Reported a bug but
I found a bug in a well-known company but the response from the company is not positive and the bug remains untreated. How to get that bug into eyes of that company
https://redd.it/1g6pbm1
@r_bugbounty
Need advice on how to level up in bug bounty (currently intermediate level)
Hey everyone. I started BB back in 2021, and did it mostly as a hobby. I have found (paid) bugs in a good number of organizations, including Google, Fitbit, Logitech, etc. (H1/BugCrowd/Intigriti username - mopasha). I am currently an undergraduate student, in my final year of uni. It's been about a year since I have actively hunted on a program, and just a while back decided to get back into it. However, now I'm finding that I'm stuck in this weird state of limbo, where I feel like I am not a beginner, but neither am I a consistent, high level hunter. I usually find a vuln or two on a program, then get frustrated and switch to another program (a lot). Looking for some advice on how I can level up and go to a higher level (for manual hunting, similar to godfatherorwa, samcurry, etc.). More details below:
1. I have no formal cybersecurity training, nor do I do any courses/labs. All of my knowledge has come from consuming hundreds of reports and writeups. I read these writeups, and then Google stuff and the like to learn more about what the vuln in question was, and then try and find variations of it on programs. Learn tools mostly through necessity, and by trial and error.
2. I use very little automation, just a few tools for fuzzing, subdomain enumeration, etc. Most of my focus is on functionality of the application in question, and then analyzing requests through Burp. I have found a couple of widespread misconfigurations on my own, and built my own scripts to detect that passively. (I also hunt solo and have never colabed or networked with anyone in person)
3. I focus on business logic errors, privilege escalation, BAC, IDOR and other application specific bugs. I do not test for high level XSS, SQLi, and other stuff like that unless it's obvious. Almost all of my reports are medium severity or higher.
4. I only hunt on BBPs, or programs with swag. Not interested in VDPs. I only submit to VDPs if I find them in my automation script that I wrote for the misconfig I found. (I think I have found \~30 bugs on BBPs till date.)
5. I have some time to spend, but cannot spend the entire time on BB as I have other stuff I want to explore. However, I can spare a few hours everyday.
6. I feel like even though I have been doing this on and off as a hobby, after \~3 years I should have more expertise in this. I feel like I always miss stuff that is right before my eyes. I find the most creative ways to exploit stuff, however the problem I face is I do not have an intuition of where such an exploit might exist in the application (like some spider sense of which endpoint might be exploitable or something, which the top guys seem to have).
7. Like I mentioned, I tend to switch programs a lot. I find 1-2 bugs in a program, then end up feeling like I've explored everything/the target has been hardened sufficently enough for me to not have a chance.
What I wouldn't give to watch some of the top guys live in a bug hunting session. I feel like I might learn a lot from just watching the best manual hunters just take up a target and find bugs.
So in conclusion, I am someone who considers myself moderately successful, and now I have some time to kill and am looking to go to the next level. Based on the above info, what should I change? Should I learn new classes of vulnerabilities, if so how? Should I change my methodology? I still can't comprehend how top hunters are able to find bugs so frequently even in public programs.
Any advice is appreciated. Thanks in advance.
https://redd.it/1g6kugq
@r_bugbounty
I need help
I'm male 15 years old Soon will be 16 I have been learning ethical hacking from the age of 12
I really love this field it's very interesting and I'm really curious about it I really love this domain but I don't think it's meant for me
Like I understand it and I am learning it but for example I cant solve hack the box machines without looking for hints also I have been doing bug bounce hunting for a year and a half I only found 1 bug . I love the domain it feels like a game but I don't think I'm too serious enough to be working in it and having bad wifi and being in the middle of a war it's hard for me to improve myself I just need help and guidance and a friend from the same age
https://redd.it/1g63882
@r_bugbounty
BB is not a scam
I heard everybody telling that BB was a scam and that people don't find their first bug until 6 months or more, so I was afraid to enter. I suddenly decided to start hunting for fun, I started on yesterday, I reported 2 exposures of api keys (blocked) and one valid open redirect 10 mins ago.I love computer science, pentesting and fullstack web development, so I didn't beggin as a complete newbie...
