Tuan Anh Nguyen 🇻🇳 @haxor31337 Twitter profile

Pinned Tweet

Tuan Anh Nguyen 🇻🇳

2 years

I'm happy to share my story on bug bounty journey. Thanks bugcrowd for choosing me to make inspire everyone in the community 🙏 Be patient, focus and keep ethical success will come to you 💯💪🔥

bugcrowd

@Bugcrowd

2 years

Researcher Spotlight 🔦 Security Engineer, Redteam, and #bugbounty #hacker ! 🚨 @haxor31337 💬

8

18

121

11

8

131

Last Seen Profiles

@chiyo_hanayagi

@aaaa611726

@stw_pdg

@meggoart

@BrunoKaraw59116

@pymi

@PriaSej12601518

@kato_vark

@KellyNapi

@confoedalist

@bokeplokalmalam

@Sweeeeeeeeft

@silvers00007

@soph_johnstone

@CarolynWitte

@ThexnewsX

@Astronumi

@MarcusCreed1

@matallanas

@sergkabs

@ISAE_ensma

@MrMonies28

@LuisaBebeth

@momsonxx

@penyukastw21

@StarburstFrance

@pbergin1993

@9mmballpoint

@juusk_

@stw_pdg

@Ladyratu423298

@GO2Albania

@StwGendut

@aburaydahhh

@wildenadandy

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

I found an RCE that comes from a secret leak in the JS source file. Always look and mine the secret key, token, and credential in the js file. I think it is a gold mine and many critical bugs are found in it. After seeing Zabbix API and reading the document, you can get an RCE.

26

175

952

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

I've had a busy month with my son 👶 and traveling to Las Vegas and Phuket to join conferences. I'm also happy to announce I just passed the $1 million mark in total bounty I've earned on all bug bounty platforms and external programs. Today is the national holiday in my country

76

38

705

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Spring Boot Actuators Misconfiguration is another gold mine in bug bounty. Because many Spring boot apps change time by time, running on microservice architecture exposed the actuator endpoint public to the internet. I found an RCE via Spring cloud gateway exploit 👇

15

171

694

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

2022 is a great and successful year for me. Bug bounty changed my life. I surpassed 500k$ bug bounty and got invited to many Live Hacking events. With more than 50 Critical vulnerabilities on the HackerOne platform and nearly 200 P1 on the Bugcrowd platform 💪🔥

34

19

540

Tuan Anh Nguyen 🇻🇳

@haxor31337

10 months

After 4 years since starting the bug bounty journey and getting to know many hackers around the world as well as starting with the two platforms Bugcrowd and HackerOne. Today I passed the $1M milestone on @Bugcrowd . I'm just a part time bug bounty hunter.

81

10

521

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Seems someone get fired? 🥲 I feel bad weekend for Uber Blueteam ☹️

14

68

514

Tuan Anh Nguyen 🇻🇳

@haxor31337

4 years

You can bypass SQLi on Cloudflare by use mix tamper sqlmap space2comment,between,randomcase #bugbountytips

13

122

466

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

I had some busy days for my wedding and honeymoon week. Taking a rest before come back to continue hunting with my passion and my fellow hackers 💪 Thanks everyone 😊

105

1

429

Tuan Anh Nguyen 🇻🇳

@haxor31337

11 months

Last month, I chose Apple to hunt after a successful month of hunting on FIS. I and my leader in Red team of VCS continued to find a Critical 0day affected on the Apple production environment. Apple team fixed the issue within a day. We have been rewarded 32k$ for this finding 🔥

16

22

380

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Thanks @Bugcrowd for a very cool Champion belt 100 P1s 🔥 I like it than bonus cash 😄

14

10

319

Tuan Anh Nguyen 🇻🇳

@haxor31337

9 months

When you hunt targets on Bugcrowd, always check Known vulnerabilities tab and try to reproduce it to learn, you may find another vulnerability without duplicate or method bypass for old vulns 🙂 In this time, I didn't have much time to hunt, I spent more time with my family ❤️

12

248

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

You can play with #ChatGPT to find subsidiaries of any company without using a paid account from lookup services, and find applications owned by a company easily way but still need to recheck and verify because data from ChatGPT doesn't verify trust source. #bugbountytips

