Gokul SK

Have a look at my FIRST bug bounty write-up regarding the RCE i got recently. Do share if you found it helpful. link.medium.com/fumN735PaAb #BugBounty #bugbountytips #hackerone

Lazy me and lazy bugs. Found some exposed go pprof endpoints. . . . #bugbounty #bugbountytips #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

@Sank_Sec Yeah

@GokTest On subdomain?

Git folder = Goldmine 🔥 . . #bugbounty #bugbountytips #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

@acharyar00071 Private

@GokTest Private or public program?

don't leave babe, I'll find next critical soon

“Until death, all defeat is psychological”

@DeepVoid_0 @Hacker0x01 India

@GokTest @Hacker0x01 Congratulations bro where are you from which country?

It was a life changing decision to do bug bounty and @hacker0x01 is certainly a big time game changer. Thank you @hacker0x01 for acknowledging the hardwork and delivering this prestigious t-shirt all the way from California. . . #bugbounty #hackerone #bugcrowd #cybersecurity

@Hacker0x01 is so generous! Thank you for the burpsuite and pentesterlab vouchers! . . #bugbounty #bugbountytips #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

Seeing someone’s credentials are always a dopamine! When you come across a puppetDB instance dont forget to check the endpoint /pdb/query/v4/resources . . #bugbounty #bugbountytips #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

I earned $334 for my submission on @bugcrowd bugcrowd.com/gokulsspace #ItTakesACrowd

Crazy part is one more report is still under review.

This was public exposure of a sensitive file. July 10 - Marked as N/A Fought a lot with the triager Sep 3 - Rewarded. triagers are too lazy to read a report.Expect a writeup. #bugbounty #bugbountytips #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

Found backup files through directory listing. . . #bugbounty #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

When you come across on an influxdb instance, make sure to checkout /metrics endpoint. It may leak sensitive endpoints that can be accessed without authentication. . . #bugbounty #bugbountytips #hackerone #bugcrowd #hack #pentest #TogetherWeHitHarder

ZoomEye BugBounty Radar #12 | Best Practice: Discovering Origin IPs Behind CDNs When using ZoomEye BugBounty Radar, you may come across a target domain running a vulnerable web application (e.g., SQL injection), but it's protected by Cloudflare or another CDN, making direct exploitation impossible. In such cases, you can try to discover the origin IP address using ZoomEye: - Review the header, body, or SSL content of the target asset. - Look for unique identifiers — such as page titles, server banners, or SSL subjects. - Use one of these identifiers as a search keyword in ZoomEye. - If the results include IPv4 or IPv6 addresses, they are likely origin IPs for the protected domain. Example: Search using the page title — title="Welcome to XXX" Discovering origin IPs allows you to bypass CDN protection and interact with the real host — a key tactic for bounty hunters. 🚀 Learn to hunt smarter with BugBounty Radar — follow ZoomEye for daily tips. DM us for 15 days of Bounty Radar access! 🔗 zoomeye.ai/bugbounty #BugBounty #bugbountytip #CyberSec

ZoomEye BugBounty Radar #14 | Best Practice: Find Sensitive Subdomains Some subdomains may expose debug interfaces, sensitive APIs, backup files, or unfinished products — often overlooked but rich in bounty potential. Examples include: 'dev.xxx.com' — development environments Risk: weak credentials, debug endpoints, source code leaks 'test.xxx.com' — testing environments Risk: test accounts, flawed logic 'demo.xxx.com' — demo or preview instances Risk: default credentials, exposed data You can quickly find such subdomains using the following query: is_bugbounty=true && (domain="dev.*" || domain="test.*" || domain="staging.*" || domain="internal.*" || domain="old.*" || domain="backup.*" || domain="bak.*" || domain="demo.*" || domain="beta.*" || domain="git.*" || domain="repo.*") These often-overlooked subdomains may leak high-value sensitive information — don’t miss them. 🚀 Learn to hunt smarter with BugBounty Radar — follow ZoomEye for daily tips. DM us for 15 days of Bounty Radar access! 🔗 Try now: zoomeye.ai/bugbounty 🔗 User Guide: @zoomeye_team/bugbounty-radar-a-quick-user-guide-6ef72d2f04bb" target="_blank" rel="nofollow noopener">medium.com/@zoomeye_team/… #BugBounty #bugbountytip #CyberSec

ZoomEye BugBounty Radar #16 | Best Practice: Instantly Scan Bug Bounty Targets with Nuclei Combine ZoomEye BugBounty Radar with Nuclei's scanning engine to quickly identify exploitable vulnerabilities across bug bounty assets. 📌 Example: To scan for CVE-2025-53770 across bug bounty targets: nuclei -t http/cves/2025/CVE-2025-53770.yaml -uncover-engine zoomeye -uncover-query 'is_bugbounty=true && vul.cve="CVE-2025-53770"' Seamlessly pivot from asset discovery to real-time vulnerability scanning — and stay ahead in the hunt. 🚀 Learn to hunt smarter with BugBounty Radar — follow ZoomEye for daily tips. DM us for 15 days of Bounty Radar access! 🔗 Try now: zoomeye.ai/bugbounty 🔗 User Guide: @zoomeye_team/bugbounty-radar-a-quick-user-guide-6ef72d2f04bb" target="_blank" rel="nofollow noopener">medium.com/@zoomeye_team/… #BugBounty #bugbountytip #CyberSec

@VAG33K @Bugcrowd Deeeeep recon :/

@GokTest @Bugcrowd congrats, deep recon or what ?

Rewarded extra +$600 after changing it from P3 to P2. I earned $600 for my submission on @bugcrowd bugcrowd.com/gokulsspace #ItTakesACrowd #BugBounty #bugcrowd #hackerone