3252
Talk and help about bugbounty
and if a company have to pick between 2 people it will always pick the person with the cert because clients will want people with certs testing their apps, not some random kid that says he is good at hacking but cant proved it with anything
Читать полностью…
If you are good companies won't care much about certs
Читать полностью…
you guys can start as juniors penetration tester, is not bad at all
Читать полностью…
By the way where you getting pentest job freelance?
Читать полностью…
they be stealing reports and not paying people. I remember when they costed me a cve. I Found a vuln in an US server but then after doing a keep check I found out it was a 0 day on a cisco software they were using, so I just asked them for the software name and version to get the cve and they refused to give me the info and in top of that, they solved the bug and didn't paid me.
Читать полностью…
Please share any tips and tricks to find stored xss using any tool or extension
Читать полностью…
XSS is shit that doesn't cost much. The other thing is Chrome RCE + LPE.
Читать полностью…
bug bounty is not worth it any more, not only you barely get pay but the triagger be stealing your work. ya should learn this stuff to work for big companies not just give your hard work out for 200 dollars a xss
Читать полностью…
use google dorking to search for vulns for that particular target
Читать полностью…
If anyone has the HTB premium subscription please DM
Читать полностью…
Have you tried to look at magic bytes in hex and search for them?
Читать полностью…
Anyone help me how to decode this data. I can’t able to find the actual data format
Читать полностью…
yeah that too but the problem is that companies now days will only try to pick those with the certs, now days thats the key for hr
Читать полностью…
anyone of you guys with skills should try and get a job at this. Maybe it wont be easy if you dont have any certifications like comptias, oscp, ceh or something like that, but once you get those, you can start looking for a job
Читать полностью…
so yeah people dont waste your time with this bs, you can still do it for fun or just to learn or when you are bored. not just as many do, thinking they will become rich by expending hours and hours on these programs, is not worth it.
Читать полностью…
exactly, I had been doing it for a hot minute now, i only regret not doing it earlier. we need to show these fuckers we are who made them famous and rich.
Читать полностью…
exactly this is what im saying is way better to sell your exploit than have these fuckers pay 200 dollars just for the sake of making a new post on linkedin of your new founding
Читать полностью…
There are hundreds of bugs being found in Chromium, it's just a goldmine. But exploits are already worth a lot to the government. So the conclusion guys, if you need money, sell exploits to the higher-ups.
Читать полностью…
0-day LPE/SBX to ring0 exploit for windows cost ~ $80000. Why not? Just don't sell to Microsoft
Читать полностью…
join / register on hacker101, it's a subsidiary of the HackerOne platform.
Читать полностью…
Hey, where can I find vulnerable virtual machine images to test my knowledge on?
Читать полностью…
Check out this Job
https://www.linkedin.com/posts/mayank-rajkumar-sambare_hiring-nagpur-hr-activity-7163537792747212801-r2B_?utm_source=share&utm_medium=member_android
I don't know it seems like random data but you can use base64 website to decode it.
The website has most of the formats available from UTF to ASCII.
You might find something, if you try.
Any possible method to deserialise the serialised protobuf payload
Читать полностью…