I need a place to rest.

It's hard to find a internship of fuzzing for me

I'm feeling really down right now.

Crypto/math bugs found in the past few weeks

EVM fuzzers

#Python

Happy hacking!

You guys rate vulnerabilities, why don't you rate companies? Some companies are just garbage, they don't fix their vulnerabilities, they wait for us to waste our time submitting reports and then give us a duplicate bugcrowd

Are your auditors really professional? A vulnerabilitie that allows free users to use the quota of paid users is classified as p4. Strangely, another one is classified as p3. Can you unify your standards? Or does it depend on the mood of the auditors? bugcrowd

I get a lot of DMs asking how to start in bug bounty. I can give you 4 advises that helped me a lot: 1. Stop reading writeups and watching videos and start hunting. 2. Check JS0N Haddix's methodology (got my first bounty this way) 3. Start practicing in Hack The Box (D̒̕ᵈăᵃn̕ᶰ Ť̾̾̓͐͒͠ᵗe͗̑́̋̂́͡ᵉn̅ᶰtᵗl̀̓͘ᶫe̓̒̂̚ᵉrʳ🫡)

I earned $100 for my submission on @bugcrowd #ItTakesACrowd

1996: "Smashing The Stack For Fun And Profit" was published in the hacker zine, Phrack. The article by Elias Levy (aka Aleph One) introduced many to stack buffer overflow vulnerabilities and how to exploit them.

Just in time for Christmas: a repository for decrypting many encrypted D-Link firmware images. Also integrated into Binwalk for auto-magic decryption & extraction. github.com/devttys0/delink

I tried my hand at exploiting an nday on the Google Container Optimized OS instance in kCTF but sadly was very late to the party. Here is my exploit write-up for it. I learned a lot during the process, let me know what you think. I'll post TL;DR in thread h0mbre.github.io/Patch_Gapping_…

Hackers rejoice! We are releasing the Phrack 71 PDF for you today! Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue! The CFP is still open, you can find it and the PDF link at phrack.org

Interested in vulnerabilities in old video games? 🎮 Check out our latest article written by Tomtombinary on Heroes of Might and Magic V 👇 synacktiv.com/en/publication…

I still remember when I had to put out a press release saying that afl-fuzz was too dangerous to make available to the general public

Submission limits are being enforced, but some of my vulnerability reports have been pending for over 2 months with no review. This creates a bottleneck where I can’t submit new findings or continue contributing. Intigriti