11

55

242

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

CVE-2021–22201: Arbitrary file read on Gitlab Analysis + PoC:

3

64

244

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

I was in Las Vegas for 4 days and flew 1 day to get to the H1-702 event. I had to leave early to see my first son. It's a pity that I can't participate in 2 events BlackHat and Defcon with everyone. This is my first time coming to America 🥹

31

3

239

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

A signature for detection version of Exchange server URL: /autodiscover/autodiscover.json? @foo .com/ecp/&Email=autodiscover/autodiscover.json%3F @foo .com Because some servers blocked endpoint /mapi/nspi/ we can use another path as /ecp/

8

67

216

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

About CVE-2021-26084, Block endpoint /pages/createpage-entervariables.action If you can't patch your server. The attacker can exploit without authentication although signup is disabled by default Mass scan already start and bug bounty hunters are farming it 🙂 #RCE #Confluence

5

81

216

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Alert !!! This PoC is fake do not run it. You will get a backdoor 🥲

14

58

214

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

I had an impressive experience with the Starbucks ☕️ program. When I found the RCE vulnerability and reported it overnight, the next morning when I woke up to check, the vulnerability had been fixed even though the report had not been triaged 😐

11

7

209

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Happy weekend and Happy hunting everyone. Hope I will get triaged all my reports 🙂 Need rush to 100 P1 🔥 Thank all bro for collaboration with me all-time @h1pmnh @naglinagli @m0chan98 @d00xing @bsysop @iangcarroll @iustinBB @streaak @jkana101 @Jok3rDb

16

4

200

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Happy birthday to me. Always smile and stay positive 🙂

43

1

201

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

New achievement unlocked new year 🙏 I get top 1 on Amazon VRP public 💥 It is a gift for Happy Lunar Year in my country 😍

8

2

198

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Poor him. He read my bug closed as Informative on a bad program. Many researchers on @Hacker0x01 have been stolen bugs including many 0day and sensitive bug reports by a bad triager. And I really appreciate the transparency and responsible handling of the HackerOne platform.

14

16

190

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Hi everyone. This is me. Thank you all for following me. #TalkToSharing

8

0

172

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

Program: Happy 10$ reward sir Me: 🙂 @GodfatherOrwa @XHackerx007 @codecancare @ArmanSameer95

32

4

173

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

New adventure on @SynackRedTeam platform. I have been waiting a long time for my application to be accepted. And was rejected twice before from the beginning of 2021. It took nearly 2 months to complete the background check. Today I get #LevelUp 0x03 on the platform.

18

4

169

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

I'm happy to see the reward 😍

12

3

160

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

This is my first report collaborate on @Bugcrowd And I feel very happy when seeing it. Love you man @bsysop and hope all bug bounty hunters can find a nice collaborators. "If you want to go fast, go alone. If you want to go far, go together."

22

4

156

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

How long you get reward since report vulnerability to @Apple bug bounty program? I reported RCE on their product domain but still no update from 8 months ago when it fixed after 1 day report. Report and pray. LoL

22

5

150

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

If you play a CTF game with many good challenges and new knowledge, trick bypass, it will be good 👀 If you want to make more money and change your life, fight real systems, play bug bounty is best 🫡💪

‌Renwa

@RenwaX23

1 year

CTF Player vs Bug Bounty Hunter

51

373

2K

5

15

149

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Merry Christmas everyone 🥳 I love hoodie 😍 With my friend @thaivd98

7

0

148

Tuan Anh Nguyen 🇻🇳

@haxor31337

8 months

Meetup Synack Vietnam friends 👋 I see some millionaire hackers in this picture 🤑 @jkana101 @DuyHung_88 @khoiasd 🍻

6

1

149

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

Bug Bounty Hunter 🙂

6

3

146

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Thank you to my colleagues in the Application System Security room for wishing me a happy birthday. I love you all. Talented and passionate people dedicated to their work ❤ 27 years old 💥

23

0

147

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Got rank 9 in last 30 days from I join @SynackRedTeam . I hope I can reach to level 5 soon. I missed many 3k bug. It is my confusion when join new platform, never forget and never give up your target. #bugbountyroad

