Joshua Ingya

Hello X, After a while, I'm glad to share another bounty reward. @NahamSec, @GodSpeed000123, @sisinerd, @ireteeh, @annonimous254z, @_aligorithm, @its_afolic, @bergee. Bug Tip: Check JS files for sensitive data, secrets, tokens, endpoints, etc, & exploit them. #Roadto $1K

@broken_link420 @TMobile @Bugcrowd Congratulations 👏🎉 May God honour and reward all your efforts. I’m so sorry about what happened to your dad. Wishing you and your family strength and peace 🤍

@GodSpeed000123 Congratulations to you, boss. 👏👏👏🎉

Just got rewarded [$$$$] for React2Shell (CVE-2025-55182 / 66478) #bugbountytips

Thank you LORD JESUS 🙏 I just earned my first $1,000 bug bounty from a reported vulnerability. Dedicating this win to you, Dad. I wish we could celebrate this milestone together... it feels empty without you. But I’ll keep going. 🎉✨ #BugBounty #ResponsibleDisclosure

@KIDRIANI_ Congratulations to you. 👏👏👏

Found an IDOR bug in GitHub! Key lesson: Always escalate with full detail. Got only $500 because I didn't look for a way to leak the specific GitHub application name. That small oversight cost a much bigger bounty. 🤦‍♂️ Next time, full scope or nothing,btw github is awesome.

Blind XSS fired on internal admin dashboard. #XSS #BlindXSS #vulnerability

@0x_Richard__ Thank you so much 🙏🙏🙏

@boatzonapp Congratulations 🥳

Bug: Business Logic Flaw Summary: A deleted user regained access to organization’s admin interface. Impact: The user could modify roles & delete other users even after being removed. Root Cause: Although the UI reflected deletion, the backend failed to actually remove the user.

Happy to be featured in the Wageningen University & Research (WUR) Hall of Fame.

@DanielKumaga Thank you so much for your kind words and support. I am so grateful. 🙏🙏🙏

@boatzonapp My condolences brother. May God comfort you and your family.

Hello X, Took quite a long break due to my dad’s illness, which sadly led to his passing. I'm glad to be back to bug hunting and contributing my quota to helping companies stay secure. 🐞 Bug: Open Redirect

@0x_Richard__ Thank you so much for your support. I am very grateful. 🙏🙏🙏

@boatzonapp Rest in peace to him,Congratulations on the bug

@brodaishola_ Thank you so much for your support. 🙏

@boatzonapp My condolences Joshua

@graciey_E Thank you so much, boss. I truly appreciate your kind words and support. 🙏🙏🙏

@boatzonapp My condolences, Joshua. Sending you love and all the positive energy.

@GodSpeed000123 @GodfatherOrwa Congratulations, boss. 👏👏👏 More to come. 🎉🎉

Found a critical vulnerability and scored $500! Sensitive info, including PII, employment details, and reference tokens, was leaking through URLs in VirusTotal Domain Reports Tip: Use virustotalx by @GodfatherOrwa for faster analysis. #bugbountytips #BugBounty #vulnerabilities

🔍 Proud to share my 2024 #HackerOne journey! 3 vulnerabilities discovered, specializing in web and mobile security. Every bug makes the internet safer! Thanks @Hacker0x01 for the amazing platform! 🐦💻 #InfoSec #BugBounty #CyberSecurity hackerone.com/stories-of-202…

@GodSpeed000123 Congratulations, boss. 👏👏👏 More wins!

Bypassed OTP rate limit, leading to ATO! Earned $1750 by exploiting weak rate-limiting via random parameter injection. Used ?param=XYZ with Battering Ram in Intruder for XYZ and OTP submission. #bugbountytips #BugBounty #cybersecuritytips

May God bless this Man of God. 🙏🙏🙏

⚠️⚠️⚠️⚠️ A Pastor Did this ? 😢😢😢😢😢😢😢 Oh my God.

@jesssperez95 Almost there!

These were the mini-goals I set in my notion board at the beginning of the year, time passed really fast. Almost there! 🫡 🥹 How did your hunting goals go?

@iamunixtz Congratulations. More wins to you. 👏👏👏