Yūzā
825 posts


Did you think we were done learning about exploiting browsers with @ret2systems? Never! Jk - this is only the free sections :P, regardless this week we learn about the fundamentals of JavaScript!
I would consider this another beginner friendly tutorial!
Check out the latest video below!
youtu.be/5LEYPY7fceU

YouTube
English

@norsyx @thedawgyg Models offered by ollama are getting smarter. I personally tried with qwen3.5 model and it satisfy my needs. It's worth it to try since you control everything, easier to maneuver as well.
English

@thedawgyg Based on your recent activities on fuzzing, I can tell that there's loads of efforts that can be shifted to bare automation/afl then reason on cloud or locally to find hits/crashes. Kinda hybrid solution
English

@warlocksmurf Wouldn't be ethical without letting your org know first about the vulnerability before u start disclosing it. Like the other guy said, report and let them remediate, then ask for permission. If u insists, at least mask anything that can hint at the org being vulnerable.
English

What are the limits of AI-assisted vulnerability hunting? I obtained 23 CVEs in one month.
BentoML 8.2k CVE-2026-27905 HIGH
SillyTavern 24.6k CVE-2026-26286 HIGH
Plane 28.2k CVE-2026-27705 MEDIUM
NocoDB 46.4k CVE-2026-28399 MEDIUM
Mautic 8.4k CVE-2026-3105 HIGH
File Browser 27.9k CVE-2026-28492 HIGH
OpenReplay 7.3k CVE-2026-28443 MEDIUM
SuiteCRM 4.0k CVE-2026-29096 HIGH
Pimcore 3.6k CVE-2026-27461 HIGH
Craft CMS 5.2k CVE-2026-32263 MEDIUM
Froxlor 1.6k CVE-2026-30932 HIGH
Actual Budget 3.2k CVE-2026-27638 HIGH
Lemmy 14.0k CVE-2026-29178 MEDIUM
Chartbrew 2.6k CVE-2026-27005 HIGH
Tautulli 1.7k CVE-2026-28505 HIGH
Typebot 9.5k CVE-2026-33712 CRITICAL
LibreChat 34.7k CVE-2026-31942 HIGH
Coolify 33.8k CVE-2026-27883 HIGH
Gotenberg 3.0k CVE-2026-27018 HIGH
Unkey 5.2k CVE-2026-28339 MEDIUM
Piwigo 3.3k CVE-2026-27634 CRITICAL
Pixelfed 10.7k CVE-2026-27011 HIGH
Follow (Folo) 3.0k CVE-2026-27499 HIGH
English
Yūzā retweetledi
Yūzā retweetledi

I think I have completed client-side security , just one report:
Self-XSS -> Drag-Drop Payload -> Scroll-To-Fragment -> Unchecked postMessage Listener -> Text Injection -> DOM-XSS -> OAuth State Misconfiguration -> Cookie Bomb -> Account Takeover
@renwa/iframe-sandbox-bypass-cross-origin-drag-drop-unvalidated-postmessage-origin-cookie-bomb-to-21357a4d94f5" target="_blank" rel="nofollow noopener">medium.com/@renwa/iframe-…