5

2

139

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

OMG. So surprised. I'm on TV. So many unknown 1day, 0day in many popular products still not public and exploited in the wild come from trivia bugs. It is really a hole in many enterprise software vendors. Really nice Keynote from #OffensiveCon23 Thanks

3

15

139

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

My stat on @Bugcrowd this year. Only need more 6 P1 to reach a new level P1 warrior with 100 P1 and I have +10 P1 still pending. Hope it can change to unresolved in the final week of the year 🙏🙏🙏 I feel very lucky and the best year for my bug bounty journey in 2 years.

13

1

134

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Oh no. His account seems disabled after he disclosed about Spring core RCE. Does this have anything to do with the Chinese government? Chinese hackers are actively exploiting this 0day?

15

23

127

Tuan Anh Nguyen 🇻🇳

@haxor31337

4 years

Thank @Bugcrowd for beautiful swag and p1 coin. My next target is 50 P1s 🔥🔥🔥

7

128

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

After many years of participating in the Pwn2Own arena, we have won the Master of Pwn. Congratulations to my outstanding colleagues. They are young people who are very talented, united, and have a high fighting spirit. I have witnessed their tireless efforts for the past 3 months

VCSLab

@vcslab

1 year

Here we are, now we are the Champions 🤩🤩🤩

4

7

114

9

1

130

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

About #CVE -2021-22205, I and some hunters know it before it was published as Pre-auth RCE. Maybe Gitlab knew it but they keep it silent because If public this, will have many servers will be compromised and APT, ransomware attack before bug bounty hunter report it to programs.

4

23

124

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Detail analysis of the vulnerability Unauthenticated SQL injection Woocommerce by com0tf3

Phân tích lỗi Unauthen SQL injection Woocommerce

Tóm tắt Woocommerce là wordpress plugin cho phép xây dựng website bán hàng miễn phí. Hiện tại có hơn 5 triệu website đang sử dụng plugin này.

viblo.asia

3

49

121

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Thanks @Bugcrowd for the bonus of 150 P1s 😂 No more swag for the P1 incentive program 🥲 I am really curious the next level will get what? How long time to reach 250 P1s? 🥹

16

4

118

Tuan Anh Nguyen 🇻🇳

@haxor31337

4 years

Nice program and quick response. Very like some programs as this. I'm trying to get more P1 and unlock new achivement on @Bugcrowd ^^

13

5

118

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

I already write a nuclei template to scan this vulnerability before. Not many server vulnerable. It cause due to misconfig in reverse proxy. Read more about this vuln here:

Weird proxies/2 and a bit of magic

https://zeronights.ru/en/reports-en/weird-proxies-2-and-a-bit-of-magic/ Reverse proxies and their variations are used everywhere in modern web applic…

speakerdeck.com

Hussein Daher

@HusseiN98D

1 year

Bug of the day: SSRF via Proxying GET http://localhost:22 HTTP/1.1 Host: target Connection: close Response: SSH-2.0-OpenSSH_7.4Protocol mismatch. #bugbounty

31

150

643

1

28

117

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

@Bugcrowd I'm falling in love with P1 🥰

7

1

113

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Finally, I got top 100 @Bugcrowd all time 😁 Hope I will have more good finding in the future and help more organizations and corps more secure 😇 Thanks everyone in bug bounty community and security research ❤

13

1

110

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

I will be taking part in-person LHE event in Las Vegas for the first time after being unable to attend previous LHEs. Although the visa interview schedule is at the end of July, I hope that luck will smile on me 🙏

25

0

111

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

After 10 months of waiting I finally got my reward from Apple team. Thanks for the sweet reward. I will think about continuing to hunt on Apple bug bounty program 😄

8

0

109

Tuan Anh Nguyen 🇻🇳

@haxor31337

5 years

I am farmer CVE with Oracle E-Business Suite. A complexity product ERP :)

10

11

106

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

I had some lucky when play with some IIS default page instance. Do fuzzing path and found some good RCEs from leak machine key like a Red Teamer 🥷 Will share it soon. It seems is 0day in some products with hardcoded machine key on these products. I love machine key ❤️

Critical Thinking - Bug Bounty Podcast

@ctbbpodcast

1 year

IIS Hacking tips from the latest episode with the master himself @infosec_au : 1. NEVER leave that blue IIS page un-touched "You see that blue page that comes up when you hit an IIS server? That should be your point where you think, I'm gonna find criticals on this bad boy.

