Crossed 6k reputations on @Hacker0x01 #bugbounty #togetherwehitharder

This day, three years ago, I received my first bounty on @Hacker0x01. It still feels like it was some months ago. The feeling is still fresh within me. 3 years of bug bounty experience along with 1+ year of experience as a part-time/full-time security guy and not even 17 yet..

Released a new video on YouTube today walking through a recently disclosed bug bounty report on Shopify that paid $50,000! It was a GitHub access token that got found in a random dmg ☺️ I'm thinking I'll make a series of bug bounty report explainer vids. https://t.co/XnUgZfaUo7

Couldn't help it #conti #ransomware

I've found myself in a place where I've managed to not have any time for bug bounties again. How do I keep doing this?

Just painted my fence with my wife while my daughter had a nap, when did I become an adult?

Here's a little Go script to turn any text into a custom wordlist: Usage ideas: curl https://t.co/ueBTOwNSiH | haklistgen curl https://t.co/dfTVaV0jBa | haklistgen subfinder -silent -d https://t.co/ueBTOwNSiH | haklistgen See the readme for more! https://t.co/nZOgtkddLc

Hello world 👋 We’re proud to announce Caido: A high-performance / low memory usage web #security auditing #tool written in Rust 🎉 Interested? Register on our website to reserve your spot in our upcoming beta https://t.co/ZhfAFe28X1 #pentest #bugbounty #infosec

New blog about hacking APIs! It's a long one! @Farah_Hawaa and I put a lot of work into writing this one ☺️ Check it out!

#APIs are everywhere. tl;dr: 🔎 API vuln types 🚧 Mitigation techniques 🛸 Conspiracy theory Check out this guide to hacking APIs in 2021 by @hakluke and @Farah_Hawaa ⬇️

The #ReconMaster Contest is heating up. @hakluke spoke to us about how he went from 1st to 7th! He shares with us some of his ideas & what he learned. To those who don't know, we're offering US$5,000 for first place #reconmaster #infosec #OSINT https://t.co/u2BgRQtU2X

Shopify access token leak worth $50k (via electron app). Watch @hakluke explaining this #bugbounty report nicely! #infosec https://t.co/qwAIOT7Bor

This video is premiering on YouTube in 11 days, being released alongside a blog post on the @detectify blog. It's is a 68 minute video running through a huge stack of different resources for beginner-intermediate hackers. Can't wait for it to go live!

@nnwakelam Sorry for the late reply, I have just done all my works! When I was playing CTFs, I feel the same as you (my teammates are genius and won lots of algorithmic contest such as ACM-ICPC/IOI). The problem I got stuck and learned for weeks. They can solve it in one night (thread 1/3)

Every time I read any pdf that @orange_8361 releases it makes me want to quit hacking

Unpopular Thread : @Alra3ees is a very nice person and respectful human being, always been sharing tips with community, never disrespected anyone , proof is his profile, he made a mistake yesterday posting a profile and asking people to follow which appeared to be a parody

Computers are cool, but having friends offline is important.

The main reason why I love penetration testing is they do take the DOS vulnerability critically. MS15-034: HTTP.sys (IIS) DoS Range: bytes=18-18446744073709551615

What is that ONE bug which has contributed most in your bug bounty earnings? For me it’s Stored XSS and almost 40% of my earnings has come from this one:)

I was supposed to prepare for a job interview this week, i ended up hunting for bugs in Facebook ( and other places ); i found 5 interesting ATOs ( This is a kind of prep for the interview right? ) . Probably, i'll get more money for these than the annual salary for this job.