Jenish Sojitra
@_jensec
Web2 and AI Offensive Security research. Creator of http://crxplorer.com Security @Exodus
You might like
Last month was my highest in bug bounty so far with almost $131k in bounty. Total paid reports: 18 Average reward: $7.3k Category: most were logical findings via reversing mobile applications and discovering internal endpoints leading to code execution and missing auth etc
Does anyone has experience with @Microsoft bug bounty program? Specifically Azure
“Kill the boy, Jon Snow. Kill the boy and let the man be born.” This is very important if you want to do anything in life.
I live in India so according to PPP, I make equivalent $1,041,600 in states. x.com/i/grok?convers… Doing Bug bounty makes great sense looking at PPP when you are in low PPP countries but not so much when in states.
240k TC and that too without insurance, 401k, or any safety net. One flu, one triager in bad mood, one company dispute - income gone. No paid leave, no stability, no compounding equity. Damn that’s quite less unless you’re in LCOL.
I usually brute-force API paths with "Debug":true parameter and often it leads to reveal internal debug info to reverse proxies exposing API secrets and tokens.
I think portswigger.net/web-security is one of the best way to start learning web security
As someone that has no knowledge what so ever in this field, what/where would you recommend to start learning ? I'm very curious how one get into this field, it seems fun somehow
Last year, I accidently hacked into @united airlines and found an issue that allowed me to buy inflight food and merchandise for free. Funny part, Both United Security team and I had to onboard an actual flight to verify the finding. United Awarded me 500k rewards miles
~30 Bugs pending on HackerOne waiting to be paid. Hoping November to be a good month
2 months back into bug bounty with an year long break and I already made ~$40k. Imposter syndrome is real.
Nice finding - I always wondered if this type of testing is legal and allowed when there is no bug bounty program and agreement b/w parties. There are millions of companies and portal with such flows that we can exploit
BugBounty platforms who won’t stay true and transparent to hackers will lose the business.
Recently had a road trip with my mom in Italy 🇮🇹
I have created an API product for Crxplorer to help with usability and growing infra cost. Checkout crxplorer.com/api-access
You do not need Courses and Certificates to make your first 100k in InfoSec.
back in 2023, i found a vulnerability on Discord to grab a support ticket details using just it's id. ticket ids are incremental so an attacker could have enumerated the entire platform and stolen everything. i reported it to their bug bounty program. they marked it as an…
United States Trends
- 1. #CARTMANCOIN 1,703 posts
- 2. Broncos 65.7K posts
- 3. yeonjun 210K posts
- 4. Raiders 66K posts
- 5. Bo Nix 18.1K posts
- 6. Geno 18.5K posts
- 7. Sean Payton 4,765 posts
- 8. daniela 43.6K posts
- 9. #criticalrolespoilers 4,878 posts
- 10. #TNFonPrime 4,014 posts
- 11. Kenny Pickett 1,510 posts
- 12. Chip Kelly 1,976 posts
- 13. Kehlani 9,385 posts
- 14. Jalen Green 7,452 posts
- 15. Bradley Beal 3,514 posts
- 16. Pete Carroll 1,956 posts
- 17. TALK TO YOU OUT NOW 26.8K posts
- 18. #Pluribus 2,660 posts
- 19. byers 29.6K posts
- 20. Jeanty 6,503 posts
You might like
-
Youssef Sammouda (sam0)
@samm0uda -
Frans Rosén
@fransrosen -
Brett Buerhaus
@bbuerhaus -
mohammed eldeeb
@malcolmx0x -
Geekboy
@emgeekboy -
todayisnew
@codecancare -
Yassine Aboukir 🐐
@Yassineaboukir -
Th3g3nt3lman
@Th3G3nt3lman -
Julien | MrTuxracer 🇪🇺
@MrTuxracer -
Hussein Daher
@HusseiN98D -
spaceraccoon | Eugene Lim
@spaceraccoonsec -
Ali Tütüncü
@alicanact60 -
André Baptista
@0xacb -
Joel Margolis (teknogeek)
@0xteknogeek -
Somdev Sangwan
@s0md3v
Something went wrong.
Something went wrong.