11

211

602

2

11

108

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

Top 1 CVE in the next days 🚨🚨🚨 Unauthenticated RCE on Citrix ADC Gateway 😱😱😱

1

12

103

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Awesome tool 😍

fhverga

@fhverga

3 years

Redirect/SSRF payload generator opened by @intigriti This online tool will generate payloads for you to bypass filters to reach open redirect/SSRF vulnerability.

12

251

595

1

24

100

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

I'm very excited to announce I has been selected as Brand HackerOne Ambassador in Hanoi, Vietnam. This will help me to build and connect bug bounty hunter in my region and help beginner start with cyber security industry 🤝💪🔥 #togetherwehitharder

HackerOne

@Hacker0x01

2 years

The newest additions to the network of HackerOne Brand Ambassadors have been announced! We can't wait to see the amazing things everyone will accomplish in their regions. 👏 #togetherwehitharder

9

12

87

6

1

98

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

I ranked 1st on Amazon VRP and top 30 all-time on Bugcrowd. I bought a house and a car this year and got married and am expecting my biggest Bug 👶 next year.🙏❤️

2

0

88

Tuan Anh Nguyen 🇻🇳

@haxor31337

10 months

I recommend using Beeceptor to make a mocking server without self self-hosted server. It is really useful for SSRF bypassing using the redirect method, creating a fake response, and some cool other features. It helps deploy a mock server quickly without use your resource 😃

Beeceptor 🐝

@beeceptor

10 months

Next week, we're rolling out an exciting new feature to enhance your testing and integrations. Take a look at this video for a sneak peek and start guessing what's coming!

0

2

10

2

9

91

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

I am still waiting for some P1 unresolved 😁 My next target is top 100 all time @Bugcrowd

4

2

90

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Researcher who reported log4j vulnerability is a hero of the internet but he and his company get suspend by his country. If APT groups owned by china govermence know it before public, I can't imagine what will happen to both the internet and the world 😠

The Hacker News

@TheHackersNews

3 years

⚡China has suspended its partnership with #Alibaba Cloud Services — whose researcher discovered the critical #Log4j vulnerability — because the company did not first report this flaw to the government as required by the country's new law. Read: #infosec

13

246

497

4

16

87

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

From Stranger to DA using PetitPotam to NTLM relay to Domain Administrator

1

30

86

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

@sillydadddy XXE+SSRF = RCE An interesting chain from @_tint0

1

35

85

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

A group of young Vietnamese people quit their jobs at the company and established a full-time bug bounty group and this is the group's 1-month performance. Very Impressive 👏💯🔥

Flysec Corp

@flysec_corp

1 year

FlySec Journey's 1st month: 🔥Fired by A Critical Vulnerability affects massive companies 🔥Write-Up coming soon. Stay tune! ❤️‍🔥FlySec try our best to save the internet! #FlySecJourney

1

5

71

6

11

85

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

You can use JS Miner Extender on Burpsuite to active scan all js files when crawling the target. But sometimes it can missing secret by custom variable and not available in regex.

1

6

83

Tuan Anh Nguyen 🇻🇳

@haxor31337

6 months

Calling bug bounty hunters 🥷 in Hanoi and Ho Chi Minh areas to participate in HackerOne's biggest Ambassador Worldcup 2024 event of the year 🔥 If you want to try your hand at difficult targets and collaborate in a strong, experienced community. Please join us 🇻🇳 🤝💰💪 @LamScun

5

2

81

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

This finding was reported to many bug bounty programs in a long time. Still many companies affected by this misconfig isssue when they use Akamai CDN.

spidersec

@SpiderSec

3 years

Akamai ARL misconfiguration: 🥷 POC: /7/0/33/1d/www.citysearch.com/search?what=x&where=place%22%3E%3Csvg+onload=confirm(document.location)%3E #bugbountytips

