你可能會喜歡
After 4 years of bug bounties and private audits, I'm excited to finally create my security company @birdseye_sec The reviews are still top and the findings are insane, but now we got a cool bird logo. SRs hmu with your portfolio if you think you'd be a good fit. TG in bio
Gotta make the SLAs mean something or bounty hunting will always be too risky of a career for top talent. I've heard nearly nothing back regarding these reports. One has already been fixed.
Results and lessons from ~1yr (2025) of full-time BB on @immunefi - 3 bugs marked as Crits and paid - 2 Crits confirmed but not paid for >5-6 months - spent ~3 months on this project - the project has been unresponsive for months now - just recently the BBP was…
luckily realized about 5 minutes in that I didn't have the wireless mic plugged in 😅 audio improves around 5min mark
BOUNTYHUNT3RZ Episode 31: w/ @0xriptide & @DrasticWM lounge by the pool at the faena hotel in buenos aires and discuss @EFDevcon Argentina, @yAuditDAO, CTFs, security outlook, competitions, getting shafted on a juicy bug bounty, judges must be crazy, auditor profit maxxing, AI…
Having an open mind is one of the greatest auditing hacks. A closed mind is like auditing blind.
A lot of SRs have reached out about joining @birdseye_sec and I've noticed a pattern. New SRs are spending too much time studying web3 sec and not enough time in the trenches, actually competing. Some study for a year before stepping into the arena. Hell I competed in my first…
Integrations are the holy grail for vulnerabilities. There's often much room for undesired execution that the dev probably didn't consider.
I'm looking for someone to create POCs for low/medium findings for a split of the bounties. DM me if interested.
When you're bug hunting and think you've found a vulnerability worth reporting, firstly check the project's GitHub for active branches. Couldn't tell you how many hours I've wasted writing up a report for a bug they already knew about.
What's the best way to stay up to date on post-exploit status? I.e. did the Balancer hacker return the funds?
I've been hunting for 4 years and I still make the mistake of rushing my report to minimize the chance of being duped. I gloss over obvious parts of the attack path because I think "of course the project will know their code and I don't need to explain the basic mechanisms."…
Today I received another request for proposal that immediately caught my eye. "Hi, Im manager of the [REDACTED] project. We are planning to develop our own crypto wallet application and would like to discuss possible cooperation with you. Please write to me on Telegram @…
Bug hunting tip: A couple of my biggest payouts came from assets that were listed in an indirect way on Immunefi. For example, a link to a project's gitbook that lists in-scope contracts. These docs change all the time and the updates won't be reflected on the BBP. Look where…
If I could assemble the dream team of bug hunters to crack a complex codebase, here's who I'd pick: - @kankodu - The godfather of shares manipulation. - @1_00_proof - An absolute giga brain to break complex maths. - @WhiteHatMage - A wizard that finds bugs as easily as casting…
A lot of talk here about how to align incentives for blackhats and whitehats so an exploit is less likely to occur. When raising the question of if whitehats should be awarded the same 10% offered to blackhats, the usual argument is: "Where will the money come from? They don't…
This is the only token I've ever wanted to buy via presale. Not sure how it will perform as an investment, but it's serving a great purpose for Web3 security.
1/ NEW: Immunefi Token Sale on CoinList 🛡️ @immunefi is the first security operating system for the Onchain Economy. • Sale opens Nov 12, 17:00 UTC • $133.7M FDV (73% discount to last private round) • 100% unlock at TGE Register ➡️ coinlist.co/immunefi
United States 趨勢
- 1. #ForTT_Telegram_sam11adel N/A
- 2. Broncos 48K posts
- 3. Happy New Month 241K posts
- 4. Mariota 13.3K posts
- 5. Commanders 33.6K posts
- 6. Bo Nix 10.2K posts
- 7. #BaddiesUSA 27.7K posts
- 8. Riley Moss 2,302 posts
- 9. #RaiseHail 5,814 posts
- 10. #ITWelcomeToDerry 21K posts
- 11. Washington 120K posts
- 12. Treylon Burks 12.6K posts
- 13. Root 41.1K posts
- 14. Chrisean 10.2K posts
- 15. Dolly 14.9K posts
- 16. #RHOP 13.1K posts
- 17. Deebo 3,150 posts
- 18. Ertz 3,133 posts
- 19. Bobby Wagner 1,071 posts
- 20. Dan Quinn N/A
你可能會喜歡
-
leastwood (latam arc)
@0xleastwood -
Kankodu
@kankodu -
dravee.eth
@BowTiedDravee -
HickupHH3
@HickupH -
yAudit
@yAuditDAO -
chrisdior.eth
@chrisdior777 -
csanuragjain
@csanuragjain -
Blockchain Threat Intelligence
@blockthreat -
gmhacker
@realgmhacker -
100proof.org
@1_00_proof -
Hans🟪
@hansfriese -
StErMi
@StErMi -
cergyk
@cergyk1337 -
nemveer
@nem_veer -
Adri
@0xadrii
Something went wrong.
Something went wrong.