Testing APIs? Stop guessing what's running under the hood. Use InQL's Engine Fingerprinter in Burp to identify the #GraphQL stack in seconds and save yourself the trial and error.

blog.doyensec.com/2025/12/02/i...
github.com/doyensec/inql

#doyensec #appsec #inql #security #bugbountytips

Using ZAP's Encode/Decode/Hash Add-on with CyberChef via Encode/Decode Scripts Combine the Encode/Decode/Hash add-on with CyberChef operations in ZAP Encode/Decode Scripts for flexible encoding, decoding, and hashing in your testing workflow.

I wrote a Blog post about combining ZAP with CyberChef.

#AppSec #WebAppSec #BugBountyTips

www.zaproxy.org/blog/2026-02...

@zaproxy.org Released add-ons today:

GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.

OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.

#AppSec #DevSecOps #WebAppSec #BugBountyTips

RCE in Google's AI code editor Antigravity - $10000 Bounty Hacktron AI Research Team discovered a critical RCE in Google’s Antigravity IDE that lets attackers take over your system just by opening a malicious website.

#Antgravity - an AI code editor from Google that has access to your entire codebase and terminal had a Remote Code Execution (#RCE) vulnerability - a great find and write-up by @HacktronAI earning them $10k #BugBounty!
#BugBountyTips
👇

www.hacktron.ai/blog/hacking...

MonkeHacks #92 Starstrike, XE5, Tokyo

🐵 MonkeHacks #92
Starstrike, XE5, Tokyo

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

Set your #xss hunting 🎯 on easy mode! In the latest edition of our Eval Villain video series, Dennis Goodlett demonstrates the time-saving power of the "needles" feature.

youtu.be/LI9QOuQDduE

#appsec #doyensec #bugbountytips #security

TenguCon 2.0 - Day 1 Keynote: Samuel Cohen, Meta YouTube video by TenguSec

Samuel Cohen's presentation at TenguCon 2.0 is now available to watch online!
#TenguCon #InfoSec #tokyo #bugbountytips #Hacking #CyberSecurity

www.youtube.com/watch?v=SjWG...

MonkeHacks #89 Upgrades, Open Loops, Notetaking

🐵 MonkeHacks #89
Upgrades, Open Loops, Notetaking

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

MonkeHacks #88 Christmas, End of Year Review, 2026 Plans

🐵 MonkeHacks #88
Christmas, End of Year Review, 2026 Plans

#bugbountytips #hacktheplanet #BugBounty
www.monke.ie/p/monkehacks...

GitHub - zaproxy/zaproxy: The ZAP by Checkmarx Core project The ZAP by Checkmarx Core project. Contribute to zaproxy/zaproxy development by creating an account on GitHub.

Hey Bluesky. Can you get @zaproxy.org to 15k ⭐️?

#OpenSource #DAST #AppSec #WebAppSec #ITSec #CyberSec #PenTest #BugBountyTips

Current Stars 14500

github.com/zaproxy/zapr...

Bug Bounty Search Engine Google advanced search queries generator for target domain: File & Directory Discovery Vulnerabilities & Exploits Subdomain & Asset Discovery And lot more securitytoolkits.com/dork-for-me
#InfoSec #BugBounty #bugbountytips #CyberSecurity

MonkeHacks #86 NCSC, Manchester, FOMO

🐵 MonkeHacks #86
NCSC, Manchester, FOMO

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

AI Bug Bounty Automation – Full Workflow Demo for USA Hunters YouTube video by Haxshadow

AI Bug Bounty Automation – Full Workflow Demo
US Bug Bounty Hunters: Can AI fully automate recon, scanning, and reporting in 2025?
#InfoSec #BugBounty #bugbountytips #CyberSecurity
youtu.be/sb-H4vOT-FI?...

