3186
Talk and help about bugbounty
All I can say that you can find everything in the Internet
Читать полностью…
I don’t think that this is a good idea sharing black hat resources here
Читать полностью…
There's a lot of competition as well. And those bb sites are highly secure.
Читать полностью…
Yeah, but when I see a lot of online gurus preaching how anyone can earn thousands, I can help but laugh my ass off and then shed a tear. 🥲
Читать полностью…
You just go and find e.g exposed WordPress admin creds on the dark web, then put your webshell in it.
But bug bounty!? Argh
But bug bounty is a lot harder and the uncertainty is a real deal
Читать полностью…
I don't have much experience in Programming, but gonna learn it anyways
Читать полностью…
Testing for 50 hours and all you got is n/a and dupe
Читать полностью…
Right 🥲 ngl working for a company a lot better than this
Читать полностью…
I also found a bug on a popular site in which you can bypass 2fa in Password Change and can send spam emails to any users which will block them for a certain time from changing their password.
Читать полностью…
Well this is privacy violation 😅
I also found similar things but they closed it as informative and they fixed it after closing it 😆 toxicity of bug bounty
I think self-learning is the way.
There's limited resources about black hat afaik.
Hmm...I don't have much experience in Dark Web. But it sounds kinda cool, do you have any resources that you can share about black hat hacking and stuff?
Читать полностью…
Damn! Living in Europe and earning in USD is not a good tradeoff according to a lot of people because of the exchange rate. Is it true?
Читать полностью…
I'm from Europe. I also have experience in black hat hacking 🥲
Читать полностью…
I'm trying to do that rn. I have experience in programming as well but the job market is very tough as u said
Читать полностью…
Ikr! But when I see how little the job holders are getting paid nowadays, it's such a turn off! And also the job market is really really tough these days
Читать полностью…
I think I'm gonna become a bug bounty hater too. It has a lot of negative impact on life.
Читать полностью…
But I am afraid if they mark it as N/A, I am gonna lose reputation and signal 🥲
Читать полностью…
But didn’t report it yet as I am not sure if they will accept it.
Читать полностью…
Damn! That's absolutely ridiculous!
One guy from discord told me a story about a similar situation. One of his friends found a bug on MacDonald's website in the + - section of cart. He can increase quantity as many as he wants without changing the price.
He reported it to MacDonald but MacDonald didn’t pay them anything so he started to mass tweet about it, and finally MacDonald gave in and paid them. MacDonald was pissed off because of the mass tweets and also the guy ordered a lot of free food abusing the bug. 😆
He suggested that I do it too.
I am gonna open a resolution on the report, and if I don't get anything Imma head over to twitter.
I can send thousands of emails using a password reset endpoint of a private bug bounty program. There's also authentication bypass (I can register with any email I do not own e.g. elon@tesla.com).
It is usually a p2 since I wrote an exploit, I can use it as a mass scale attack. But they give it a p5 lol I really hate this
👾Mastering Exploit Development & Metasploit – A Step-by-Step Guide👾
Читать полностью…
Hello hello,
I published new bug bounty writeup. Have a read. Please share and clap.
https://vijetareigns.medium.com/email-and-home-address-disclosure-using-unauthenticated-api-endpoint-worth-500-4a497ff0678c