TanmayLP

It won't reach that person I know Still I am really sorry Ho sake to Kshama kardena 🤗

no one ever talks about how painful it is to be the one who ends a meaningful relationship. even when it's the right decision for personal growth and the greater good, it still hurts so much that i feel numb

See Ya Everyone Peace

@hacker_ ??

CLAUDEEEE. My outlook on the future has dramatically shifted overnight. Wow.

making a wife-sized emotional commitment to a woman who could not reciprocate it, for reasons outside of my control, is the worst decision i ever made however i also loved her so it’s hard to holistically regret it’s been well over a year and still feels confusing, painful

@kingcoolvikas Congratulations Happy Holi ❤️❤️

Excited to share that I’ve crossed 500+ reputation points on HackerOne! Even better — I received a few bounties during Holi, which made the festival extra special. 🌸 Grateful for the journey in security research and looking forward to finding more bugs and learning every day.

and on some days， i wish our paths had never crossed because you don't know how heartbreaking it is to know that someone like you exists in this world and i can not have you.

@vedantdotrpm Atleast u tried ☺️

chat i fucked up

@striver_79 @Shant_tiw Bhaiya kyu mood kharab kar rhe ho Aapko jo sahi lage wo karo Twitter SM audience k opinion ki jarurat nhi Saamne wale ne crime kiya He crossed the line That's it Kshama galti ko dii jaati hai Crime ko nhi 🙂

@Shant_tiw Bacchein h jaane do. Life me jab 2 month ki salary nai aaegi, tab samajh aaega. 0 dependency pe gyan dena easy hai. Block karo aise audience ko and aage niklo, best hai.

I think people coming at @striver_79 for taking action against piracy is not fair. Sure piracy has been a fair part of students lives but it doesnt make it right. Especially people targeting his character is not fair because he already provides a good set of course on youtube for free, if you really are that eager to learn use them. And last of all, piracy against smaller creators hurts the most because it demotivates people to build stuff of their own.

Hopefully one day 🤞

I am fully convinced that 2019 was the last normal year we ever had. Ever since then, it feels like everything’s broken. Everyone is constantly anxious, time moves too fast, and nothing actually feels real anymore. The world as we knew it is just gone

Don't think so 🙃

The Psychological Aspect of Bug Bounty Training and Sustainability Without Burnout Social Media vs. Real Life In this article, I want to talk about the less-discussed aspects of bug bounty. In the bug bounty world, most of us see the success posts of famous hackers on Twitter and the high rewards they earn. From the outside, everything looks very smooth, as if bugs are constantly being found. But behind the scenes, there is serious patience, stress, and a psychological battle. Beginners usually have the same questions in their minds: Which platform should I start with? Which target should I choose? Of course, these are not unimportant things, but what is actually decisive most of the time is discipline. What Really Pays Off Is Consistency, Not the Platform Whether you manually test targets, use automation, are on HackerOne or on Synack doesn’t make much difference in my opinion — what matters is progressing consistently on one of them. The common point among almost all bug hunters is regularly testing targets and publishing findings. Many bug hunters: submit reports knowing they might be duplicates accept getting rejected spend weeks talking with the triager trying to prove their report is valid Sometimes a vulnerability is accepted but the payment takes months. Sometimes you find nothing for days. Even for weeks. You might have a great month and earn good bounties, and then at the beginning of the next month you can find almost nothing — which seriously affects motivation. The non-technical but hardest part of bug bounty, in my opinion, is exactly this: Psychological resilience. This is not a sprint; it’s more like an endurance marathon. When you approach it this way, you produce more findings in the long run, and there are periods where you might even close the year strong — but of course, it’s also important to control your spending :xd. By the way, I think this is exactly the main reason many people quit bug bounty. And sometimes, you really need to take breaks while doing this work. Full-Time Bug Hunting and Financial Pressure If you are doing bug hunting full-time and you don’t have another income or savings, everything changes. Having to earn a certain amount every month creates serious pressure. For example, one month you might get dozens of critical or high reports accepted and earn the equivalent of two or three months — but financially you actually need to control yourself here. The next month, you might find almost nothing. Especially during low-report periods: it becomes harder to focus motivation drops the time spent looking at targets increases but productivity decreases This cycle is mentally quite exhausting. Clearing Your Mind While Doing Bug Bounty & The Impact of Combat Sports One of the best things you can do at this point is to create a space for yourself outside of bug bounty. Starting a sport is very beneficial — and as a few bug hunter friends of mine do, starting a combat sport really makes a big difference. For example, I do MMA, and the friend I collaborate with when we get stuck on reports has been doing BJJ for a year. It has seriously improved our performance. Because fundamentally: your mind clears stress decreases when you sit back at the computer, you can focus more comfortably But the most important thing here is balance. These activities should not disrupt bug hunting. On the contrary, they should make it more sustainable. Mental Advice for Beginners Bug bounty doesn’t only have a technical side. The mental side is a separate process that must also be learned. The clearest advice I can give to beginners: Don’t compare yourself to others. The success posts on Twitter are not your journey — and in my opinion, most of them are not very realistic. Be process-oriented, not result-oriented. Looking at targets every day is more valuable than finding one bug per month. Because if you look consistently, you will eventually find something. Don’t see days without findings as failure. On those days, you are actually improving your methodology. Don’t be afraid to take breaks. Burnout resets productivity and focus to zero. Bug Bounty Is Not a Sprint, It’s a Marathon In short, bug bounty is not a job done only with technical knowledge. It is a long journey that requires patience, discipline, and mental resilience. Unless you build a sustainable system for yourself, no matter how technical you are, it becomes difficult to continue this work in the long term. Wishing all bug hunters a more focused, more balanced, and more sustainable bug bounty journey. #BugBounty

