Discover and read the best of Twitter Threads about #Bugbountywriteupspublished

Most recents (1)

2FA Bypass Techniques thread ๐Ÿ”ฅ๐Ÿž๐Ÿ”“
-------------------------

๐Ÿ“Œ2FA Code Leakage in Response:

You can intercept otp using burpsuite and inspect http response and check if the 2FA code leaked

#hackerone #BugBounty #bugbountytips #BugBountyTip Image
2. JS File Analysis:
----------------

๐Ÿ“ŒAnalyze all the JS Files that are referred in the response to see if any JS file contains information that can help bypass 2FA code.

#hackerone #BugBounty #bugbountytips
#hackeronereport #Bugbountywriteupspublished #BugBountyTip Image
3. Lack of brute-Force Protection:
-----------------
๐Ÿ“Œtype 2FA code and capture request using burpsuite
๐Ÿ“Œsend request to intruder and send request for 100โ€“200 times .
๐Ÿ“ŒAt 2FA Code Verification page, try to brute-force for valid 2FA and see if there is any success.
Read 11 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!