Ali Kareem

@alxbrsn @Bugcrowd I'm tired of entering the 2FA code everytime :(

hey @Bugcrowd can we please make this checkbox do something thanks

@Hamadrt عندك كم شخص بالكومنتات دائما يعارضوك وهمة كلهم خطأ اهدافك دائما للمستوى البعيد اثق فيها ولحد هسة اتذكر توقعك بهبوط البتكوين 73 في عز البول ماركت بشهر 1/2025 للبتكوين وكان دقيق جدا حقيقة

حبيت الصمت … تطشروا الشباب #btc

@h4x0r_dz Wait, you guys really pay for AI? I use it for free.

Goodbye Claude Max Welcome Kimi K2.6 and deepseek-v4

@krishnsec Yea, until they ban you for no logical reason.

One reliable bb program > 100 chaotic programs

@0xMstar What's the benefit? Less usage of resoruces maybe.

This is the reason that Opus accuracy & reasoning level drop significantly from Last few days , they implemented this shit internally

@rez0__ Cloud code (AI agents in general) is the new nuclei. If it spreads widely then what the difference between it and nuclei? In the field of bug bounty, if you don't have something unique then you will end by getting more duplicates.

claude code is all you need

@Masonhck3571 @Bugcrowd Only 75$? in US? in this economy?

I earned $75 for my submission on @bugcrowd bugcrowd.com/h/{id: "masonhck357"} #ItTakesACrowd 🫠🫠🫠

@zhero___ @inzo____ How can I reach you? I can't DM. I need to discuss something really important with you.

Happy to publish our first research of the year on the SvelteKit framework, downloaded over 800,000 times per week, which led to CVE-2025-67647 (w/@inzo____): Avoiding the paradox: A native full-read SSRF and one‑shot DoS in SvelteKit zhero-web-sec.github.io/research-and-t… Enjoy the read

@harbihodun2000 @Hacker0x01 I may share some tips from time to another but I've already decided to share everything once I retire from this field.

@mysanismine @Hacker0x01 If you could share a roadmap on how you started from the beginning until not about being a bug hunter, what would it be🙏

Yay, I was awarded a $3,000 bounty on @Hacker0x01! hackerone.com/mysanismine #TogetherWeHitHarder

@archyxsec @Hacker0x01 I remember where you were 1 year ago. Fantastic improvement bro.

Last quarter, I reached my peak as a full manual bug hunter, achieving personal goals that I never thought possible when I started my full-time adventure just over a year ago. Cross 3100 reputation and >29 impact reach top 9 globally. Thanks @Hacker0x01

@cyberx00t @Masonhck3571 Mostly company work policies. Personally I consider them wrong policies that don't generate positive results with hackers.

@mysanismine @Masonhck3571 Why Companies Holding Payout ???

I wasn’t going to say anything….but I have to agree with everyone’s sentiment on how long it’s been taking to get payouts going. I have over $20k in subs, between two platforms, that are already fixed and it’s been dead silent on them. Just me asking for updates🤷🏽‍♂️ Platforms, I’ve been asking this for years, but at what point do you hold these program owners accountable? Hell Hackerone has a badge for people who wait over 6 months for a bounty lol. That shouldn’t even be a thing. Researchers don’t bust their ass trying to be the first to find a vulnerability to feel absolutely forgotten. *Opinions are that of my own and do not represent my employer*

@0x_rood Enjoy it bro, I need this.

Vacation to refresh the brain

@0xMstar @Hacker0x01 Me too actually, no wildcard at all. Most of the invites are on demand and I hate this racing programs. No to mention already milked programs that launched before on H1 and then transfer to Bugcrowd. Also I think lately they've increased the number of hackers who are invited.

Yay, I was awarded a $2,000 bounty on @Hacker0x01! hackerone.com/morningstar #TogetherWeHitHarder Triaged & rewarded within hours , Time to focus on H1 i guess , Bugcrowd is not sending good invites lol. Admin panel access.

@Itx_Shad0w @Linktree_ @Bugcrowd Well, I had the same situation before more than once but Bugcrowd Triagers did their job, so just open appeal and wait. That's all what you can do.

@ArmanSameer95 @Bugcrowd I think this is not final leaderboard. Idk but it seems not accurate yet. @Bugcrowd why I can't find Iraq?

Oh wow, I’m the top 2nd hacker in the United States on the @Bugcrowd platform.

@0x_rood @Bugcrowd Let's not forget you were the reason 👊

@mysanismine @Bugcrowd Always on the top 🤙🏻

Ranked #8 on the @Bugcrowd P1-P2 Leaderboard for July 2025!

Don't rely always on sqli time based payloads. I came across endpoint, from my experience I was sure that it was vulnerable but I couldn't confirm it using time based payloads. Using "AND" 1=1 or "AND" 1=0 the result was different from "none" to display records. #bugbounty