@TomNomNom @rez0__ My bug hunting methodology

RT @Rhynorater: Just created an account on that other website that is coming up. Drop me a follow over there and rt this for visibility if…

@Mountainman1723 I'm sure I'm going to regret asking this... however, in this particular case what precisely do you mean by "one of those"?

💵 average bounty change from Week 45: 🔽 💵🎯 November: Met 🎉 💵🎯 2024: Met 🔥🔥🔥 💵🎯 2024 stretch: Met 🔥🔥🔥 💵🎯 2024 aspirational: Not met 🧑‍💻 50 Collabs 🪲 59 Programs ⏰ 71 Days oldest unpaid report

💵 average bounty change from Week 44: 🔼 💵🎯 November: Not met 💵🎯 2024: Met 🔥🔥🔥 💵🎯 2024 stretch: Met 🔥🔥🔥 💵🎯 2024 stretch stretch: Not met 🧑‍💻 44 Collabs 🪲 54 Programs ⏰ 64 Days oldest unpaid report

+1 to this. I've "left" this hellsite a couple of times, but keep coming back due to the community here. It definitely feels like blue sky is gaining some good momentum with infosec now though.

@InsiderPhD There have been a couple of times where a program / platform has been offering a particularly good bit of swag as a bonus that I _really_ wanted. Despite my better judgement, that seems to work on me 😆 (This post was typed on my @gitlab branded keyboard)

Oh, and I met my 2024 stretch target 😄

@inspector_amb @joaxcar Pretty much this, yes 😆

@joaxcar This is a very good year, not my absolute best (so far), but definitely better than average 😅

💵 average bounty change from Week 43: 🔽 💵🎯 November: Not met 💵🎯 2024: Met 🔥🔥🔥 💵🎯 2024 stretch: Met 🔥🔥🔥 🧑‍💻 38 Collabs 🪲 51 Programs ⏰ 57 Days oldest unpaid report

Program: We are downgrading your RCE to medium as the environment in it runs in can only access limited data. Me: If you are considering the environment, you should probably note the 3 year old kernel which could be exploited for container escape. Program: No, not like that!

@shakedko The extension config was supposed to allow list which websites could trigger an install, but there was a bug that meant any website could reset the config to default which included the wildcard domain in the allow list 🤦‍♂️

@seanyeoh @ArchAngelDDay @Hacker0x01

@ArchAngelDDay @Hacker0x01 The H1 elite poster definitely. Thinking on it, I might need to downgrade this to my third favourite, the GitHub MVH belt might just top it, although the art for this one is far superior.