3NVZ

@3ftetfw That’s crazy I didn’t know that it’s that bad

@YourFinalSin x.com/WhiteHatMage/s…

Is it just me or do various bug bounty platforms feel increasingly worse? First response and triage experience has gone downhill big time. I have multiple P2/High severity reports that are 15-30 days old that weren’t even looked at by triage yet..

@Xg0d_ I feel you bro

@YourFinalSin Same bro reported 11 days ago and still no response on bugcrowd 🥲

@ethical_h4ck3r_ Yeah true haha

@YourFinalSin You feel like wasting your time sometimes in bug hunting... after all this wait, and it's marked as duplicate. ☻️

@s4botai77563 Wow that’s a crazy concept

@YourFinalSin This has to be the AI slop for sure. I reported a vuln on a program that you needed to pay a $50 fee to submit a report. Was triaged and payed the same day I reported it

@Jayesh854255941 I only hunt on main apps, so I don’t do any subdomain enumeration or similar

@YourFinalSin Bro how do u select targets man I select targets with wildcards and don't get more than 10-20 Subdomains even which most of them don't have features 😭

Here is a little dork for you, if you wanna learn a thing or two about Client-Side Vuln Hunting! site:blog.criticalthinkingpodcast.io "client-side"

@Jayesh854255941 Yes, exactly

@YourFinalSin Ohh so like when u find Subdomains and all and select a target u try to find bug by checking what feature can have what bugs like Comment section can have a stored xss so u use notes that time to find bypasses and all right?

@Jayesh854255941 Yeah, I kept notes on everything that I was learning and also came back to these notes if I found something similar on a target I’m using Notion for that - it’s free

@YourFinalSin Bro how did u learn about a bug like u made notes for all bugs after solving or while solving portswigger and then reused those notes while hunting?

@Abdelmajid14619 Can't disclose, otherwise it wouldn't be a challenge anymore!

@YourFinalSin congrats what was the bug

First report accepted and paid on GitLab! 💥 Tip: Learn as much as you can about your target from public data/reports, before you start hunting on them

Another nice filter bypass - Can recommend! I just pwned the "Dojo #50 - Bucket Vault" challenge on @YesWeHack! dojo-yeswehack.com/challenge/play…

@th31nitiate Yeah for sure. Especially for highs and crits there’s always a window for an attacker

@YourFinalSin Dammmmm, dups are generally pain, but I always wonder if they can detect them. Cause an attacker can surely use those, if they can't detect them.

Another high-impact GitLab vuln found 💥 Ended up duplicate, but this one involved a nice server-side filter bypass. Getting closer, I’m not stopping until I land that paid High on GitLab!

@root_exe_ind @0xmitsurii @Lakxitt @theitgirliee @EhistheGreat @erebosai @Sigmabond01 @cyber_nii @tech_nishan001 @ApInference Good luck bro ✌️

I am officially starting the everyday posting of the cyber security journey and sharing the daily stuffs and some good stuffs and my daily progress in the cyber security. I am gonna document my never ending journey here. #cybersecurity #motivation #study #hacking #consistency

@EvanKlein338226 Yeah, for sure. They left it open for you to find it haha

@YourFinalSin "Internal Duplicate" after 2 months is brutal. The paid features tip is gold though — found an IDOR in a "premium" endpoint once that was still accessible because they only gated the UI, not the API. Defense in depth? Never heard of her.

A nice IDOR that gave access to essentially every user's private data 💥 Reported -> Triaged -> 2 months later marked as "Internal Duplicate" by the company🫠 Tip: Go deep into the app, you might find endpoints for paid features that are still accessible

Just published a new writeup about a nice chain that led to credit card theft, including a stored XSS, cookie tossing and cookie jar action 💥 Unfortunately, this was marked as informational and my disclosure request was denied lol @YourFinalSin/from-stored-xss-to-cookie-tossing-into-credit-card-theft-396b59b49326" target="_blank" rel="nofollow noopener">medium.com/@YourFinalSin/…

@1___Khalid___ @_tomek7667 I don’t have a special setup. I’m using Burp community edition and a 64gb ram windows laptop with WSL If I need to do sth in a VM I use virtualbox

@YourFinalSin @_tomek7667 Hi my friend, hope you're doing well. I've been following you since the beginning and learned a lot from your posts. Could you recommend a PC setup specifically for bug hunting? I don’t play games—only bug bounty hunting (Burp, browsers, VMs).

This is a very interesting approach on bypassing DOMPurify via String.replace It was for a CTF, but I'm pretty sure it could come in very handy 💀 Kudos to @_tomek7667, insane job! youtube.com/watch?v=mniM5H…

@NeverGiveUP8333 Yeah, new attack surface is always more interesting to look at imo

@YourFinalSin sorry for bothering did you choose that attack surface based on a reason, for example did you check if is it updated regularly or if it's new?