DAMTAP

Repost This video youtube.com/watch?v=BFJ_5x… was a life-changing moment for me. Thanks to @GodfatherOrwa and @sakshamintech for creating this podcast, which completely changed my point of view. My First VALID BUG as P1. 🤑🤑🤑🤑

@GoodHack207 @GodfatherOrwa @sakshamintech I am not relay on tools, I mostly do manual hunting

@Damtap12 @GodfatherOrwa @sakshamintech I have an ADVANCED SSRF tool, are you interested in seeing it?

Repost This video youtube.com/watch?v=BFJ_5x… was a life-changing moment for me. Thanks to @GodfatherOrwa and @sakshamintech for creating this podcast, which completely changed my point of view. My First VALID BUG as P1. 🤑🤑🤑🤑

@krishnsec Thank you, sir. You have no idea how much your words helped me. Can I also become a great hacker like you, even in this AI era?

AI is creating more attack surface instead of reducing it , just check the VRT & search for LLM issues. everyone keeps predicting the future, but the reality is that non technical people r now pushing code, security teams are struggling to keep up with rapid reports , and new easy 0days are coming. Meanwhile, AI keeps advancing without slowing down 💯 so instead of overthinking , focus on present day problems & hunt for all bugs 🐞

@krishnsec Basically, should I just focus on raw hunting, understanding how an application works and using my own unique human brain to figure out how its logic can be broken instead of spending time learning random stuff? Is that the right approach?

@krishnsec I’ve been doing bug hunting for the past 4 months and recently found a P1 vulnerability on a public Bugcrowd program. With AI rapidly advancing, I’m uncertain about the future of bug hunting and how it will impact cybersecurity. I want to understand where bug hunting is headed.

break break break

@sakshamintech @GodfatherOrwa One day, I will be on your podcast too. @sakshamintech

Wow, congratulations…i saw your older tweets too. You were trying so hard from many days and here is the result of not giving up. I am glad i could do this contribution to the infosec community. I stopped uploading podcasts due to other work and job but your post will motivate me to record more of this where we can concentrate on adding value rather than hooey and colours.

@the_IDORminator Thank you, sir. You have no idea how much your words helped me. Can I also become a great hacker like you, even in this AI era?

@Damtap12 Yes, almost all the bugs I find come from using the app, what does it hit, and load, look in those files, look at API paths, recon, click more things, do more stuff, interact, 400 repeater tabs later you may have 50 P1s.

Most of the financial sector is not eligible to try Mythos yet. 🤔

@the_IDORminator Basically, should I just focus on raw hunting, understanding how an application works and using my own unique human brain to figure out how its logic can be broken instead of spending time learning random stuff? Is that the right approach?

@Damtap12 You know in an Easter Egg hunt, if you stop to ponder how the hunt may go instead of just picking up the eggs while they are still there, you may come to realize all the other kids got all the Easter Eggs before you were done pondering :) That was deep

@mr_c0nyy @GodfatherOrwa @sakshamintech User's full name, email, phone number, full address, zip code.

@Damtap12 @GodfatherOrwa @sakshamintech Congrats bro, what kind of user data did you find?

@GodfatherOrwa @sakshamintech Thanks for your guidance, Sir

@Damtap12 @sakshamintech Congratulations 🥂

@GodfatherOrwa @defronixacademy Thankyou SIR!!!!!!!!!!!!!!!!!!!!!!!

@Damtap12 @defronixacademy

@IslamA18269 @defronixacademy @GodfatherOrwa Go through blogs, articles, and research on Google to find out the potential impact of the exposed credentials, since impact is a crucial factor in bug bounty programs.

@Damtap12 @defronixacademy @GodfatherOrwa Thanks, listen I have found the firebase config api key and some other credentials in js files. But don't know how it would be impact full Do you have any idea

@IslamA18269 @defronixacademy @GodfatherOrwa Think opposite and be different and don't fear from crowd.

@Damtap12 @defronixacademy @GodfatherOrwa Am learning and testing for months, but zero findings, I don't know what I am missing

@hamedNiazi00 @defronixacademy @GodfatherOrwa Think opposite and be different and don't fear from crowd.

@Damtap12 @defronixacademy @GodfatherOrwa Can you guide me on where you started, how you started, and how long it took? I also want to begin

@11divk @defronixacademy @GodfatherOrwa Bugcrowd Public BBP

@Damtap12 @defronixacademy @GodfatherOrwa Public or private?

I will never give up, punch those websites someday

Not find any bug yet, but I will find valid bugs someday and that day will be mine.