Mark Rick รีทวีตแล้ว
0 duplicate or Internal finding
Pyro@0x3b33
Lazarus group has been paid ~1.6B in bug bounties last year
Română
Mark Rick
18 posts
@0xHiteshRaj @h4x0r_dz Lol hackenproof is worse. Do osint about your platform before choosing it.
English
@h4x0r_dz All are same bro, I found 3 critical bugs on Hackenproof, Hackenproof rejected them all, after that the project fixed all the bugs that I found.
English
Hackerone is a scam
Shubham Gupta 🇮🇳@hackerspider1
Hi @Hacker0x01 what kind of scam is this? I wrote full details to him with screenshots of exploitation and this is what they are saying. xD They have done same thing before keep asking me for more information once I gave them full details they closed it as duplicate. #hackerone #hackers #bughunters
English
@ItsAlexhere0 AI Phobia is real. Some shit their pants when they see `—`
English
@GrabID Give @Property_PUR_IS his money! You banned him from hackerone and scammed him!
English
Bangun pagi, nganter anak sekolah, pulang tidur lagi, abis tuh ngantor
Indonesia
@MichaelTrevor77 @raslanco_ Dont read? I swear if he report that again, it will be a duplicate of new from an h1 account that was dead from 2 years ago.
English
@raslanco_ The triager don't read the report, I have same issues.
English
@Cachorroexausto @h4x0r_dz @AnthropicAI No way, mate. I dont want to start getting dups again. Go hunt somewhere else 🤣
English
English
Mark Rick รีทวีตแล้ว
My friend reported this issue via The scam bug bounty platform called HackerOne
The unskilled Hackerone team closed the report as informative / no security issue LOL
this is another reason why every big company like @AnthropicAI should host their own bug bounty program by itself and avoid trash platforms like HackerOne
BuBBliK@k1rallik
> Anthropic ships Claude Code as an npm package > someone runs `ls` on the source map > entire codebase just sitting there. unobfuscated. > plugins, skills, tools, hooks, commands - everything > internal architecture of the most hyped AI coding agent, fully readable > Anthropic says nothing > meanwhile they're selling Enterprise contracts > the source map was in the registry the whole time > nobody checked security through obscurity lasted about 3 months.
English
@Cachorroexausto @h4x0r_dz @AnthropicAI I've had bounty, took 6 months in a managed program that had 2 days on the profile, that's irrelevant, and self hosted was a way better experience for me.
English
@h4x0r_dz @AnthropicAI I believe the HackerOne process is fundamentally broken, but self-hosted programs can be even worse. I’ve had cases where bounties took more than two years to be paid.
English
@GrabSG Give @Property_PUR_IS his money! You banned him and scammed him!
English
Earlier today, we had a system error that resulted in Grab's app displaying unusually high prices. We know this was an unwelcome surprise, and we sincerely apologise for this. The error was due to a misconfigured fee, which was corrected within 20 minutes.
While Grab's safeguards automatically prevented most bookings with incorrect charges from going through, we did find some users who were affected by today's incident.
For every user who was affected, we've already processed full refunds for the incorrect charges as of 9pm today. We are doing everything to learn from this so it doesn't happen again. Our customers trust us with their daily needs and we don't take this for granted.
If something doesn’t seem right, please reach out via DM so we can help resolve it. Thank you for your patience and understanding on this.
English
@unknow_mallware @hackthebox_eu Write the repo well it currectly looks like ai slop, document everything very precisely.
English
The signal is strong. Let’s not assume the rest is 📡
Meet the HTB Certified Wi-Fi Pentesting Expert! A hands-on certification designed to teach you how modern Wi-Fi networks really work, how they’re assessed, and where they tend to fall apart.
From understanding wireless behavior to testing today’s protections in realistic scenarios, HTB CWPE is built for people who want real Wi-Fi pentesting skills, not surface-level knowledge. Learn more: okt.to/5xDXZm
#HackTheBox #HTB #CWPE #WiFiPentester #Cybersecurity #WiFi
English
HackerOne is good when you have good connections , otherwise you get scammed
Abdulkadir | Cybersecurity@cyber_razz
Unpopular cybersecurity opinions that would get you in this position?
English
Mark Rick รีทวีตแล้ว
@z0ksh_ @xqd @yeswehack I mean yeah ofc the customer interest is the primary priority. If they dont do that, the platform would not exist. But think deeply because they can't just ban you for no reason. You are the researcher, and you are their second interest.
English
@markrick731 @xqd @yeswehack Yes, the programs report me and their job is that they give a ban only the most important thing is the customer's interest and money because I don't do anything
English
Alhamdulillah.
Happy to share The last bounty on @YesWeHack before the incomprehensible ban.
#BugBounty #YesWeHack #HallOfFame #CyberSecurity #InfoSec #Pentesting #BugHunter #WebSecurity
English
@z0ksh_ @xqd @yeswehack You got banned because some program reported you or what? Did you do any wrong ? Did you use a leaked test account on testing, for example?
English
@xqd @yeswehack There is no reason for them, the client or the program, as long as he pays them more important than the researcher, they only execute 🤣
English