Rank 1 in the Last 90 Days & Rank 35 in All Time, just fewer than 90 days. 👾👾👾
Bro @intigriti, I'm being honest with you. I'm a bit savage, a bit uncivilized. 🍖🍖🍖
They send me nudes, but I f**k targets.
#Intigriti#HackWithIntigriti#BugBounty
Keep an eye on program status. When a program gets flooded with reports and starts suspending, after just one or two reports, it's often better to monitor the status automatically and submit your report ASAP.
#bugbounty#bugbountytips#cybersecurity#grateful
4/5 Reported Vulnerabilities got Accepted! 🔥🔥🔥
Recently, I found & reported many CSRFs. First thing I do is checking auth cookies' attributes.
1) Reported 2 more Open Redirects while analyzing the authentication flows.
#bugbounty#cybersecurity#grateful
@DaddyGiriga After registering an account and logging in, I try to load an endpoint with my data and then identify the authentication cookies. I check their attributes, such as the HttpOnly and SameSite flags, and take notes.
@Threat_Shield Yeah, that can happen. Before reporting low-hanging or low-impact bugs, you should always check the OOS policy. If it’s not mentioned there, technically it should be accepted.
@z0x0b Bro, leaving bugs for the future is for action movies 😂
I even got a bonus on top of the bounty for the open redirect. So nah — if I find more, I’m reporting more 😂
I collaborated with some great hackers, but the WAF doesn’t even let you get started.
@MiniMjStar 😅😂 Thanks mate. It depends — for example, in this case the CSRFs were leading to One-Click Account Deletion and One-Click ATO via Email Change, so definitely High.