๐ Just dropped my bug bounty playbook for only $2 (limited time!)
"Inside the Hacker's Mind" โ real stories from the trenches. No fluff, no step-by-step guides. Just raw vulnerabilities, actual payloads, and the mental game behind finding bugs.
Perfect for beginners hunting their first bug or devs wanting to think like a hacker.
https://t.co/Mz3djqmdp4
Came back to bug bounty after a long break. I wanted proof that I was still not behind, so I chose an easy target and looked for IDOR. Ended up finding account takeover. Target has millions of users. Even though they didn't have a bug bounty program, they paid a reward.
Feels good to receive a bug bounty again after a long break. ๐
A $500 reward from Google
Still learning, still improving, and hopefully many more to come.
#BugBounty#Google#Bugcrowd#CyberSecurity
Received a โน10,000 appreciation reward for responsibly disclosing a security vulnerability. (3 Full account takeovers)
Since there was no public bug bounty program, I wasn't expecting anything in return, so the recognition was a pleasant surprise.
#BugBounty#CyberSecurity
Attacker with gmail.readonly OAuth can read a "Send Mail As" confirmation link from your inbox and use it forever โ even after you revoke the app, and click Reject in Google's own security email.
Google's response: Infeasible.
Millions of apps hold gmail.readonly. Just saying.
5. Click it. You now send as them โ DKIM signed, SPF passing
Now victim:
โ Revokes your OAuth โ
โ Changes password โ
โ Clicks "Reject" in the security email โ
You still send as them. Token never dies.
Millions of apps casually hold gmail.readonly.
Google's take: Infeaseble
1. Build an app. Request gmail.readonly OAuth
2. Victim signs in
3. From your Gmail, add victim's email as "Send Mail As"
4. Read the confirmation link from victim's inbox via that readonly scope
Found a Gmail issue where an app with one-time Gmail read-only OAuth access could abuse the "Send email as" feature to send emails as the victim indefinitelyโeven after clicking Google's cancellation link. Google classified it as "Infeasible."
Details: https://t.co/LeZAOBKyTR
Google's VRP panel determined that my S1/P1 report does not meet the bar for a financial reward,
I've requested a review of the decision.
Has anyone had a similar experience where a non-rewarded report was later reconsidered after review?
Found a critical account takeover vulnerability in one of Indiaโs largest matrimony platforms.
The attack required zero interaction from the victim and could lead to complete account compromise.
Reported responsibly to the security team.
#BugBounty#CyberSecurity#AppSec
Found a critical account takeover vulnerability in one of Indiaโs largest matrimony platforms.
The attack required zero interaction from the victim and could lead to complete account compromise.
Reported responsibly to the security team.
#BugBounty#CyberSecurity#AppSec