9

149

373

0

22

79

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

MindAPI is very useful for bug bounty hunters created by @dsopas #bugbounytips

1

22

78

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Don't trust anyone. Keep your small trust circle when sharing a target or unique PoC exploit.I learned a valuable and disappointing lesson about this when I shared it with the wrong people. Someone can trick you and will defeat you in the spirit of not sharing and steal your work

Patrik Fehrenbach

@ITSecurityguard

2 years

Chose your collaborators carefully when doing bug bounties. Build a community of trusted and vetted individuals that live and share your values :) "A wise person should have money in their head, but not in their heart." (Jonathan Swift) #BugBounty #bugbountytip #bugbountytips

6

3

67

6

3

74

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

One of the hacker who I know is doing very success with IDOR type bug and always bring big impact with these findings 💥 Amazing mindset 💯

Dat Pham 🇻🇳

@datph4m

1 year

Yay, I was awarded a $12,500 bounty on @Hacker0x01 ! #togetherwehitharder

38

29

636

1

71

Tuan Anh Nguyen 🇻🇳

@haxor31337

6 months

Happy Friday Blue team 🥹 CVE 10.0 vulnerability in PAN-OS 🚨🚨🚨 Coincidentally, several serious 0day vulnerabilities that can 🔥the internet were made public on Friday 👀

CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in...

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configu...

security.paloaltonetworks.com

5

14

74

Tuan Anh Nguyen 🇻🇳

@haxor31337

9 months

@damian_89_ You are right. Congrats for a good start month 🎉

7

1

73

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Seems an triager of Uber has been hacked account and threat actor can access to all reports of researchers on Uber program. This is incident never see it before 😱

4

1

69

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

@Masonhck3571 Just recon and check 😅

4

1

72

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

On top of the month again with #2 in last month of 2021 with many P1s and get achievement 100 P1 on @Bugcrowd 💪🙏🔥

4

2

73

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

#bugbounty is so magic. I have a question how he can do it with a program with limited scope and received more than 100k$ with 4 reports resolved on @Hacker0x01 ? Anyone know him?

13

5

70

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Happy to be a part of Tess's Squad team ❤ Can't wait to see the next round 💪🔥 Thank all for your hard work and fair play 💯 @ArmanSameer95 @codecancare @GodfatherOrwa @XHackerx007

3

0

68

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

First time I got #1 on rank leaderboard of month. Try to get more P1s and on top. Check out the @bugcrowd top 10. #kickass #ItTakesACrowd

7

4

69

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

You don't know to choose the target for research and hunting bugs. Let's ask #ChatGPT , it shows with accuracy very good. So amazing. I can play with it to see some interesting I need to focus on hunting 🥹🧐 #bugbountytips

4

3

63

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

I just landed a flight to Phuket and will be attending the #HITB2023PK conference tomorrow. Looking forward to great presentations at this event 🤩 Thank to my company #Viettel Cyber Security for bring me this opportunity ❤️

1

3

64

Tuan Anh Nguyen 🇻🇳

@haxor31337

6 months

@bxmbn No luck with me. If you are a professional hunter, it is 50% perseverance and 50% skill + experience. If you are a hunter use automatic tools. I think it's 80% luck and 20% skill🙂

6

2

60

Tuan Anh Nguyen 🇻🇳

@haxor31337

4 years

Thanks @Bugcrowd for nice swag. I'm trying to get 50 P1s with a cool hoodie 😍 #tryhard

2

0

61

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

From Vietnam, Happy New Year to everyone, bug bounty and security research community around the world 🍻💥🥳 Wish you all a successful new year with lots of health and energy 🙏❤🔥

5

0

57

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Anyone are doing bug bounty hunting in Vietnam can join. Message me and we can get high together in Ambassador world cup event 💪🤝🔥 #togetherwehitharder

HackerOne

@Hacker0x01

2 years

The #AmbassadorWorldCup is back! 🙌 March marks the beginning of 9 months of epic competition. Are you up for the challenge? Ambassadors all over the world are recruiting teams now. Contact your regional leader to join in. More details coming soon. 👀