Advent of Cyber 2025 Prep Track – Full Walkthrough & All Answers TryHackMe YouTube video by Haxshadow

Welcome to Advent of Cyber 2025!
In this year’s Advent of Cyber, something isn't quite right in Wareville. Can you help save the town and their beloved SOC-mas tradition from the evil grasp of King Malhare? youtu.be/lZqum00Yqco?...
#InfoSec #BugBounty #bugbountytips #Cybersecurity #tryhackme

MonkeHacks #85 Omarchy, Kinesis, Sabbatical

🐵 MonkeHacks #85
Omarchy, Kinesis, Sabbatical

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

Hacker Tried to Destroy My Site… Then This FREE WAF Roasted Him Alive! YouTube video by Haxshadow

🚨 A hacker tried to destroy my site…
But a FREE WAF turned him into digital BBQ 💀
Watch the chaos 👇
Hacker Tried to Destroy My Site youtu.be/KEJSZnb6klY?...
Join my cybersecurity channel: t.me/mr0rh
#InfoSec #BugBounty #bugbountytips #CyberSecurity

Solve This CTF & I'll Send You My Notes That Made Me $10k in Bug Bounty YouTube video by Haxshadow

“CTF lovers assemble 🤝🔥
Solve this challenge → grab my Bug Bounty notes.
Link below, give it a try 😤👇”
youtu.be/MpIq1TLDtec

#CyberSecurity #BugBountyTips #CTFTime #LearnHacking

MonkeHacks #84 Monitors, Diversification, Spirit of Tasmania

🐵 MonkeHacks #84
Monitors, Diversification, Spirit of Tasmania

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

Free Cybersecurity Tools - Professional Security Toolkit Free, powerful security tools for ethical hackers, penetration testers, and cybersecurity professionals.

This site was fast with the cloud but this site is currently live now you can check it out if you want why there is a live one
www.securitytoolkits.com/tools
#cybersecurity #bughuntintips #bugbountytips

MonkeHacks #83 H1-3120, Office, Illusions

🐵 MonkeHacks #83
H1-3120, Office, Illusions

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

MonkeHacks #82 Mudge, Mini-Scripts, Fighting the Current

🐵 MonkeHacks #82
Mudge, Mini-Scripts, Fighting the Current

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

MonkeHacks #81 Schedule, Adjusting, Amsterdam

🐵 MonkeHacks #81
Schedule, Adjusting, Amsterdam

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

How to Pentest & Bug Hunt a WordPress Website from Recon to Report — Live Walkthrough YouTube video by Haxshadow

How to Pentest & Bug Hunt a WordPress Website from Recon to Report — Live Walkthrough
visit: www.youtube.com/live/UVb3j8W...

#CyberSecurity #BugBounty #bughunting #bugbountytips #mariners #sakural

Amass 5.0.0 Usage for Recon OWASP Tool

Using #owasp tool Amass 5.0.0 for recon. Hope this helps!

#bugbountytips #bugbounty #CyberSecurity #resonnaissance #EthicalHacking

medium.com/@marduk.i.am...

MonkeHacks #80 Cats, CTBB, H1 LHE

🐵 MonkeHacks #80
Cats, CTBB, H1 LHE

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...

Part II: I found a bypass to Microsoft's fix using a Timing Attack to leak the Microsoft Event Registration database again! Here's the writeup: blog.faav.top/microsoft-ev... #BugBounty #bugbountytips

I found another vulnerability to leak the Microsoft Events Registration and Waitlist databases, this could've leaked tons of PII. Here's the writeup: blog.faav.top/microsoft-ev... #BugBounty #bugbountytips

After this, I found a bypass to Microsoft’s fix and will be releasing Part II in a few days.

How to Automate Bug Bounty & Website Pentesting with AI (Penligent.ai) YouTube video by Haxshadow

I’m showing you how to use Penligentai, an AI-powered tool that automates bug bounty hunting and website penetration testing.
poc: youtu.be/z0P1Io1wSog?...

#DWTS34 #blacksky #silksong #bugbountyhunting #bugbountytips

Visible Error-Based SQL Injection A Portswigger Lab

Latest #Portswigger SQL lab write-up.

#BugBounty #bugbountytips #SQL #SQLI #injection #informationsecurity #PortswiggerLabs

medium.com/@marduk.i.am...

MonkeHacks #79 HackAIcon, Mexico Bugswat, No Cat (Yet)

🐵 MonkeHacks #79
HackAIcon, Mexico Bugswat, No Cat (Yet)

#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...