Going for more critical bugs now!!
I don't know what tools are used, I am not performing enum, just visit a web and think as a hacker.
Advices are welcome
https://redd.it/1g5fpah
@r_bugbounty
Should i open new report?
I have reported a bug and the triager closed it as informative to show an impact
I did a new poc with the impact like he said
Now the report is closed, should i reply on it anyway ? Or create a new report ?
https://redd.it/1g57771
@r_bugbounty
Need tip to get started
Hey everyone,
I want to start my journey bug bounty on bug bounty & need suggestions from you guys. I really like security part of IT from a young age & I feel like I have a passion for it. tbh I want to become a pentester for company but that requires experience and/or degree which I don't have so I want to do bug bounty hunting to earn experience, build community & possibly get a job later on. I am pretty good with OS both windows & linux. Also I have some experience on python, html & C as well. I also have built few web server for testing & used tools like nmap & burpsuite as well as understand vulnerabilities like XSS. But I don't see a clear path on How to get started & when & where should I start my hunting. On most guide I see multiple resource for same thing which confuses me tbh so a simple way to follow would be great to get started as fast as possible. Also any tips & things should I avoid are appriciated.
Thanks in advance ;)
https://redd.it/1g4zmt8
@r_bugbounty
Invitation to Participate in a Public Bug Bounty Program
A leading provider of secure and scalable solutions in the digital asset space is seeking experienced security researchers and ethical hackers to contribute to the security of its platform through Bugcrowd’s public bug bounty program.
About the Program: The organization is a trusted name in digital asset security, offering solutions that support regulated custody, borrowing, lending, and core infrastructure for institutional clients. With pioneering technologies that safeguard a wide variety of digital tokens, it plays a key role in supporting the operational backbone of its industry.
Why Participate in this Bug Bounty Program?
Rewards: Competitive payouts for vulnerabilities, ranging from $100 to $4,500, depending on priority.
Scope: The program covers key assets, including critical web applications, and provides ample opportunities for impactful findings.
Efficiency: 75% of submissions are processed within 10 days, with a transparent and fair validation process.
Safe Harbor Protections: Security research is authorized under the CFAA and DMCA exemptions for good-faith activities.
This program offers you the chance to play a critical role in maintaining the security and stability of a platform that supports a global, institutional client base.
For more details and to start participating, please visit: Public Bug Bounty Program on Bugcrowd.
We look forward to collaborating with skilled security professionals to strengthen this platform.
https://redd.it/1g4pb4p
@r_bugbounty
Using a restricted Google API key
I have tested an Android app, and I found bunch of API keys one of them is Google Maps API key.
I've tested it to see if it works or not, then I got the following message
This IP, site or mobile application is not authorized to use this API key. Request received from IP address *.*.*.*, with empty referer.
The question is, can this key be vulnerable, or is there a way to exploit it?
https://redd.it/1g4airt
@r_bugbounty
How to find JS files?
I am having trouble understanding how people are finding JS files, analyzing them, and identifying security issues. Can anyone explain?
Thanks
https://redd.it/1g4bog1
@r_bugbounty
CSRF in asp.net applications
Hello everyone! I was hunting on an asp.net app and got curious regarding the CSRF attack scenario so the usual Viewstate parameters were present in hidden html tags and were sent only on POST requests especially CRUD operations but if I generate CSRF POC from Burp for email change functionality it would automatically take all the parameters and the attack would be successful by changing the email of victim user. I knew I cant report it since there are lot of unpredictable viewstate parameters but viewstate wouldn't change until the user logs out and no antiforgery-token is also present. Any workaround on this or does viewstate prevent CSRF? If only viewstate can prevent Csrf then why did Microsoft introduce antiforgery-token for asp.net? I couldn't find any reports related to this on H1 too.
https://redd.it/1g3p75k
@r_bugbounty
Do You Test Leaked Credentials Before Reporting to a BBP?