10

26

123

7

3

55

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

@gonzxph You can use this method to bypass

GitHub - yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD: bypass disable_functions via LD_PRELOA...

bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail) - yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD

github.com

0

8

53

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

If you use burp 1.7.x you won't be hack 😂

3

5

57

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

New 0day post-auth RCE on Exchange Server is being exploit in the wild and has been detected by team GTSC. They catched the PoC on some targets which has been attacked by threat actor and reproduce it success also reported to ZDI 💥💯

3

13

55

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Finally I got my hoodie 😍 Winter is coming at my country. Continue fighting for 100 P1 🔥 @bsysop @sw33tLie

9

0

54

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

@Hacker0x01 has developed many great new features, effectively supporting researchers. I very like this new feature. It help me have insight into 3rd parties and a statistic about techniques, and products used by companies around the world. Very cool feature 💯🔥❤️

6

2

54

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Awesome. Always love their tools 🤩

ProjectDiscovery.io

@pdiscoveryio

2 years

[NEW-PROJECT] 🥳🥳 Katana –– A next-generation crawling and spidering framework. → Standard / Headless → Customizable Config → Scope control → Output Filters GitHub Project –– #hackwithautomation #cybersecurity #crawler #opensource #bugbounty

78

566

2K

0

11

49

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

My Twitter Interaction Circle 💯 Thank all for your hard work and great sharing in the community 🙏🔥❤️

2

0

50

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Wannacry again and the world will burn again. Patch your Windows system ASAP 🔥

Jon Gorenflo 🇺🇦🌻

@flakpaket

3 years

We've learned nothing. 🥴 CVE-2022-26809 is going to ruin some weekends. #CyberSecurity

35

331

1K

0

10

51

Tuan Anh Nguyen 🇻🇳

@haxor31337

4 years

Finally, I got a Nice catch from Google VRP. So sweet <3

2

1

51

Tuan Anh Nguyen 🇻🇳

@haxor31337

2 years

Trust me. Bug bounty hunter guild is a fantastic group and strong top hunters worldwide 💪🔥 I feel lucky when I become a part of this guild 🙏❤️

Hussein Daher

@HusseiN98D

2 years

This is the cutest video I've received from my #bugbounty friends. Thank you all for your wishes. Much love everyone. This community is AWESOME. ❤️

11

5

227

2

3

51

Tuan Anh Nguyen 🇻🇳

@haxor31337

11 months

Vietnam is a developing country and racing in the 4.0 era. It has produced many generations of hackers since the early 2000s and has a tradition of inheritance and continuity between generations of hackers. CTF competitions are held annually among universities 👈🧑‍🎓

Nathaniel

@nnwakelam

11 months

Why does Vietnam produce so many really really good computer hackers relative to Thailand which seems to not have that many at all? Is there a particularly strong STEM focus at the universities here?

14

0

67

2

49

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

OMG 😱 Drop the database and create a new account admin. RIP Confluence 🥲

ShimizuKawasaki

@shimizukawasak

1 year

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning

5

57

228

2

5

49

Tuan Anh Nguyen 🇻🇳

@haxor31337

10 months

To newbie: Don't hesitate and get started with VDP programs to learn how to report and find critical vulnerabilities and get a good start on the platform. VDP programs will be less competitive and you will have more space without fear of duplicates 💪

2

47

Tuan Anh Nguyen 🇻🇳

@haxor31337

3 years

Research recently by VCSLab regard log4j exploit by threat actors before the vulnerability has been public 👀 Follow us to see interesting research in the future from Viettel Cyber Security 🔥💥

VCSLab

@vcslab

3 years

We luckily found some evidence to believe that: The Log4Shell vulnerability may have been exploited since August 2021. At least 10 targets have been found, including government, banks, entertainment, betting companies, etc.

3

45

125

0

7

48

Tuan Anh Nguyen 🇻🇳

@haxor31337

1 year

Thank @Hacker0x01 for the great design logo for each Ambassador club. It is really cool. Everyone from Vietnam who enjoy bug bounty hunting can join this club and together grow, learn and share, help, and collaborate to achieve something bigger, target bigger. Dm me to join 🤝