Md Ismail Šojal 🕷️ (@0x0SojalSec) on X

Md Ismail Šojal 🕷️

41K posts

Md Ismail Šojal 🕷️

@0x0SojalSec

Cyber_Security_Re-searcher || Ai Re-searcher || AI-Sec|| Malware Analysis II iOS || Pwn || 0SINT || Project AI-StrikeSec || 0ldAccounts Suspended @0xSojalSec ||

localhost

linkedin.com/in/0xsojalsec/

Joined October 2021

Pinned
Md Ismail Šojal 🕷️
@0x0SojalSec
Jan 10
Chinese scientists have developed, The best shortest-path algorithm in 41 years! A team from Tsinghua University has broken Dijkstra's "sorting barrier" - the first improvement since 1984. Just use for a world-map 🤯 Paper - arxiv.org/pdf/2504.17033
00:00
Md Ismail Šojal 🕷️
00:00
Md Ismail Šojal 🕷️
3.3M
Md Ismail Šojal 🕷️
@0x0SojalSec
Oct 9, 2025
The payload contains '|/???/\b**\h,' which is meant to confuse WAF rules. Unusual characters are a common evasion tactic. image by: win3zz #cybersec #BugBountytips #infosec
61K
Md Ismail Šojal 🕷️
@0x0SojalSec
Sep 3, 2022
> Wordpress juicy endpoints #bugbountytips #infosec
Md Ismail Šojal 🕷️
@0x0SojalSec
Sep 29, 2023
The new cs.github.com search allows for regex, which means brand **new** regex GitHub Dorks are possible! Eg, find SSH and FTP passwords via connection strings with: /ssh:\/\/.*:.*@.*target\.com/ /ftp:\/\/.*:.*@.*target\.com/ #infosec #cybersecurite #bugbountytip
90K
Md Ismail Šojal 🕷️
@0x0SojalSec
Apr 24, 2025
Use NextJS? Recon Tip by renniepak A quick way to find "all" paths for Next.js websites: DevTools->Console console.log(__BUILD_MANIFEST.sortedPages) javascript:console.log(__BUILD_MANIFEST.sortedPages.join('\n')); #infosec #cybersec #bugbountytips
51K
Md Ismail Šojal 🕷️
@0x0SojalSec
Sep 20, 2025
Run a Linux virtual machine in your browser, no server needed. - github.com/leaningtech/we… #infosec #cybersec #bugbountytips
54K
Md Ismail Šojal 🕷️
@0x0SojalSec
Nov 11, 2022
Top 15 - Vulnerability Scanners : 🥹⚙️ #infosecurity #Cybersecurite #bugbountytips
Md Ismail Šojal 🕷️
@0x0SojalSec
Jul 12, 2024
Sql injection ⚔️ #infosec #cybersec #bugbountytips
65K
Md Ismail Šojal 🕷️
@0x0SojalSec
Dec 11, 2022
Sites Provide Free VPS : #infosecurity #cybersecurity #bugbountytips #automations
Md Ismail Šojal 🕷️
@0x0SojalSec
Dec 31, 2022
A Chrome extension that keeps track of the injected urls with Blind XSS payloads. github.com/SeifElsallamy/… #infosec #cybersec #BugBounty #xss
87K
Md Ismail Šojal 🕷️
@0x0SojalSec
Nov 12, 2022
When you test a Django, Rails, or NodeJs web app try the following payloads in the "Accept:" header. 🥹 Payloads: ⚙️👇 #infosecurity #cybersecuritytips by @SpiderSec
Md Ismail Šojal 🕷️
@0x0SojalSec
Feb 25, 2023
If you run a bruteforce and notice weird behaviours - like "/admin/" redirecting to / always investigate these. /admin/ /admin/../admin //admin/ /Admin/ /admin;/ /Admin;/ /index.php/admin/ /admin/js/*.js /admin/*brute*.ext /admin../admin //anything/admin/ #infosec
47K
Md Ismail Šojal 🕷️
@0x0SojalSec
Jan 19, 2025
If you find PHP 8.1.0-dev then try RCE & SQLi User-Agentt: zerodiumsleep(5); User-Agentt: zerodiumsystem('id'); #bugbounty #bugbountytips #rce #sqli
49K
Md Ismail Šojal 🕷️
@0x0SojalSec
Jan 12, 2025
Finding the real IP behind Cloudflare has never been so easy. Here you are a tool to search on @shodanhq starting from a simple favicon - github.com/pielco11/fav-up #infosec #cybersec #bugbountytips
46K