When you find leaked credentials while bug hunting, do you test them first or report immediately? Testing could confirm impact, but might cross ethical lines. How do you handle it?
https://redd.it/1g3lp5m
@r_bugbounty
What is the impact
Found Pinata api key and secret api key, I can make some requests to the Ipfs system, read and list files, upload file, update... I report it as a exposure of sensitive data, however it seems that the apis keys are of a testing or mock container of the Ipfs of Pinata, so I don't know if this might be triggered as informational
I also reported other api keys that have free tier for apis such as infura and etherscan.
https://redd.it/1g3cpl4
@r_bugbounty
Chrome/google didn’t work either. Just trying to login for work and apparently i cant. Is it me or the site?
https://redd.it/1g35xqs
@r_bugbounty
Looking For Some Team Member For Our Team
Join Our Bug Hunting/CTF Team!
We’re building an Elite Team of Bug Bounty hunters and CyberCecurity enthusiasts on Discord—a place to collaborate, help each other problems, and take on challenges together. Whether you're experienced or just starting out, join us and level up your skills with our team!
If you're interested in joining our team, feel free to leave a comment
https://redd.it/1g30gc6
@r_bugbounty
Bug bounty collaboration
Hi guys, I'm a software engineer, for the past year I've been on and off learning pentesting, mostly doing HTB boxes and consuming hacking-related content, but I finally decided to put systematic effort into it. I'm interested in doing bug bounty, maybe someone wants to create a team to work together and share knowledge?
https://redd.it/1g2sm95
@r_bugbounty
Does anyone know what this bug is or if it's a bed bug
https://redd.it/1g6kxo8
@r_bugbounty
HackerOne triagers
https://redd.it/1g6awr9
@r_bugbounty
Best Way to Report?
I'm a beginner and recently discovered two bugs—an open redirect and an XSS vulnerability—on a website that doesn’t have a bug bounty program. Should I reach out to them via email, or is it better to submit my findings to openbugbounty.org to potentially get some recognition? I doubt they’ll offer any payment. What do you think?
https://redd.it/1g5q1qu
@r_bugbounty
Its really worth to join in this area (Bug Bounty) in 2024?
Is it still worth starting in the bug bounty field, or is there too much competition? If so, how can I get started if i already have some knowlodgement in cybersec?
https://redd.it/1g5c8by
@r_bugbounty
Ethical Dilemma: When Bug Hunting Goes Wrong - A Security Researcher's Nightmare
Two security researchers discover a critical vulnerability, but during testing, one accidentally affects a real user's account. What are the ethical and legal implications? How would this impact the vulnerability disclosure and potential bug bounty? Will both researchers be affected negatively, or will the consequences fall on only one of them? Let's discuss the fine line between research and unintended consequences in cybersecurity.
https://preview.redd.it/u7p5rsaxr4vd1.jpg?width=1024&format=pjpg&auto=webp&s=f7d120ffe63de57651f6453dc1cdfdccc32b7a15
Is there a solution, or am I in trouble now?
https://redd.it/1g514iq
@r_bugbounty
Do I have to learn web pentesting before going for Android pentesting
Hi I have intermediate knowledge of website vulnerabilityes but I don't find it much interesting to me. I'm more interested towards android pentesting but confused do I have to learn about api testing first then move to apk pentesting... Looking for your suggestion 🤌🏻 it's been only 2 months I started my bug bounty journey
https://redd.it/1g4qrcl
@r_bugbounty
🚨 Calling All Security Researchers and Ethical Hackers! 🚨 Public Bug Bounty Program launched 💰 $100 to $4,500 based on the severity of the vulnerability found
🚨 Calling All Security Researchers and Ethical Hackers! 🚨
I’m thrilled to announce that we have officially launched a public bug bounty program, and we want YOU to take part! 💥
💰 Bounties from $100 to $4,500 based on the severity of the vulnerability found!
🔗 Get involved here: https://bugcrowd.com/engagements/bitgo-mbb-og-public
We're inviting all cybersecurity experts to responsibly participate and help us strengthen the security of our products! If you're passionate about uncovering vulnerabilities and making the digital world safer, this is your chance to safely make an impact—and get rewarded for it.
