Day 2 – Bug Bounty Challenge - Still dealing with the flu & fever but got 5h hunting + 1h10m reading writeups on mainly focused on logic bugs. - Spent a lot of time understanding the target and test all the main features manually. - No finds, see you tomorrow. Total earned: $0

Day 3 – Bug Bounty Challenge - Started the challenge late today. Spent 3 hours hunting and 1 hour reading CaptinSHArky(Mahdi🇹🇳) writeups lots of helpful insights there. - Found 2 interesting issues but didn’t get the time to dig deeper. - Will continue tomorrow. Total earned: $0

missed the grind for 2 days, had to touch the grass but we back fr

Alhamdulillah, just discovered a new bug! -Tip: When hunting Open Redirects, try inserting //evil.com/..;/css in the URL The server treats it as a local path but the browser redirects outside Add a .js or .css file at the end. #CyberSecurity #Hacker101 #bugbountytips #BugBounty

Day 4 – Bug Bounty Challenge -Hunted for 4 hours today and found an Open Redirect in the DoS program using a nice little technique. -Spent some time on my main target but didn’t find anything yet. -Tomorrow I’ll try to push harder and get more done inshaaAllah. Total earned: $0

If you’re new or a pro at web pentesting, you gotta check out Web Hacking Arsenal by Rafay Baloch. You’ll learn useful tools and tricks to boost your skills fast and catch real bugs for real. #CyberSecurity #Hacker101 #bugbountytips #BugBounty

duplicates or not. Keep your eyes open and the rewards will come

damn got three duplicates today

My area's internets down for maintenance. So I'll be offline until it's fixed. Back soon..

Day 5 – Bug Bounty Challenge -Hunted for 3 hours today with my team and found a vulnerability, which we reported. -Didn’t study anything today, lost quite a bit of time. -We’ll continue tomorrow. Total earned: $0

I was just testing some random parameters with a very simple payloads. Payload: (parametr c=)'>"<svg%2Fonload=confirm("0xhun73r-6")> #bugbountytips #BugBounty

got the company database with a simple trick

surprise mf

i reported pure open redirect and he closed it as n/a lol

To those asking about me:

That really made me happy, thank you for saying that 🙏 I’ll do my best to get back to hunting and share notes & daily updates soon insha'allah

Damn I really missed the bug bounty vibes and all my homies here

Just released the Ultimate IDOR Testing Checklist 🧩 I combined techniques from many sources to cover IDOR scenarios. Know a technique I missed? Drop it in the comments. Notion: mrdesoky0.notion.site/Ultimate-IDOR-… GitHub: github.com/mrdesoky0/vuln… #bugbountytips #IDOR #AppSec #InfoSec

I'm back. Please if you got any good tips, notes, or writeups, I would love to see them.

I miss the early Twitter BBP community where people actually shared tips and lessons from their findings. Nowdays my feed is flooded with bounties screenshots, tools and there paid services promos and courses ads. It’s just not the same vibe anymore..