Life before 25 march 2020

@intigriti @WebSecAcademy @PentesterLab

Top hackers! You have been asked so many times on how to start with bug bounties 😅 Help us build the ultimate beginner's guide, what resources helped you the most when starting out? 👇

@EvanKlein338226 Are you an AI? Why same tweet everytime 😅

Top 3 auth mistakes I keep finding in SaaS apps (thread) 🧵 1️⃣ Frontend-only access controls - "Hide the admin button" ≠ security. If I can reach the API, I'm in. 2️⃣ No ownership validation on sensitive endpoints - decrypt(userId) without checking if that's YOUR userId 3️⃣ Session tokens that live forever - seen tokens still valid 6+ months after logout What's the worst auth issue YOU'VE found? 👇 #appsec #bugbounty #infosec #pentesting

learn how to cook 5-7 solid meals really well... not fancy meals, just dependable, balanced and affordable ones... if you can cook beans, rice, eggs, vegetables, stew and one protein properly, you save money, eat healthier, rely less on junk and gain independence... it improves your finances, your health and even your confidence. look it’s not flashy but mastering food is mastering survival and that’s a life upgrade most people underestimate.

@princechaddha Yeah, Cool Will we waiting Thanks 😄

@TanmayLP7 Yes, this is the next step. What if we asked to write secure code? I’ll share the findings soon

We built three full-stack apps using Claude Code, Codex, and Cursor - a healthcare portal, a banking platform, and an insurance claims system. The prompts were casual, exactly how people actually vibe code. No mention of security, nothing intentionally broken. Then we threw four security scanners at them Neo, Claude, Invicti and Snyk and manually verified every single finding. The results genuinely surprised us. 70 exploitable vulnerabilities across three apps. Unlimited money creation in the banking app. Any user could create admin accounts in the insurance platform. Patient records accessible to anyone in the healthcare portal. All Critical and High severity. All shipped out of the box. But what really got me was the scanner gap. Neo found 62 of 70 vulnerabilities with only 5 false positives. Snyk found literally zero valid issues. The difference between these tools isn't incremental it's the difference between finding the bugs that matter and walking away with a false sense of security. Full blog with the stats is live. The detailed research paper with exact prompts, methodology, all the findings, and the apps themselves is coming soon.

@Prathkum Nope

Nano Banana 2 can match your handwriting.