Whether you're a seasoned researcher or new to bug bounties, we welcome your contributions and look forward to collaborating with the community. Let's work together to enhance the security of digital assets!
🛡️ Contribute to the security of digital assets
💰 Earn big for vulnerabilities found
🔓 Test your skills against top-tier systems
Please repost and share this with your network! 💻🔍
#BugBounty
#Cybersecurity
#EthicalHacking
#InfoSec
#Hacker
#SecurityResearch
#VulnerabilityDisclosure
#BugCrowd
#PenTesting
#WhiteHat
#CyberSecurityExperts
#HackThePlanet
#ApplicationSecurity
#DigitalAssets
#CryptoSecurity
#SecurityCommunity
#HackersWanted
#SecurityAwareness
#RedTeam
#BlueTeam
#BlockchainSecurity
#CTF
#CaptureTheFlag
#WebSecurity
#TechSecurity
#ThreatHunting
#SecureTheWeb
#HackerCommunity
#SecurityTesting
#VulnerabilityResearch
#DevSecOps
#ZeroDay
#Blockchain
#Crypto
#Web3
#Wallet
#HotWallet
#ColdWallet
https://redd.it/1g4l0pr
@r_bugbounty
Should I be selling vulnerabilities to brokers?
Hi everyone,
Can anyone share their experience working with bounty brokers like SSD Secure Disclosure, Zerodium or Zero Day Initiative? They claim to disclose vulnerabilities directly to vendors and offer high payouts to their researchers . Are these companies trustworthy?
Thanks!
https://redd.it/1g4csjf
@r_bugbounty
Help with setup for Android app testing
Heyy , doing well
Need the help with genymotion and burpsuite
Hp Omen 16 laptop
Os using manjore os (arch)
Only capture the traffic of browser only.
Getting issue with frida
https://redd.it/1g46qqz
@r_bugbounty
is it valid to report this?
I found an Reflected XSS, but I'm facing an issue. When I open the link via the URL, the payload gets encoded, so the alert box doesn't pop up. However, when I intercept the request via Burp and manually decode the URL then send the payload, the alert box executes successfully.
any ideas to make it better ?
is it valid to report it ?
https://redd.it/1g3mubv
@r_bugbounty
Free Penetration Testing Professional (CPENT) Practice Tests at Udemy
Hello!
For anyone who is thinking about going for the EC-Council Penetration Testing Professional (CPENT) certification, I am giving away my 500-questions-packed exam practice tests:
https://www.udemy.com/course/penetration-testing-professional-cpent-practice-tests/?couponCode=639D987AE59C50FC7798
But hurry, there is a limited time and amount of free accesses!
Good luck! :)
https://redd.it/1g3eu3k
@r_bugbounty
Whats the best methodology for website testing?
i keep seeing people say OWASP is good, NIST SP 800-115 is good, OSSTMM is good. so which one might be good to go with?
https://redd.it/1g36axp
@r_bugbounty
unable to connect to the target URL ('Connection refused')
Hi friends, while working on a project on my localhost, I needed sqlmap, but I encounter an error like “unable to connect to the target URL (‘Connection refused’)”, I tried the solutions I found on the internet, how do I solve this.
https://redd.it/1g323go
@r_bugbounty
How can that happen? Does October 9 come before October 8? Is 8 greater than 9?These are my first vulnerabilities that I had high hopes for... I was going to win $500, which is a very large amount in my country, equivalent to a five-month salary. Can anyone suggest a solution? Or is 8 greater than 9
https://redd.it/1g2wvlq
@r_bugbounty
mobile bug bounty
Hey all, I’m thinking about focusing on mobile penetration testing (Android/iOS) and wanted to get your opinions. There used to be a lot of high-impact vulnerabilities found in mobile apps, but with better security practices and stricter OS controls, I’m wondering if that’s still the case.
Is there still a good chance of finding valuable bugs in mobile apps today?
https://redd.it/1g2rkxw
@r_bugbounty
