How I reverse-engineered an Android app, bypassed custom encryption layer, achieved server-side RCE, and earned a $5000 bounty. read the full story here (TLDR; but worth reading) https://t.co/xgvffzspiB

$7500 again, there is a 20k or 25k in the way...

this one is brilliant! you may have seen GIS OAuth during hunting (I have, many times), XSS + ATO. I recommend reading and studying this write-up (author does not have X acc)✌🏻 https://t.co/x6BiMUpHNC

google fits me well, complicated flows, noisy HTTP requests, lots of JS codes, like a jungle where you should hunt down a small rabbit :]

Choose a life with options.

another one on Google

impact increased to S1, im expecting $20k for this one :]

my first cashout from Bugcrowd arrived, the bank deducted ~$60 for international transfer fee and I'm not sure know it's normal or not (I have never received $ from BC before)

It flies, glides, and returns to your hand. Holiday deal—grab it now! ⏱️

public program on BugCrowd, tip: in OAuth, check every "login with" seprately. Google, Apple, etc. each might have different implementaion and flaw, btw I'm going to write a blog post for 0-click, the scenario was interesting, happy hacking

Another one on Google VRP. this one is an old-buggy-pettern storing data as an object in State parameter and processing it in OAuth callback. I couldn't manipulate final url using attacker/domain or attacker@domain, but with attacker\u002fdomain. I expect 20k or 13k for this ;]

they issued $7500, I was expecting $15000 but their statement were reasonable so I'm happy with, trying to put more time on Google

new to Google VRP, seems google does not define the bounty amount right after triage, the bug is on an AI product (I cannot name it here), I'm not sure how much bounty should I expect here

North American PEA Shows After-Tax $1.25B NPV at US$3,650 Gold

why are most SPA web apps vulnerable to DOM XSS? I've found MANY bugs in Oauth when custom implementation gets involved, many ATO and DOM XSS. never overlook custom OAuth setups, like what? storing DATA in state parameter, happy hunting :]

This one was easy: searched JS files → revealing endpoints → JSON HTTP request → exposed PII. Tip: account for lazy-loading. many hunters miss endpoints. Method: click to trigger lazy-loaded JS, then search again for endpoints. Happy hunting :]

I haven’t fully returned to BB since my H1 acc was suddenly closed, but this week I tried to start working again. I spent some time on BC and found an XSS and an IDOR, the XSS was easy with a simple payload :]

If a CSPT bug can't be exploited on the same origin, you can pivot it to another one. Cloudflare Image Transform can act as a cross‑origin gadget to reach more sensitive endpoints on different origins - you can read more about it here ;) https://t.co/jOQOkpdHVJ

20 days ago I found a uXSS and reported, it got triaged now, I'll publish a blog post after fix and vendor permission, it's my first bug that I'm not happy with due to recent H1 situation 🖤

From deep brain stimulation to reanimating paralyzed limbs, cutting-edge neurotechnology is transforming what’s possible for patients with movement disorders, paralysis, and psychiatric conditions. Listen to the latest Science@UH episode.

Due to the repeated screw-ups and zero transparency around bans by @Hacker0x01, I’ve chosen to leave with dignity. My account is now fully deactivated and to be removed. If you need my services, I’m still available at @Bugcrowd @intigriti @immunefi @HackenProof @StandoffBB

Really disappointed to see @Hacker0x01 do this. I also had a similar interaction with h1 about a month ago where they questioned my nationality and place of residence after 10+ on the platform.

I also submitted another ticket, but it was closed within just one hour without any response. After everything, I believe I still deserve a chance to be reviewed. I value transparency and am ready to provide any documents or explanations required. Thanks for reading 4/4

Although H1 may have their own reasons, I’m 100% sure there’s been a misunderstanding here. I don’t hack on other platforms, H1 was my main income, which is now terminated along with 230 open reports worth around $50k. But beyond money, what matters most to me is my identity 3/4

Magnesiacore panels can be applied to wood, metal, steel and masonry structures using a variety of mechanical fasteners, including screws, bolts, rivets, brads, staples, and nails. It can also be easily laminated over existing surfaces using adhesives and cements.

I really appreciate Youssef for the Tweet, he’s been very supportive. Around 10 days ago I received a message about a permanent ban from H1 with only a vague statement and no further communication, so I couldn’t understand the reason 2/4