Ten years ago today I sent my first bug bounty report. It was to PayPal. Fascinating to see some things are very different now from then, but some things are still exactly like they were.
@fransrosen
Great Mr. Frans would like to see those iPhone screenshots of XSS found during flight. Was fascinated when you explained in one of your talk !
@fransrosen
Your mindset changes at your first $$$$ bounty. It lets you realize that with work, focus and dedication they're is something to earn from this field. A Stored XSS, gave me a goal, paid for my OSCP and lead to a full-time job...
@fransrosen
My first bug on h1 also is on the Paypal program but it gets Informative because I did not give PoC to improve more impact. I think if other hackers know it at that time maybe they can escalate it to higher impact 😢