Mohsin Khan

Thank you @Bugcrowd

I spent ~6 hours yesterday working on a target. If you check my recent post about "Step 1", I was on part "D". I found 3 distinct P1s, one of which probably could have been broken down into 8 specific BAC issues but that sounded like too much work. Issue 1: LFI/traversal As I mentioned, this was found by searching all of my recon files (batch GAU outputs) for "filename=", then tinkering with any of them that looked susceptible. This was literally a one-liner in a GAU file, that could have been easily overlooked because the stem of the URI path actually ended in .PDF, which turned out to have no impact on the URI param itself. Probably why it was missed in the past. So it looked like /app/filename.pdf?filename=test.pdf; but /app?filename=test.pdf still brought the file back, and the LFI was in the filename param. Issue 2: Account Takeover After self registering on a site, I was able to find a section that lets you "invite a user" to your team, and assign a role like admin. However, the payload didn't check the team integer belonged to me, so I could invite myself via email as an administrator to any team in the system, granting full access. Oops. This was an IDOR in a POST JSON body. You find this stuff by using the software and interacting with it. Issue 3: Privilege Escalation BAC After self registering for a site, I dumped all of the API paths from any JS I could find. I made sure to remove any that said logout or logoff. I do this so my session isn't logged off while testing. I then hit them all in intruder with my authenticated session, and noted those which did not 403 or 302 redirect to the logoff or logon page (indicating no access). I then assessed each request that had a 200, and noted ~8 administrative pages that had read/write access to important functions and PII. In summary, no I do not think bounty has gotten any harder, looks like the same game. That was about a $2500/HR hunting spree assuming no duplicates and what not. AI is a capable tool now for hunting, but it will be a long time if ever before it effects the bug count on the internet at large. That said, I hear actually getting triaged and paid may be a different matter these days 🤣 How did AI help? AI was able to very quickly help me find LFI paths given the architecture/stack to dump important files AFTER discovering the bug. This would have been more difficult in the past. I use it for very specific tasks to speed things along, help with payloads, parse JS, and things of that nature... when needed. Its not the first thing I turn to.

the duality of Claude

when claude hits you with the "🎯🎯🎯 MASSIVE" and the "🎉🎉🎉 CRITICAL", you know the results are going to be disappointing

Which one is actually better: Claude AI or Codex?

@Paraguin58 4k Dreams

Tried magnesium glycinate and literally woke up screaming because i had a dream that the little green wrestler dude from Peacemaker broke into my house and attacked me. Honestly 10/10 would recommend

@bug_vs_me @Payoneer_Help @Payoneer company wale aapke name pe transfer nhi krege sir mujhe invoices send krna hota h

@tabaahi_ @Payoneer_Help @Payoneer Merko bhaj de

Hey @Payoneer_Help @Payoneer my payment of $1,664 (Payment ID: #988364323 | Customer ID: #103667206) was canceled after sitting in "upcoming" for 5 days, and then you permanently closed my account with zero explanation.

@amansmughal @Payoneer_Help @Payoneer setting up an account sir

@tabaahi_ @Payoneer_Help @Payoneer Use Wise’s multi-currency account.

@arth_bajpai Customer Rule: "Disappear for 6 Month and comeback stronger"

So many scammers in bug bounty nowadays Reported bug 6 months ago on a fresh invite, no activity now marked informational saying endpoint being decommissioned and no fixes Whereas bug is fixed and endpoint is still alive #uniqe_scam i might post more of these scams in future

Bug bounty and AI-generated reports are scaling faster than any team can triage manually. Most read like real vulns now -- the only way to know is to actually reproduce them. Triage does exactly that. Reproduces every report in an isolated sandbox, confirms exploitability with real evidence, and filter the noise automatically. Works with HackerOne, Bugcrowd, Claude Code reports. projectdiscovery.io/triage

If you’re a good bug bounty researcher, AI amplifies your skills. If you lack the foundations, you just become a victim of slop, and so do the programs you hack. Applies to all other fields.

@Chai_Angelic पापी पेट का सवाल है |

This is Poverty .. It doesn't even see the age 🥹

@cyber__razz Mere liye ab Plan B kaam nhi krega dost 🥲

PLAN A: Cybersecurity PLAN B:

@galnagli BOOM P1

One critical a day keeps the doctor away

Telegram CEO explains why he never had depression.

@SaiAnvii Itna to time lag hi jata hai yr job preparation krne me. Itna to chalta hai 🙂

POV: you are downloading npm packages in 2026