GitLab disclosed a bug submitted by sateeshn: - Bounty: $12,000 #hackerone #bugbounty

As promised, a blog post in response to a reader's email. "Reading RFCs for bug bounty hunters" — This blog post covers how reviewing RFC literature can be beneficial for bug bounty hunters, and includes tricks for speeding up the reading process.

You shared topics you would like to see bug bounty hunters blog about. Here is an opportunity to be featured in my next blog post and have your bug bounty questions answered. ➡️ Send me a DM or email with your question, and I will respond to the best questions in a blog post.

New blog post: "What Bypassing Razer's DOM-based XSS Patch Can Teach Us" —

Don't assume XSS in out-of-scope/sandboxed domains is not worth reporting! Check out how you can escalate it for a bigger impact in this video.

New vid is out! It talks about two bugs I found in 1Password worth $3,300 that everyone overlooked and it has 3 bug bounty tips at the end of the video. What future areas of security would you like us to explore?.Big 👍 to @wacms666 for video editing .

Video is up! I'll show you how to decrypt @1Password encrypted data, and you will be surprised how little crypto knowledge is required to do so 🤓A good example to show leveraging the resources on the internet can make hacking so much easier

New @0xReconless video! I will talk about how you can abuse IDN and Unicode tricks to make short domains for XSS that has a length limitation, bypass URL/SSRF validation, and many more!.