English
Yūzā retweetledi
Yūzā retweetledi
Yūzā retweetledi
Yūzā retweetledi

The Psychological Aspect of Bug Bounty Training and Sustainability Without Burnout
Social Media vs. Real Life
In this article, I want to talk about the less-discussed aspects of bug bounty.
In the bug bounty world, most of us see the success posts of famous hackers on Twitter and the high rewards they earn. From the outside, everything looks very smooth, as if bugs are constantly being found. But behind the scenes, there is serious patience, stress, and a psychological battle.
Beginners usually have the same questions in their minds:
Which platform should I start with?
Which target should I choose?
Of course, these are not unimportant things, but what is actually decisive most of the time is discipline.
What Really Pays Off Is Consistency, Not the Platform
Whether you manually test targets, use automation, are on HackerOne or on Synack doesn’t make much difference in my opinion — what matters is progressing consistently on one of them.
The common point among almost all bug hunters is regularly testing targets and publishing findings.
Many bug hunters:
submit reports knowing they might be duplicates
accept getting rejected
spend weeks talking with the triager trying to prove their report is valid
Sometimes a vulnerability is accepted but the payment takes months. Sometimes you find nothing for days. Even for weeks.
You might have a great month and earn good bounties, and then at the beginning of the next month you can find almost nothing — which seriously affects motivation.
The non-technical but hardest part of bug bounty, in my opinion, is exactly this:
Psychological resilience.
This is not a sprint; it’s more like an endurance marathon. When you approach it this way, you produce more findings in the long run, and there are periods where you might even close the year strong — but of course, it’s also important to control your spending :xd. By the way, I think this is exactly the main reason many people quit bug bounty. And sometimes, you really need to take breaks while doing this work.
Full-Time Bug Hunting and Financial Pressure
If you are doing bug hunting full-time and you don’t have another income or savings, everything changes.
Having to earn a certain amount every month creates serious pressure.
For example, one month you might get dozens of critical or high reports accepted and earn the equivalent of two or three months — but financially you actually need to control yourself here. The next month, you might find almost nothing.
Especially during low-report periods:
it becomes harder to focus
motivation drops
the time spent looking at targets increases but productivity decreases
This cycle is mentally quite exhausting.
Clearing Your Mind While Doing Bug Bounty & The Impact of Combat Sports
One of the best things you can do at this point is to create a space for yourself outside of bug bounty. Starting a sport is very beneficial — and as a few bug hunter friends of mine do, starting a combat sport really makes a big difference.
For example, I do MMA, and the friend I collaborate with when we get stuck on reports has been doing BJJ for a year. It has seriously improved our performance.
Because fundamentally:
your mind clears
stress decreases
when you sit back at the computer, you can focus more comfortably
But the most important thing here is balance. These activities should not disrupt bug hunting. On the contrary, they should make it more sustainable.
Mental Advice for Beginners
Bug bounty doesn’t only have a technical side. The mental side is a separate process that must also be learned.
The clearest advice I can give to beginners:
Don’t compare yourself to others. The success posts on Twitter are not your journey — and in my opinion, most of them are not very realistic.
Be process-oriented, not result-oriented. Looking at targets every day is more valuable than finding one bug per month. Because if you look consistently, you will eventually find something.
Don’t see days without findings as failure. On those days, you are actually improving your methodology.
Don’t be afraid to take breaks. Burnout resets productivity and focus to zero.
Bug Bounty Is Not a Sprint, It’s a Marathon
In short, bug bounty is not a job done only with technical knowledge.
It is a long journey that requires patience, discipline, and mental resilience.
Unless you build a sustainable system for yourself, no matter how technical you are, it becomes difficult to continue this work in the long term.
Wishing all bug hunters a more focused, more balanced, and more sustainable bug bounty journey.
#BugBounty

English
Yūzā retweetledi

I hear tale Google API keys may make you $$ in bounty now: trufflesecurity.com/blog/google-ap…
Anybody pulled this off yet?
English

@VenkatDev789 @4osp3l Right click on the request and view in source. Modern browsers automatically beautify the minified versions. Of course, you can't realistically get the really clean version unless .map is available.
There are also cases where developers prevent the JavaScript from beutification.
English

@4osp3l Nice one but may I know how u see the actual source bcz in most of the cases I see the minified version only in network tab. I am a beginner to bug bounty so pls don't mind if it's a simple question
English

@shakquraa I been following all the articles you posted. Any chance you will post something on js dynamic analysis soon?
English

GraphQL introspection disabled ≠ schema protected.
🧠 Clairvoyance can reconstruct GraphQL schemas from observed queries, exposing hidden types, fields, and attack surface that apps assume are invisible.
Useful for serious recon before fuzzing or auth testing.
🔗 Source: github.com/nikitastupin/c…
#BugBounty #AppSec #GraphQL #SecurityResearch #Pentesting #Recon

English
Yūzā retweetledi
Yūzā retweetledi
Yūzā retweetledi
Yūzā retweetledi














