When you click “forgot password”, some platforms don’t fully hide user data.
They show:
partial email (e.g. r****n@gmail.com
)
phone hints (e.g. +62 ***1234)
Most people ignore this.
R
ruyynn@infosec.exchange
@ruyynn@infosec.exchange
Posts
-
When you click “forgot password”, some platforms don’t fully hide user data. -
Hey infosec folks 👋Hey infosec folks
I built VulnDraft — a free, open-source bug report generator.
MIT licensed — fork it, contribute, do whatever.What it does:
H1/Bugcrowd/Intigriti templates
CVSS calculator built-in
Export MD, HTML, JSON
CLI + Web GUIMIT. Open source. Free.
Try it. Break it. Tell me what sucks.
https://github.com/ruyynn/VulnDraft
️ A star helps more people find it#BugBounty #InfoSec #OpenSource #Cybersecurity
-
Curious about how others approach OSINT for multi-platform username, email, and phone analysis -
Hello infosec communityHello infosec community
I'm a developer interested in cybersecurity, OSINT, and reconnaissance tooling. Lately I've been spending time building small open-source tools in Python and learning more about how different recon techniques work in practice.
Most of my projects focus on things like subdomain discovery, endpoint extraction, and attack surface mapping. I'm still learning a lot and experimenting with different approaches.
Looking forward to connecting with other researchers and developers here and learning from the discussions in the community.