRHackers

yeswehack's tweet image. Ever heard of httpx? ⚡

A fast, powerful tool to probe URLs, detect live hosts, status codes, titles, tech stack &amp; more.

Supports HTTP/2, CDN/IP detection, filters &amp; custom headers - perfect for massive recon 👉 github.com/projectdiscove…

#BugBountyTips #YesWeRHackers

2.0K

YesWeHack ⠵@yeswehack · Jul 23

We’re proud to sponsor @BugBountyDEFCON this year again 😎 Meet @Brumens2 & Anthony Silva for #BugBountyTips, #Dojo demos, or a coffee ☕ Anthony will join the triage panel discussion with experts from other #BugBounty platforms on Aug 9. See you there! #DEFCON #YesWeRHackers

yeswehack's tweet image. We’re proud to sponsor @BugBountyDEFCON this year again 😎

Meet @Brumens2 &amp; Anthony Silva for #BugBountyTips, #Dojo demos, or a coffee ☕

Anthony will join the triage panel discussion with experts from other #BugBounty platforms on Aug 9. See you there!

#DEFCON #YesWeRHackers

2.0K

YesWeHack ⠵@yeswehack · Jul 23

Want to be part of our next live hacking event at #NullconBerlin2025 on Sep 4-5? Apply for the @nullcon Bug Bounty Scholarship and get a FREE pass, which includes access to expert talks, workshops, CTFs and more 🔥 ⏳Deadline: July 28 🔗nullcon.net/berlin-2025/sc… #YesWeRHackers

1.0K

YesWeHack ⠵@yeswehack · Jul 22

Hacking a $1 billion company, choosing targets and his advice for beginners – @g4mb4h shares his #BugBounty story in this video interview 🔥👇 yeswehack.com/community/pati…

yeswehack's tweet card. G4mb4 (aka Damián Gambacorta) discusses the traits that drive his hunting success, how he hacked a $1 billion company and his methodology for choosing targets.

4.0K

YesWeHack ⠵@yeswehack · Jul 22

The countdown begins… Our next #LiveHackingEvent is getting closer – and this time, we're heading to Berlin for @nullcon 🇩🇪 🗓️ September 4-5 📍 #NullconBerlin2025 😎 Open to all conference attendees More info: yeswehack.com/page/yeswehack… #YesWeRHackers #LHE #BugBounty

yeswehack's tweet image. The countdown begins… Our next #LiveHackingEvent is getting closer – and this time, we're heading to Berlin for @nullcon 🇩🇪

🗓️ September 4-5
📍 #NullconBerlin2025
😎 Open to all conference attendees

More info: yeswehack.com/page/yeswehack…

#YesWeRHackers #LHE #BugBounty

2.0K

YesWeHack ⠵@yeswehack · Jul 16

Counting down to Las Vegas! 💫 In just a few weeks, we'll attend #BHUSA. Meet our team at booth #2367, grab exclusive swag, and try your skills on a special "Hide & Seek" challenge created by @Brumens2 🧠 More info 👉 yeswehack.com/page/yeswehack… #YesWeRHackers @BlackHatEvents

yeswehack's tweet image. Counting down to Las Vegas! 💫

In just a few weeks, we'll attend #BHUSA. Meet our team at booth #2367, grab exclusive swag, and try your skills on a special "Hide &amp; Seek" challenge created by @Brumens2 🧠

More info 👉 yeswehack.com/page/yeswehack…

#YesWeRHackers @BlackHatEvents

2.0K

YesWeHack ⠵@yeswehack · Jul 16

Bug hunters: how do you keep your morale up when you hit a dry spell? 🤔 @leo__rac reflects on the psychological side of hacking, his favourite vulnerabilities, tips for beginners and thoughts on the evolution of hacking 👇 yeswehack.com/community/chal…

yeswehack's tweet card. Leorac on staying motivated as a Bug Bounty hunter, his favoured type of vulnerability, his tips for beginners and the evolution of the digital ecosystem.

2.0K

YesWeHack ⠵@yeswehack · Jul 14

A new #Dojo challenge is out! You have access to a CCTV application and need to upload a malicious firmware to control the CCTV 📹 Do you have what it takes? 👉 dojo-yeswehack.com/challenge-of-t… #YesWeRHackers #BugBounty

yeswehack's tweet image. A new #Dojo challenge is out!

You have access to a CCTV application and need to upload a malicious firmware to control the CCTV 📹

Do you have what it takes? 👉 dojo-yeswehack.com/challenge-of-t…

#YesWeRHackers #BugBounty

3.0K

YesWeHack ⠵@yeswehack · Jul 11

What happens when a Dojo challenge collides with a library update? 🔍 The Hex Color Palette challenge used to rely on a specific XXE flow – until lxml changed the rules. Find out why our latest Dojo report includes two different payloads and reports that leak the same flag via…

yeswehack's tweet image. What happens when a Dojo challenge collides with a library update? 🔍

The Hex Color Palette challenge used to rely on a specific XXE flow – until lxml changed the rules.

Find out why our latest Dojo report includes two different payloads and reports that leak the same flag via…

6.0K

YesWeHack ⠵@yeswehack · Jul 11

Want to get more out of @CaidoIO for your #BugBounty workflow? There might be a surprise in the video... 🎁 In Part 2 of our #TalkiePwnii Caido series, @pwnwithlove explores advanced features and plugins like QuickSSRF, AuthMatrix, YesWeCaido & more 👇 youtu.be/4NITbv-_C9w

13.0K

YesWeHack ⠵@yeswehack · Jul 10

Save the date! @swisspost’s 2025 Public Intrusion Test starts on 28 July 🚨 💰 Rewards up to €230K - with the highest payout to date at €40K 🎯 Bonus of €3K for the first 3 confirmed reports 🆕 Write-in fields now in scope Test the e-voting platform: yeswehack.com/programs/swiss…

yeswehack's tweet image. Save the date! @swisspost’s 2025 Public Intrusion Test starts on 28 July 🚨

💰 Rewards up to €230K - with the highest payout to date at €40K
🎯 Bonus of €3K for the first 3 confirmed reports
🆕 Write-in fields now in scope

Test the e-voting platform: yeswehack.com/programs/swiss…

2.0K

YesWeHack ⠵@yeswehack · Jul 10

Do you know how to perform port scanning, subdomain enumeration, HTTP fingerprinting and other intel-gathering activities? 🤔 Check out this recap of our six-part series on the recon techniques you need to know to thrive as a #BugBounty hunter 👇 yeswehack.com/learn-bug-boun…

yeswehack's tweet card. Summarising a six-article series on various reconnaissance techniques that form the bedrock of targeted, effective vulnerability research and bug hunts.

5.0K

YesWeHack ⠵@yeswehack · Jul 9

Our latest hacker-focused roundup features abuse of ambiguous chunk line terminators to uncover request smuggling vulnerabilities, @slonser_ ‘making self-XSS great again’, and @infosec_au leveraging HTTP redirect loops to achieve full-response SSRF 🔥👇 yeswehack.com/news/chunked-p…

yeswehack's tweet card. Featuring exploitation of “lax” parsing logic due to HTTP/1.1 implementations plus turning stored self-XSS into regular stored XSS using credential-less frames.

4.0K

YesWeHack ⠵ Retweeted

�

🇷🇴 cristi@CristiVlad25 · Jul 8

Good writing here by @yeswehack. When I get nostalgic on recon, I often 'dig' into the past using some variation of what's mention in the article, though my approach is more manual than tools (by simply spending more time on wayback machine). yeswehack.com/learn-bug-boun…

107

7.0K