YesWeHack ⠵ (@yeswehack) / X

YesWeHack ⠵

9,144 posts

YesWeHack ⠵

@yeswehack

Offensive Security & Exposure Management Platform 🎯 yeswehack.com/programs 👾 dojo-yeswehack.com 💡 yeswehack.com/blog

World

Joined July 2012

YesWeHack ⠵
@yeswehack
Feb 13, 2025
Medusa by @Ch0pin is a game-changer for mobile bug hunters 📱🕵️ With its FRIDA-powered framework, you can automate tasks like bypassing SSL pinning, tracing function calls, and modifying app behaviour in real time. Perfect for uncovering vulnerabilities in Android & iOS apps! 🔍
GIF
26K
YesWeHack ⠵
@yeswehack
Oct 25, 2022
Tips&Tricks🕵️ #BugBountyTip! did you know..? 📂Httpx can do directory fuzzing on all domains with one simple argument!🧐 #YesWeRHackers #BugBountyTips
YesWeHack ⠵
@yeswehack
Sep 16, 2022
Vulnerable code snippets time⏳ Level: Easy🪲 Found the issue? Explain how in the comments!👇
YesWeHack ⠵
@yeswehack
Nov 1, 2022
Tips&Tricks🕵️ #BugBountyTip! We all love the SQL injection payload: ➡️0'XOR(if(now()=sysdate(),sleep(10),0))XOR'Z We have added some adjustments to the payload that may bypass some WAFs & to help you with the hunt!❤️‍🔥 #YesWeRHackers #BugBountyTips
YesWeHack ⠵
@yeswehack
Sep 23, 2022
Vulnerable code snippets time ⏳ Level: Easy 🪲 Found the issue? Explain how in the comments! 👇 #BugBounty #YesWeRHackers
YesWeHack ⠵
@yeswehack
Oct 21, 2022
Vulnerable code snippets time⏳ Level: Easy🪲 #BugBounty #YesWeRHackers Found the issue? Explain how in the comments!👇
YesWeHack ⠵
@yeswehack
Oct 6, 2023
Bypassing modern WAFs can be tricky. First, we can use a tool like Wafw00f to find out the WAF used by the application. Then we can use this information to obfuscate or encode our payloads to bypass the firewall🔥🧗 Read more advanced techniques here : blog.yeswehack.com/yeswerhackers/…
42K
YesWeHack ⠵
@yeswehack
Oct 7, 2022
Vulnerable code snippets time⏳ Level: Easy🪲 #BugBounty #YesWeRHackers Found the issue? Explain how in the comments!👇
YesWeHack ⠵
@yeswehack
Feb 15, 2023
🚨 Attention hackers and bug hunters! We just published an in-depth article on detecting and exploiting prototype pollution #vulnerabilities in JavaScript, written by @BitK_ & @sakiirsecurity. Check it out to stay ahead of the game & sharpen your skills 👇
yeswehack.com
YesWeHack Blog | Cybersecurity Insights and Bug Bounty Trends
Explore bug bounty insights on the YesWeHack Blog. Stay updated with vulnerability disclosure trends, hacker stories, and tips to excel in bug bounty programs.
27K
YesWeHack ⠵
@yeswehack
Oct 31, 2025
Last-minute costume idea: hacker at @yeswehack 🕷️💻 Don't have what you need? Try your luck to win a swag pack! To enter: 👉 Follow us 👉 Comment your fav Halloween emojis Winners (one here, one on LinkedIn) will be announced Monday, 11AM CET. Good luck, spooky hackers! 💀
36K
YesWeHack ⠵
@yeswehack
Jul 12, 2023
Dalfox 🦊 is an advanced XSS scanner and parameter analyser that also offers the ability to collect XSS payloads from other sources remotely, such as PortSwigger's XSS cheat sheet! 👇 Dalfox : github.com/hahwul/dalfox #YesWeRHackers #bugbountytips
23K
YesWeHack ⠵
@yeswehack
Oct 14, 2022
Vulnerable code snippets time ⏳ Level: Easy 🪲 #BugBounty #YesWeRHackers Found the issue? Explain how in the comments! 👇
YesWeHack ⠵
@yeswehack
Nov 9, 2022
Tips&Tools!🕵️ We compared some fuzzer tools!😼👇 Dirsearch, FFuF, Feroxbuster, GoBuster » Speed💨 » Accuracy🎯 » Features⚙️ Which one is your favorite? ⚔ #YesWeRHackers #BugBountytip #BugBountytips
YesWeHack ⠵
@yeswehack
Feb 14, 2025
Today, we’re celebrating love by offering some swag! 😍 To take part, make sure to follow us & comment which item you prefer from the pic 👇 We’ll draw two winners (one on X, one on LinkedIn – so you can maximise your chances) on Monday, 10am CET. Happy Valentine’s Day! 💖
20K