Ashhad Ali @Kashhad10

😎😎bug bounty hunter/security researcher /Devsecops/learn something/ Try To Break something 🙃😎

 Pakistan
Joined December 2018
Ashhad Ali retweeted
Burcu YARAR
 @brcyrr
13 Nov 2023
This week's roadmap suggestion: "DevSecOps Roadmap"❗️☺️ Don't forget to bookmark this roadmap of great resources.🤞🏻🌸 Credit; ✨ github.com/TaptuIT/awesome-d…github.com/sottlmarek/DevSec…github.com/We5ter/Awesome-De… #CyberSecurity #infosec #devsecops #roadmap
17
27
25$ 😀😀😀😀 new tip/tricks to earn money in bug bounty. #BugBounty #bugbountytips #cybersecuritytips @Rohan_Lew thank you for teaching us this technique.
Rohan_lew @Rohan_Lew
3 Oct 2023
Sorry for the delayed😅 Now you can access all the videos by filling this google form :forms.gle/qNq2quWVWBQ1Vp5JA You will get a proper guide for finding privilege escalation and hopefully able to report privilege this month $$$💰😉 #bugbounty #cybersecurity #bugbountytips
3
Ashhad Ali retweeted
Ashar Javed
 @soaj1664ashar
7 Feb 2018
#OSINT / Recon: List of tools for screen-shoting in case if you have a large set of (sub)domains EyeWitness github.com/ChrisTruncer/EyeW… webscreenshot github.com/maaaaz/webscreens… SiteShoter nirsoft.net/utils/web_site_s… LazyShot github.com/mdhama/lazyshot Aquatone github.com/michenriksen/aqua…

GitHub - michenriksen/aquatone: A Tool for Domain Flyovers

A Tool for Domain Flyovers. Contribute to michenriksen/aquatone development by creating an account on GitHub.

github.com
2
51
1
119
🔎🔒Discover Web Vulnerabilities with Burp_Bug_Finder Extension In Burp🐛🌐 Burp_Bug_Finder is a powerful custom Burp Suite plugin written in Python.This tool simplifies the process of discovering web vulnerabilities, with a focus on XSS and error-based SQLi.
14
159
1
567
Use SQLI google dorks list to find hidden parameters 👇🔥 site:*.com inurl:”main.php?id= site:*.com inurl:zoom.php?id=site:.il site:*.com inurl:”details.php?id= site:*.com inurl:”?came= site:*.com inurl:”index.php?page=
12
87
226
Ashhad Ali retweeted
Eyisha Zyer
 @eyishazyer
18 May 2023
If you like this type of content: RT the first tweet Follow me for more informative like this @eyishazyer
4
2
25
recon-resources (100+) github.com/Az0x7/recon-resou… #bugbounty #bugbountytips
4
89
170
Ashhad Ali retweeted
Pao @jpaodev
15 Aug 2022
Replying to @abdlah_md
For everyone here asking about possible attack vectors: Think like the developer behind the app - what data might be stored / used in a SQL query? This can also be applied to other vulns, e.g. auth bypass. Source picture: "Testing for bypassing authorization schema"
2
11
33
Replying to @intigriti @_zulln
Its a perfect example for use Burp Bounty extension for @Burp_Suite : piped.video/watch?v=ymF0fL4R…

Match and Replace example - Adding X- Forwarded- For header for...

Imagine a target application, that get the value of the X-Forwarded-For header and interacts with it.Through this profile we can add an X-Forwarded-For heade...

youtube.com
3
28
Ashhad Ali retweeted
Paul Couvert
 @itsPaulAi
4 May 2023
ChatGPT is used by only 2% of people who have access to the internet. During this time some people use the right prompts and save a lot of time. Copy-paste these advanced ChatGPT prompts to get on top of the game:
259
1,884
69
9,832
Ashhad Ali retweeted
The Rundown AI
 @TheRundownAI
2 May 2023
Here are the top 10 ChatGPT prompts to finish hours of work in seconds:
88
865
37
4,582
Ashhad Ali retweeted
Somdev Sangwan @s0md3v
29 Apr 2023
SubGPT is available for free now :) Good luck with your recon✨ github.com/s0md3v/SubGPT
18
212
4
713
Ashhad Ali retweeted
Hasan Toor
 @hasantoxr
26 Apr 2023
That's a wrap! If you enjoyed this thread: 1. Follow me @hasantoxr for more of these 2. If you enjoyed this thread, don't forget to like, comment, and retweet the first tweet.
Hasan Toor
 @hasantoxr
26 Apr 2023
ChatGPT is super powerful AI Tool. But most people don't use its full potential Here're 10 powerful ChatGPT prompts to finish hours of work in seconds:
4
3
22
Ashhad Ali retweeted
Mehdi
 @silentgh00st
25 Apr 2023
This extension is mandatory for every bug hunter, pentester .. , it works in the background and scans every JS file for every website you visit and alert you if there are any found credentials-- checkout more info at their website github.com/trufflesecurity/t… ...

GitHub - trufflesecurity/trufflehog: Find, verify, and analyze leaked credentials

Find, verify, and analyze leaked credentials. Contribute to trufflesecurity/trufflehog development by creating an account on GitHub.

github.com
2
29
1
124
Ashhad Ali retweeted
Mike Takahashi
 @TakSec
2 Apr 2023
Full list of dorks: github.com/TakSec/google-dor…

GitHub - TakSec/google-dorks-bug-bounty: A list of Google Dorks for Bug Bounty, Web Application...

A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting - TakSec/google-dorks-bug-bounty

github.com
2
24
62
💉SQLMap is a powerful tool that helps you find SQL injection vulnerabilities but do you know how to use them? Worry not as our medium writer Frost got you covered! Read "How to Use SQLMap to Find SQL Injection Vulnerabilities" here: infosecwriteups.com/how-to-u… #bugbounty #sqli
5
52
1
220
How to find SQL injection on the Registration page? Try SQL Injection in Email Address (username) #bugbountytips #bugbounty #bugbountytips #sqli
27
317
5
1,013
Integration of Open AI into a leading penetration testing tool... Be wary: Sensitive info visible to service provider (vulns, credentials, etc.). Queries stored online may be hacked or leaked. Review terms of use & privacy policy. github.com/hisxo/ReconAIzer

GitHub - hisxo/ReconAIzer: A Burp Suite extension to add OpenAI (GPT) on Burp and help you with...

A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more! - hisxo/ReconAIzer

github.com
1
Ashhad Ali retweeted
Sara Ali Syed
 @saraalisyed
26 Mar 2023
Please get united and boycott fruits, you will notice how prices will go down within a week.... #بائیکاٹ_فروٹ
14
215
10
287
گزشتہ عرصوں میں فروٹ بائیکاٹ مہم چلانے والے اس سال کہاں چلے گئے ہیں ؟؟ #بائیکاٹ_فروٹ
22
208
2
396
Load more