charan

@nbsriharsha @Bugcrowd

I earned $16,400 for my submission on @bugcrowd bugcrowd.com/h/defmax #ItTakesACrowd Human in the loop is the way forward.

one more triaged and paid, yayyyy!! 😍 coming back stronger.

Currently #1 in India on the 2026 HackerOne leaderboard :) #TogetherWeHitHarder

bbscope v2 is out & bbscope.com is live! A free #bugbounty tool to pull scope from HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi. Store it all in PostgreSQL, track changes, query it, pipe it into your tools Thread on what's new👇

Glad to be a part of bug bounty panel at @BSidesVizag It was great sharing the stage with Surya Subash, Laxmi Narayana @0xdln, Charan, Dhawal. A big thanks to @deathflash_xyz and their entire team for organizing it so well. Wishing you all the best for future editions.

Gear up, Indian Hackers! Exclusive LHE in Chandigarh (Virtual: Nov 15-22) & (In-Person: Nov 23). RSVP now for bigger bounties, networking, food, and awesome swags from @Hacker0x01 and program team! Don't miss out. h1.community/events/details… #BugBounty #InfoSec

You found a bug. You wrote the PoC. You hit Submit. …but what happens next? 👀 Join Sameer @sameer_bhatt5 , Senior Triager @HackerOne, as he breaks down what really goes on behind triage, reports, reviews, rejections & rewards! 🎯 Pure triager insights + 🎁 PentesterLab giveaways 🔗 Event link - h1.community/events/details… #BugBounty #bugbountytips

@0xmarvelmaniac @bsidesahmedabad Happy to meet you.

Attended @bsidesahmedabad. People I met there made it fun 👀 P.S: Really not a selfie guy and I always forget to click pictures in a public event. Met so many of you but I only got these few clicks 🫠

@techyfreakk @Hacker0x01 Congrats, bro! 🥂

Yay, I was awarded a $20,000 bounty on @Hacker0x01 #TogetherWeHitHarder Bounty aside, these words hit different 🥹

@3ncryptSaan @Hacker0x01 congrats bro 🥳🥳

Yay, I was awarded a $7,500 bounty on @Hacker0x01! hackerone.com/encryptsaan123 #TogetherWeHitHarder

@Kullai12 @posthog @Hacker0x01 Congrats, bro.

$4,000 - Github Pat Token Leak Leads to CRUD permissions $1,000 - Auth Bypass $500 - Privilege Escalation $100 + $100 + $100 = Information Disclosure $5,800 in June :) $110 worth Swag from @posthog Crossed 750 on @Hacker0x01 Finally 🙌 #hackerone #BugBounty #security

@0a_yso Access

Parsed 12k+ bug-bounty write-ups & blogs (and counting 24/7) and mapped each to CWE + language. Quick hits: • ~60% of RCEs happen in PHP/JS • >50% of GraphQL bugs are plain access-control issues Free site coming soon - reply "access" for an early invite! #bugbounty #hacking

Statement: A. Spectra Finance contracted with Immunefi to run an Audit Competition. Per our process, Immunefi provided Spectra the program draft that included the reward structure and linked to our standard competition reward terms. The Spectra team, including their CEO, conducted multiple reviews over 3+ weeks and approved the program draft that clearly stated that a single bug finding unlocks the full $40K pool. Not a single time during program drafting, marketing or during the 1.5 month hunting and evaluation period did they bring up an issue with this reward mechanic. Only when it was time to pay the community did they claim there was a disconnect in expectations. B. The program received 331 reports from 103 SRs of which 27 were confirmed reports excluding insight reports. C. After several weeks of good faith engagement to resolve the matter with Spectra including offering to contribute Immunefi program fees to bridge the gap and cover the full $40k payout, the matter remains unresolved. Spectra has not honored its commitment per the program rules they approved for publishing on Immunefi. D. We have designed our platform rules to protect the balance of interests and hold them at the highest tier of priority to protect against bad faith actions from either party. E. In this case, given the >1 month delay in payment to SRs, we have decided to make SRs whole using Immunefi’s own funds, rather than accept the unreasonably low and unfair offer made by Spectra. Their offer to pay per bug finding is precisely what a Bug Bounty program is - NOT an audit competition. F. It would have been easier for us to either shortchange SRs or quietly fill the gap in payments from Spectra but we instead chose transparency and solving the problem for SRs. Given the recent undercurrent of opacity on such issues in the web3 sec space, we decided to take the lead in defining the way forward - even if it means taking a financial hit for it. G. We would like to highlight here that this is the first case of such abuse by a project in our history of running 43 competition programs. H. To protect SRs and the platform from such abuse in the future, we will be updating our policy on pre-payment of the reward in due course.

@TeslaTheGod 🤝🤝

@0xcharan Thanks.

Year 2024 Recap: - Total H1 Reputation: 7367 & Total BC Points: 1136 - In 2024, Submitted Reports: 307 ( got paid for 220 reports and others pending bounties ) - Made over $160K in 2024 ( $100K from 🔴Critical and 🟠High Severity Reports ) - Ranked 2 in India Country Leaderboard 2024 🇮🇳 - Ranked 21 in Global Leaderboard 2024 🌎 - Invested Money in the Stock Market 💸💸💸💸💸💸 #bugbounty #Hackerone #bugcrowd

@bytehx343 Congratulations bro 🫡

This year has been incredible, filled with hard work and significant milestones. On the bug bounty side, it’s been especially rewarding. I attended my first Live Hacking Event (LHE) and had the chance to travel to Switzerland, my favorite country. I’m excited for whatever’s next!

@CristiVlad25 100,000 USD

What's your bug bounty / pentesting goal for 2025?

@0xmarvelmaniac @Hacker0x01

Currently I am ranked #1 on Reddit Bug Bounty Program's All Time LeaderBoard & 2024 LeaderBoard on @Hacker0x01 :) hackerone.com/reddit/thanks #TogetherWeHitHarder #BugBounty

@0xmarvelmaniac @Hacker0x01 🫡

24 months streak 🔥 on @Hacker0x01 hackerone.com/marvelmaniac?t… I think h1 should introduce some form of swag rewards( could be just one time awards) for maintaining streak for a certain period of time. It'll make the process more fun :)

@0xdln @Hacker0x01 @intigriti @Bugcrowd 🫡

My 2024 #BugBounty Recap - Earned 118,286$ in Bounties ( all platforms combined ) - Maintained streak for 12 months in @Hacker0x01 @intigriti and @Bugcrowd - Submitted 600+ bugs across all platforms x.com/0xdln/status/1…