43961
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
The Blueprint to Your First $1,000+ Bounty
https://www.youtube.com/watch?v=8DnphDtFt3Y
🔥 Black Friday is here! Get Burp Bounty Pro for just €79/year – save €40!
Optimize your web vulnerability scans with advanced customization and faster audits.
⏳Offer valid until Cyber Monday! https://bountysecurity.ai/pages/burp-bounty
From Prospect to Partner: Jon Stone Shares HackerOne Career Story
https://www.hackerone.com/culture-and-talent/prospect-partner-jon-stone-shares-hackerone-career-story
Breaking out of VRChat using a Unity bug
https://khang06.github.io/vrcescape/
Robots.txt, Hash Cracking and Path Traversal - "Pizza Paradise" [INTIGRITI 1337UP CTF 2024]
https://www.youtube.com/watch?v=qPxKyYrf9p4
Complete guide to finding more vulnerabilities with Shodan and Censys
https://blog.intigriti.com/hacking-tools/complete-guide-to-finding-more-vulnerabilities-with-shodan-and-censys
Wiz observes CVE-2024-0012 and CVE-2024-9474 exploitation | Wiz Blog
https://www.wiz.io/blog/cve-2024-0012-pan-os-vulnerability-exploited-in-the-wild
Wormable XSS www.bing.com
pedbap/wormable-xss-www-bing-com-7d7cb52e7a12" rel="nofollow">https://medium.com/@pedbap/wormable-xss-www-bing-com-7d7cb52e7a12
The cyber threat landscape part 2: Threat actors and their motivations
https://blog.intigriti.com/business-insights/the-cyber-threat-landscape-part-2-threat-actors-and-their-motivations
The $2,200 ATO Most Bug Hunters Overlooked by Closing Intruder Too Soon
mokhansec/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732" rel="nofollow">https://medium.com/@mokhansec/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732
Bypass Email Verification in Mozilla
0d-amr/bypass-email-verification-in-mozilla-2ab45ac36c42" rel="nofollow">https://medium.com/@0d-amr/bypass-email-verification-in-mozilla-2ab45ac36c42
YesWeHack Hunter Interviews - #11 Pwnii: “Don't forget that a duplicate bug is a valid bug”
https://www.youtube.com/watch?v=cYHqLMgdzAk
Leveling Up Fuzzing: Finding more vulnerabilities with AI
http://security.googleblog.com/2024/11/leveling-up-fuzzing-finding-more.html
Fortune 1000 at risk: How we discovered 100k vulnerabilities
https://escape.tech/blog/fortune-1000-at-risk-30k-exposed-apis-100k-vulnerabilities/
263 - FortiJump Higher, Pishi, and Breaking Control Flow Flattening
https://dayzerosec.com/podcast/263.html
Ruby 3.4 Universal RCE Deserialization Gadget Chain / nastystereo.com
https://nastystereo.com/security/ruby-3.4-deserialization.html
PentesterLab Blog: How JWT Libraries Block Algorithm Confusion: Key Lessons for Code Review
https://pentesterlab.com/blog/jwt-algorithm-confusion-code-review-lessons
The OAuth Oversight: When Configuration Errors Turn into Account Hijacks
nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16" rel="nofollow">https://medium.com/@nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16
The cyber threat landscape part 3: Evolving attack techniques and tactics
https://blog.intigriti.com/business-insights/the-cyber-threat-landscape-part-3-evolving-attack-techniques-and-tactics
Prototype Pollution in NASAs Open MCT CVE-2023-45282
https://visionspace.com/prototype-pollution-in-nasas-open-mct-cve-2023-45282/
Navigating the Leap: My Journey from Software Engineering to Offensive Security | OffSec
https://www.offsec.com/blog/navigating-the-leap-my-journey-from-software-engineering-to-offensive-security/
Disclosure of 7 Android and Google Pixel Vulnerabilities
https://blog.oversecured.com/Disclosure-of-7-Android-and-Google-Pixel-Vulnerabilities/
Latest Nuclei Release v3.3.6!
https://github.com/projectdiscovery/nuclei/releases/tag/v3.3.6
Quantifying the Value of Bug Bounty Programs: ROI, ROM, or Both?
https://www.hackerone.com/vulnerability-management/quantifying-value-bug-bounty-programs-roi-rom-or-both
Is THIS the most underrated skill in bug bounty?
https://www.youtube.com/watch?v=X1zirlaeBd4
From an Android Hook to RCE: $5000 Bounty
https://blog.voorivex.team/from-an-android-hook-to-rce-5000-bounty
Buffer Overflow: Overwriting Stack Variables - "Rigged Slot Machine" [INTIGRITI 1337UP CTF 2024]
https://www.youtube.com/watch?v=ZKtRuZMqo2o
Remediation for CVE-2024-20767 and CVE-2024-21216: Protect Yourself Against Two Recent Critical Bugs Exploitable in the Wild
https://blog.securelayer7.net/coldfusion-path-traversal-and-weblogic-unauthenticated-rce-remediation/
Crushing FUD: Embracing Ethical Hackers to Strengthen Cybersecurity
https://www.hackerone.com/vulnerability-management/crushing-fud
Hacking Unity Games with Cheat Engine and dnSpy - "Bug Squash (part 1)" [INTIGRITI 1337UP CTF 2024]
https://www.youtube.com/watch?v=VoT74JOGWgA