bugbountygroup | Unsorted

Telegram-канал bugbountygroup - Bug bounty chat

2114

Talk and help about bugbounty

Subscribe to a channel

Bug bounty chat

All I can say that you can find everything in the Internet

Читать полностью…

Bug bounty chat

I don’t think that this is a good idea sharing black hat resources here

Читать полностью…

Bug bounty chat

There's a lot of competition as well. And those bb sites are highly secure.

Читать полностью…

Bug bounty chat

Yeah, but when I see a lot of online gurus preaching how anyone can earn thousands, I can help but laugh my ass off and then shed a tear. 🥲

Читать полностью…

Bug bounty chat

You just go and find e.g exposed WordPress admin creds on the dark web, then put your webshell in it.
But bug bounty!? Argh

Читать полностью…

Bug bounty chat

But bug bounty is a lot harder and the uncertainty is a real deal

Читать полностью…

Bug bounty chat

I don't have much experience in Programming, but gonna learn it anyways

Читать полностью…

Bug bounty chat

I am thinking of moving to pen tester in future

Читать полностью…

Bug bounty chat

Testing for 50 hours and all you got is n/a and dupe

Читать полностью…

Bug bounty chat

Right 🥲 ngl working for a company a lot better than this

Читать полностью…

Bug bounty chat

I think you should report it

Читать полностью…

Bug bounty chat

I also found a bug on a popular site in which you can bypass 2fa in Password Change and can send spam emails to any users which will block them for a certain time from changing their password.

Читать полностью…

Bug bounty chat

It is significant 🥲🥲🥲 darn

Читать полностью…

Bug bounty chat

Well this is privacy violation 😅
I also found similar things but they closed it as informative and they fixed it after closing it 😆 toxicity of bug bounty

Читать полностью…

Bug bounty chat

https://www.linkedin.com/posts/abdullah-parvez-95a8a926b_exploit-development-and-metasploit-activity-7272499074627461121-cLry?utm_source=share&utm_medium=member_android

Читать полностью…

Bug bounty chat

Osint & research = black hat 🤔

Читать полностью…

Bug bounty chat

I think self-learning is the way.
There's limited resources about black hat afaik.

Читать полностью…

Bug bounty chat

Hmm...I don't have much experience in Dark Web. But it sounds kinda cool, do you have any resources that you can share about black hat hacking and stuff?

Читать полностью…

Bug bounty chat

Hm doesn't matter to me

Читать полностью…

Bug bounty chat

Damn! Living in Europe and earning in USD is not a good tradeoff according to a lot of people because of the exchange rate. Is it true?

Читать полностью…

Bug bounty chat

I'm from Europe. I also have experience in black hat hacking 🥲

Читать полностью…

Bug bounty chat

I'm trying to do that rn. I have experience in programming as well but the job market is very tough as u said

Читать полностью…

Bug bounty chat

Ikr! But when I see how little the job holders are getting paid nowadays, it's such a turn off! And also the job market is really really tough these days

Читать полностью…

Bug bounty chat

I think I'm gonna become a bug bounty hater too. It has a lot of negative impact on life.

Читать полностью…

Bug bounty chat

But I am afraid if they mark it as N/A, I am gonna lose reputation and signal 🥲

Читать полностью…

Bug bounty chat

But didn’t report it yet as I am not sure if they will accept it.

Читать полностью…

Bug bounty chat

Damn! That's absolutely ridiculous!

One guy from discord told me a story about a similar situation. One of his friends found a bug on MacDonald's website in the + - section of cart. He can increase quantity as many as he wants without changing the price.
He reported it to MacDonald but MacDonald didn’t pay them anything so he started to mass tweet about it, and finally MacDonald gave in and paid them. MacDonald was pissed off because of the mass tweets and also the guy ordered a lot of free food abusing the bug. 😆
He suggested that I do it too.

I am gonna open a resolution on the report, and if I don't get anything Imma head over to twitter.

Читать полностью…

Bug bounty chat

I can send thousands of emails using a password reset endpoint of a private bug bounty program. There's also authentication bypass (I can register with any email I do not own e.g. elon@tesla.com).
It is usually a p2 since I wrote an exploit, I can use it as a mass scale attack. But they give it a p5 lol I really hate this

Читать полностью…

Bug bounty chat

👾Mastering Exploit Development & Metasploit – A Step-by-Step Guide👾

Читать полностью…

Bug bounty chat

Hello hello,

I published new bug bounty writeup. Have a read. Please share and clap.

https://vijetareigns.medium.com/email-and-home-address-disclosure-using-unauthenticated-api-endpoint-worth-500-4a497ff0678c

Читать полностью…
Subscribe to a channel