s0rte

@0xConda Take some days off and recharge..I've been there 🥲

2 duplicates in the last week have absolutely crushed me. Both were super high impact issues. Spent hours writing POCs, proving impact, ensuring the writeups were solid. Sometimes you invest a lot of time in bug bounty and leave empty handed.

@philopentest Congrats!!

Reached top 40 on Intigriti's all-time chart this week after another batch of reports were accepted. Also reached the 200+ accepted reports milestone. archive.ph/GSsLa #intigriti #bugbounty #pentesting #cybersecurity

@saur1n I've recently found a blind ssrf and a full ssrf in a query parameter. Really simple but unfortunately were duplicates

@_MrPlanB It wasn't, those are like unicorns, it was inside a post body

@saur1n For sure

Is hacking an addiction?

@j6_mu Thanks bro, let me know!

@_MrPlanB Give me 1 hour I’ll pushing it to github repo

I do if you want payload of bypass I’ll send you DM

@j6_mu I've enabled the dm now

@j6_mu Hi, can you send the payload by dm? Thanks

Just scored a reward @intigriti, check my profile: app.intigriti.com/profile/sorte #HackWithIntigriti

Just unlocked an achievement at Intigriti! app.intigriti.com/profile/sorte #HackWithIntigriti

@BadAt_Computers Have you reported some sqli there?

Damn :( kinda liked hacking on bmw

@saur1n congrats! how were you able to bypass it? just a mixed encoding?

I'm humbled, you can immediately notice after the first submitted bug if the program is run by professionals or just an honest team, this is what we, ethical hackers, treasure the most

Just scored a reward @intigriti, check my profile: app.intigriti.com/profile/sorte #HackWithIntigriti

Just unlocked an achievement at Intigriti! app.intigriti.com/profile/sorte #HackWithIntigriti

@_Xiety An exceptional as known issue is wild 🥲

@_MrPlanB “Known issue” but its not written in the known issues on the program so Im confused

Great way to start the day with a Critical IDOR as Informative!

@p0psec wild🥲

Day 134 of trying to break the "duplicate" curse. This time I was 1.5 hours late.

@HackenProof fuzz faster u fool

@yeswehack Ssrf

Which type of bug do you enjoy hunting the most? 👇 #BugBountyTips

@eib_____ okok. Just curious because I recently found a blind ssrf but it's explicitly oos if without proven impact and I was wondering if report it or not.

@_MrPlanB No it wasn't out of scope, from my experience some programs don't accept blind ssrf, so I was just looking for away to show a reasonable impact

Turns out I've been sitting on a blind SSRF for more than two months, looking for a way to escalate it. Out of frustration, I submitted the bug, and it was accepted