YesWeHack

💡 Did you know that you can use Hackvertor inside Burp Suite to automatically calculate the size of chunked data? This is extremely useful when exploiting HTTP request smuggling vulnerabilities! 🧐 #YesWeRHackers #BugBounty #BugBountyTips

🚀 Ready to level up your web security skills? On November 9th, 11:15 AM, join Tom Chambaretaud from YesWeHack as he presents "Insecure Time-Based Secret in Web Applications and Sandwich Attack Exploitation" during #UYBHYS24. 💻 Discover insights from #BugBounty programs as Tom uncovers common "time-based secrets" pitfalls in web applications, demonstrating how to detect and exploit these vulnerabilities. 🔴 Watch a live demo featuring Reset Tolkien, an #OpenSource tool developed by Tom, with practical examples inspired by real bug findings. Don't miss out! DIATEAM, La Cantine numérique Brest

Dark Mode is coming to YesWeHack! 🖤 🕸 Just in time for Halloween, we're rolling out this highly requested feature on our platform – perfect for long, late-night bug hunting sessions! So... Team Light or Team Dark? 🌗

You've been invited to our Halloween party - but there's a spooky twist! 👻 See if you can survive the party and solve this special Dojo challenge... 💀🎃 As usual, the 3 best reports will win exclusive swag! 🎁 Submit your solution before November 7, 2024 👉 https://lnkd.in/e7mbvT4N

Cyber Security Awareness Month might come to an end, but the bug hunt continues! 🕵️ Our open-source #BugBounty programs remain active, with rewards, exclusive swag, and leaderboard recognition up for grabs. 🏆 Missed it? YesWeHack now hosts a dedicated leaderboard for all open-source submissions, with top spots currently held by calehuri, mdisec (Mehmet INCE), and foobar0x7. Think you can beat them? Bring your A-game and make your mark! Take your shot here 👉 https://lnkd.in/eH__XMSn 𝐎𝐩𝐞𝐧 𝐭𝐡𝐞 𝐜𝐨𝐝𝐞. 🗝 𝐒𝐨𝐮𝐫𝐜𝐞 𝐭𝐡𝐞 𝐛𝐨𝐮𝐧𝐭𝐲. 💰 #OpenSource #EthicalHacking

📢 CrowdSecWisdom #7 is live! Featuring: ⚡ EU NIS 2 enters into force, Cyber Resilience Act adopted ⚡ TeamViewer talks Bug Bounty benefits versus pentesting ⚡ Cyber skills shortage drives faster growth in security services than staffing ⚡ Cyber issues at stake in the imminent US election ⚡ And more offensive security insights curated from our own blog and elsewhere for CISOs, security teams and security-conscious devs 🛡️ #BugBounty #Cybersecurity #OffSec #SecOps #AppSec

💻 #OpenSource #BugBounty Spotlight: GNOME – fully featured desktop environment and application platform used by millions of Linux users worldwide 🌐 Three scopes and max €10k rewards via Sovereign Tech Fund & GNOME Foundation. 🫀 𝐂𝐨𝐫𝐞 𝐅𝐮𝐧𝐜𝐭𝐢𝐨𝐧𝐚𝐥𝐢𝐭𝐲: Provides graphical interface and platform for applications that makes Linux-based computers easier to use. As with Windows or macOS, it helps you manage files, run programs and customise your workspace. 🌎 𝐑𝐞𝐚𝐥-𝐖𝐨𝐫𝐥𝐝 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬: Used by many Linux distributions, such as Ubuntu, Fedora and Tails. Popular among a variety of users – including activists and journalists, businesses and governments – that prize both security and efficiency. ⚠ 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐑𝐢𝐬𝐤𝐬: Prime attack target given popularity, including in security-critical contexts. Vulnerabilities, for instance due to untrusted inputs or memory issues, could affect security and stability. Hunters, help us harden GNOME: https://lnkd.in/e7eYqJdJ 🐞 𝐑𝐞𝐥𝐚𝐭𝐞𝐝 𝐇𝐚𝐜𝐤𝐢𝐧𝐠 𝐒𝐤𝐢𝐥𝐥𝐬: Sigabrt has reported serious vulnerabilities to GNOME’s bug bounty program has published a blog post detailing the fuzzing techniques he deploys on GNOME and other open-source target 👉 https://lnkd.in/eWMEQCfR #BugBounty #OpenSource #Cybersecurity

Mark your calendars for a must-see talk at the #BugBountyVillage during Ekoparty 👾 On November 13th, 4:30 PM, Alex B., Researcher Enablement Analyst at YesWeHack, will be sharing groundbreaking techniques on exploiting SSTIs. He’ll walk you through crafting unique payloads that achieve RCE without needing quotation marks or plugins - pushing past perceived limitations. Don’t miss out! 😎 #EKO2024 #BugBounty #SSTI #RCE Bug Bounty Argentina

Want to deepen your understanding of prototype pollution vulnerabilities? 💡   Don’t miss out on the insightful workshop presented by our Tech Ambassador Lucas Philippe aka BitK during #UYBHYS24!   On November 8th, from 10:00am to 12:00pm, BitK will discuss how to detect and exploit prototype pollution in JavaScript applications, providing an in-depth and hands-on experience to participants.   #YesWeRHackers La Cantine numérique Brest DIATEAM

Guess what? We're in Helsinki! 🇫🇮❄ Come visit us at booth SI2 at Cyber Security Nordic today and tomorrow! Mats Ögren, Mark Malloy, James Terry and Jan Nieminen are here to showcase our #BugBounty and vulnerability management platform. Have questions about how YesWeHack can boost your #cybersecurity? Stop by and chat with us! Nähdään pian! 👋