Anton (therceman)'s Avatar

Anton (therceman)

@therceman

Bug Bounty Hunter www.therceman.dev

809
Followers 80
Following 25
Posts 18.11.2023
Joined
Posts Following

Latest posts by Anton (therceman) @therceman

Hello everyone πŸ‘‹
Almost 800 followers, wow πŸ˜€

24.05.2025 17:01 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Merry Christmas πŸŽ„

24.12.2024 20:40 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Bug Bounty Tip

SSRF: PDF iframe Injection

Cheers!

05.12.2024 14:23 πŸ‘ 10 πŸ” 3 πŸ’¬ 1 πŸ“Œ 0
Bug Bounty Tips & Tricks Vol.1

You can purchase the pre-sale edition of the book or download the preview edition at book.therceman.dev

05.12.2024 14:23 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Bug Bounty Tip

SSRF: PDF iframe Injection

Cheers!

05.12.2024 14:23 πŸ‘ 10 πŸ” 3 πŸ’¬ 1 πŸ“Œ 0
Post image

Bug Bounty Tip

Parameter Manipulation:
Email Link Hijacking

Cheers!

03.12.2024 14:05 πŸ‘ 5 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Bug Bounty Tips & Tricks Vol.1

You can purchase the pre-sale edition of the book or download the preview edition at book.therceman.dev

03.12.2024 14:05 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Bug Bounty Tip

Parameter Manipulation:
Email Link Hijacking

Cheers!

03.12.2024 14:05 πŸ‘ 5 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0

Help Jobert Abma to claim his account. Report fake one with the proof to this X post x.com/jobertabma/s...

30.11.2024 18:07 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Bug Bounty Tip

XSS Filter Bypass: mXSS

Cheers!

28.11.2024 11:22 πŸ‘ 7 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image

Bug Bounty Tip

XSS Filter Bypass: mXSS

Cheers!

28.11.2024 11:22 πŸ‘ 7 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image

My latest blog post is live! nastystereo.com/security/cro...

Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon

27.11.2024 09:10 πŸ‘ 79 πŸ” 29 πŸ’¬ 3 πŸ“Œ 4

Thanks, good luck you too! πŸ™Œ

Waiting for my first payout from them, it’s in pending state currently. Let’s see how it goes…

Gumroad pays on time though, every thursday, but sadly only card payments accepted…

26.11.2024 18:25 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

You can now download preview edition of my bug bounty book with 3 tips & tricks

book.therceman.dev

Cheers!

25.11.2024 15:12 πŸ‘ 2 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

You can now download preview edition of my bug bounty book with 3 tips & tricks

book.therceman.dev

Cheers!

25.11.2024 15:12 πŸ‘ 2 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

Bug Bounty Tip

XSS WAF Bypass by multi-char HTML entities

fj translates to fj
>⃒ translates to > + [?]
&nvlt; translates to < + [?]

[?] - Unicode symbol

24.11.2024 19:56 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I believe this can be the place to share everything you like on your life journey πŸ˜€

23.11.2024 20:44 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Awesome! Congratulations πŸ™Œ

23.11.2024 19:36 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Yup πŸ˜€

23.11.2024 19:36 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

That’s EPIC! πŸ‘

23.11.2024 19:35 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Programming adds more value to cybersecurity and bug bounty.

It helps with automation, the creation of high-quality POCs, the ability to understand and review source code, the setup of local testing environments, and more.

23.11.2024 17:50 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Bug bounty hunters & content creators Join the conversation

The "bug bounty hunters and content creators" starter pack is now up to 60 users! Follow this to get instantly connected to the bug bounty community & let me know if I've missed you off!

go.bsky.app/GD7hKPX

23.11.2024 16:21 πŸ‘ 87 πŸ” 22 πŸ’¬ 19 πŸ“Œ 4
Post image

My bug bounty book is now available on Lemon Squeezy, offering more payment options for your convenience.

Cheers!

22.11.2024 11:33 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
DEF CON 32 - Splitting the email atom exploiting parsers to bypass access controls - Gareth Heyes
DEF CON 32 - Splitting the email atom exploiting parsers to bypass access controls - Gareth Heyes YouTube video by DEFCONConference

In case you missed it...the DEF CON video of my talk 'Splitting the Email Atom' is finally here! πŸš€ Watch me demonstrate how to turn an email address into RCE on Joomla, bypass Zero Trust defences, and exploit parser discrepancies for misrouted emails. Don’t miss it:

youtu.be/JERBqoTllaE?...

22.11.2024 07:27 πŸ‘ 95 πŸ” 30 πŸ’¬ 2 πŸ“Œ 0

Hi πŸ‘‹

22.11.2024 06:39 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Bug Bounty Tip

You can hide your XSS payload inside SVG or Math element to bypass the XSS Sanitizer or WAF filter

Cheers!

21.11.2024 20:06 πŸ‘ 16 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Any bug bounty people around? I'm creating a starter pack of people to follow but it's pretty brief currently! Let me know if you'd like to be added: go.bsky.app/GD7hKPX

21.11.2024 15:23 πŸ‘ 95 πŸ” 30 πŸ’¬ 45 πŸ“Œ 2

πŸ‘‹

21.11.2024 19:09 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Book: Bug Bounty Tips and Tricks Vol.1
Edition: Pre-Sale
Tricks: 18 Tips and Tricks
Price: $13.37 (33% OFF)

πŸ”— book.therceman.dev

21.11.2024 16:54 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Haha, every gov website has its own server PC under the table πŸ˜„

19.11.2024 14:46 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0