{"uuid": "699a79fb-d7d7-406e-9730-a1b6a13f75c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3452", "type": "seen", "source": "https://t.me/bhhub/101", "content": "#BugBountyTips of the Day\nYay, I was awarded a $1,500 bounty on @Hacker0x01!  https://t.co/KXtN2d8m1V #TogetherWeHitHarder   I found a path that allows to access admin panel without authentication using ffuf! #bugboutytips #bugbounty #bugbountytip   Also it's the first critical report in 2021\ud83d\udcaa\ud83d\ude0e  https://t.co/7dpoWW5OPn\n---\nGoals for 2021 1. Make 20k$ from bug hunting 2. Join @cobalt_io core 3. @SynackRedTeam  level up to 3 by the end of this year 4. Try to get into the top 100 on @Bugcrowd  5. 500 Reputation on @Hacker0x01  6. OSCP & certification 7. 50k YouTube Subscribers #bugbounty #infosec\n---\n\ud83d\udd75\ufe0f: - Why do you want to delete your account? \ud83d\udc76\ud83c\udffd: \"><script src= https://t.co/d1a44GVScU></script> #bugbounty\n---\nWeb Authentication Methods, there are a lot of them.  The most confusing one is OAuth. I have it covered in my Zine. Here is the Teaser, Releasing soon. Follow for updates. \ud83d\ude09  #infosec #security #BugBountyTips #BugBounty #bugbountytip #web #webcomics  https://t.co/DtoRSVJkKF\n---\n#CVE-2020-3452 - You just need to give organization name and it will automatically scan from @shodanhq and exploit it for you.   https://t.co/XPPgOCkOmV  #HR51KDB #BugBountyTips #BugBountyTip #BugBountyTool #infosec #shodan #vulnerability  https://t.co/ICiZ6IS4mE\n---\nwho are your fave #bugbounty and hacking content creators?   mine are @Jhaddix, @codingo_, @hakluke, @NahamSec, @stokfredrik, @thecybermentor, @Farah_Hawaa, @InsiderPhD, and everyone on the @Bugcrowd @levelup_sh conference.  who am i missing & why are they awesome?\n---\nDid you know that you can embed pages into SVG? This feature can be useful for improving the impact of XSS vulnerabilities. (Clickjacking etc.)   #BugBounty #BugBountyTips  https://t.co/SnM8z7ontu\n---\nGoogle's Own Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA Security Plugin \u2014 With 97% Accuracy.  Read Details:  https://t.co/Fo8hT9lAJD  #infosec #cybersecurity #bugbountytips\n---\nAs I promised here is the writeup    https://t.co/rEWKSXEJNz  #BugBountyTips\n---\nfirst bounty from @Bugcrowd   #informationsecurity #BugBounty  https://t.co/MY3VbrZunt\n---\nYay, I was awarded a $3,000 bounty on @Hacker0x01!  https://t.co/1NvjyElIKg #TogetherWeHitHarder #hackerone #BugBounty #infosec  First bounty of 2021\u270c\ud83c\udffb  https://t.co/p5HFDSPeVn", "creation_timestamp": "2021-01-06T13:37:04.000000Z"}