Rohit

Introducing bountymeter.com 🚀 A daily journal + progress tracker for bug bounty hunters. Set your yearly goal, log daily progress, track findings & stay consistent with a live countdown to your target. Build discipline. Track growth. Hunt smarter. 🎯 #bugbountytips

@HarshDRanjan1 @claudeai Makes sense, just take care of the context you feed to the AI with each prompt or it will burn the usage limits within minutes

@rohsec @claudeai It's the Pro plan. Testing things out, i dont even know how to use it currently. will learn while using it

So day before yesterday, I joined the membership of @claudeai. Let's see what this AI can do...

@kl__san This is the next plan, i will open source it next week so you can self deploy

@rohsec can i self-host?

Introducing bountymeter.com 🚀 A daily journal + progress tracker for bug bounty hunters. Set your yearly goal, log daily progress, track findings & stay consistent with a live countdown to your target. Build discipline. Track growth. Hunt smarter. 🎯 #bugbountytips

@volklub @RenaultIndia Maybe a 6...like the global dacia version more

Rate Duster’s Design out of 10

@__mutale__ @h1Disclosed It's a N/A....reports like this is the reason the curl team has to stop their program on h1 :/

@h1Disclosed How can the severity be low

⚡ Exposed .git/config File Leading to Potential Sensitive Information Disclosure 👨🏻‍💻 zoroo2 ➟ curl 🟨 Low 💰 None 🔗 hackerone.com/reports/3612891 #bugbounty #bugbountytips #cybersecurity #infosec

@golang is way too much fun 😀 About to go on a spree building some new CLI tools 🚀 #bugbounty #bugbountytips #cybersecurity

@hetmehtaa What is IPS ?

X experience on IPS has improvised a lot!

⚡ Lack of Validation in Reward Redemption Allows Unlimited Burp Suite License Abuse 👨🏻‍💻 theokeen ➟ HackerOne 🟨 Low 💰 None 🔗 hackerone.com/reports/3378540 #bugbounty #bugbountytips #cybersecurity #infosec

@payloadartist So is gpt/5.4

Opus 4.6 is amazing.

@Xc12vm Let’s hunt with discipline 😀

@rohsec Nice one bro

🚨Attention !!🚨 Just dropped XSPulse - a fast Go-based XSS assessment toolkit for bug hunters. It supports reflected XSS, blind XSS callbacks, DOM heuristics, JS library detection, WAF fingerprinting,crawling, fuzzing, & more. github.com/rohsec/xspulse #bugbounty #bugbountytips

@0xLupin Congrats Lupin 🚀🔥

WE DID IT ! WE RAISED $5.9M PRE-SEED 🥳🎉🎉

🚨Attention Hackers !!🚨 Big tool launch tomorrow...🚀🚀 #bugbounty #bugbountytips #cybersecurity

@xofin904 Sure

@rynosec Hello pls i meed your help on burp suite

Did you know you can fetch in-scope domains, grab Burp project configs, and search through disclosed reports, all directly inside Discord? Join The BugBounty Club server now 👇 discord.gg/GNaQnBk7kD #bugbounty #bugbountytips #cybersecurity

@rez0__ Are they actually running full agentic setups that automate the whole workflow, or just using GPT/LLM tools to assist during testing? If it’s the latter, that’s always been part of the workflow for most of us, AI has been helpful for sure

Another friend: > Btw your tweet a couple weeks ago got me to press into agents and it’s been incredible I gave mine a lead that I had been stuck on for months and it found an ssrf within minutes

I am trying out zeroclaw with some free models and it has been really nice till now, the free models sucks and there are lot of security restriction in zeroclaw by default so need to sort these out by editing out the config first #bugbounty #bugbountytips #cybersecurity

@0xTib3rius @rez0__ I wanted to know, are you running openclaw on a dedicated vps with dedicated bugbounty skills and soul ? Like how are you integrating it in your methodology, hunting routine? Is your Burp traffic connected to the agent via MCP, wondering what the overall setup looks like.

@rynosec @rez0__ Yes. Will it find all the business logic and access control? No. But will humans? Also no. AI agents will get better over time, and you can run them repeatedly.

You’re telling me AI can spin up multiple container tabs, register test accounts, complete email verification, and then go on to find actual business logic and access control issues? Genuinely curious to learn about the use cases in #bugbounty @rez0__ @0xTib3rius #bugbountytips

@hetmehtaa They want your $200, just give them now

lmao 4 Prompts and I hit the session limit while using Opus 4.6