Appsec.pt

I was looking for bugs in a web target and saw a promising Employee-only endpoint. 5 minutes later, I managed to get access to it, and when I noticed how critical it was, I reported it and got a very generous reward 💰 Learn how I did it systemweakness.com/my-first-5-min…

Some time ago wrote an article where I presented the easiest to find Web Application Bug of 2026. I notice that a lot of people in the Bug Bounty and Pentesting world are still neglecting this bug and missing out on bounties 💸 Check it out! medium.com/bugbountywrite…

Some time ago wrote an article where I presented the easiest to find Web Application Bug of 2026. I notice that a lot of people in the Bug Bounty and Pentesting world are still neglecting this bug and missing out on bounties 💸 Check it out! infosecwriteups.com/the-easiest-bu…

BreachCollection Lifetime Ultra users now have access to the Export Leaks as CSV feature 📝 Access up to 1 Million leaked credentials in a single query on BreachCollection.com

Bug bounty hunters: How has AI changed the game for you? Has bug bounty become harder, more competitive, and lower ROI since AI became mainstream? Considering the time invested vs. rewards, do you still see BB as a strong career path for the next 5–10 Years? what's your thoughts.

Bug Hunting for hours and not finding much? You might need to try new stuff… I wrote about a technique that few hunters ever tried, and that has brought me good results. Maybe it’s what you need to break the duplicates curse 😉😉 Check it out! systemweakness.com/my-first-5-min…

Have you ever tried setting up a Hackbot for Bug Bounty but stalled due to not knowing how to do it properly?🤖 I just wrote a blog post about how I set up one of the most crucial parts of my Hackbot, the Auth Testing Agent Check it out! @Appsec_pt/building-a-hackbot-for-bug-bounties-auth-testing-subagent-setup-02cc9cb89196" target="_blank" rel="nofollow noopener">medium.com/@Appsec_pt/bui…

Have you ever tried setting up a Hackbot for Bug Bounty but stalled due to not knowing how to do it properly?🤖 I just wrote a blog post about how I set up one of the most crucial parts of my Hackbot, the Auth Testing Agent Check it out! @Appsec_pt/building-a-hackbot-for-bug-bounties-auth-testing-subagent-setup-02cc9cb89196" target="_blank" rel="nofollow noopener">medium.com/@Appsec_pt/bui…

Have you ever tried setting up a Hackbot for Bug Bounty but stalled due to not knowing how to do it properly? 🤖 I just wrote a blog post about how I set up one of the most crucial parts of my Hackbot, the Auth Testing Agent 🕵️ Check it out! @Appsec_pt/building-a-hackbot-for-bug-bounties-auth-testing-subagent-setup-02cc9cb89196" target="_blank" rel="nofollow noopener">medium.com/@Appsec_pt/bui…

Feeling a bit lost in Bug Bounty? 🦗 Maybe you’re just looking for the wrong bugs, like I was some time ago. Check out the article I wrote about the best bugs to look for in 2026 and how I adapted myself to succeed in the current state of Bug Bounty infosecwriteups.com/which-bugs-to-…

Feeling a bit lost in Bug Bounty? 🦗 Maybe you’re just looking for the wrong bugs, like I was some time ago. Check out the article I wrote about the best bugs to look for in 2026 and how I adapted myself to succeed in the current state of Bug Bounty infosecwriteups.com/which-bugs-to-…

Feeling a bit lost in Bug Bounty? 🦗 Maybe you’re just looking for the wrong bugs, like I was some time ago. Check out the article I wrote about the best bugs to look for in 2026 and how I adapted myself to succeed in the current state of Bug Bounty medium.com/bugbountywrite…

@4osp3l @MartinShkreli Yeah, deepseek has a very very low refusal rate. I have been using v4 pro as an orchestrator and v4 flash for simpler and shorter tasks. It is quite good, but I am still improving the prompts I give it and the overall methodology. It is quite cheap. 3B tokens for 27$ only 😂

@MartinShkreli Deepseek V4 flash on OpenCode 🫂

what are the most cybersecurity-friendly models for identifying vulnerabilities right now? mythos isn't accessible, chatgpt cyber still refuses. what's out there that isn't a wimp?

Looking for new tools to elevate your Bug Bounty results? Check out the article I wrote about my tool NextRecon, which has helped me find dozens of bugs in web Bug Bounty targets! infosecwriteups.com/stop-leaving-b…

@0xMstar I am at 1.6 billion tokens for 17$. I always take advantage of the off peak hours discount and I use both v4 pro and v4 flash

Consumed 500 million tokens in Deepseek v4 , just cost me 15$ .. Very cheap .

Bug Hunting for hours and not finding much? You might need to try new stuff… I wrote about a technique that few hunters ever tried, and that has brought me good results. Maybe it’s what you need to break the duplicates curse 😉😉 Check it out! infosecwriteups.com/which-bugs-to-…

Bug Hunting for hours and not finding much? You might need to try new stuff… I wrote about a technique that few hunters ever tried, and that has brought me good results. Maybe it’s what you need to break the duplicates curse 😉😉 Check it out! systemweakness.com/my-first-5-min…

Feeling a bit lost in Bug Bounty? 🦗 Maybe you’re just looking for the wrong bugs, like I was some time ago. Check out the article I wrote regarding the best bugs to look for in 2026 and how I adapted myself to succeed in the current state of Bug Bounty infosecwriteups.com/which-bugs-to-…

Feeling a bit lost in Bug Bounty? 🦗 Maybe you’re just looking for the wrong bugs, like I was some time ago. Check out the article I wrote regarding the best bugs to look for in 2026 and how I adapted myself to succeed in the current state of Bug Bounty infosecwriteups.com/which-bugs-to-…

@DDstnat45465 The exam consists of lots of directory bruteforce and general recon, JWT secret cracking, insecure deserealization attacks, SQL and NoSQL injections, CVE exploitation and some theory questions.

@DDstnat45465 I have not done the eJPT, but I do assume it is quite a bit harder, as the eJPT is aimed at novice hackers and the eWPTX is for more experienced ones. 18 hours is more than enough. I only used about 10 (including generous breaks). 💈

Just passed the eWPTX exam by INE🥳 If you have any questions regarding the certification or the preparation for the exam, make sure to drop me a reply!