@hakluke
Depends!
To old people: "I'm working with computers"
To the border agents: "I'm working in tech"
To most adults: "I'm a cybersecurity specialist"
To my friends after 2 beers: "I'm a hacker bitchezzz"
I still don't understand why some hackers are working for some free energy drinks, and then even promote the company afterwards. I guess posting your big stack of energy drinks online gets you a lot of clout, congrats!
Today is my first day as a full-time bug bounty hunter. I’m so excited about this new adventure.😀 If you're a program manager, please invite me to your programs! I’ll also be available to take some short pentesting mandates, so please DM me any opportunity you may have. Cheers!
I was facing a very strict WAF while trying to exploit a XSS : no gt/lt signs, no parentheses, no double quotes, no backticks. I was injecting inside an html tag. Turns out the solution was very simple (and not well documented):
<img src=x onerror=alert&
#40document
.domain&
#41
>
Do yourself a favor and buy a short domain, a small VPS and self-host your favorite blind XSS tool.
A couple of dollars that will get you thousands in return.. and the peace of mind!
I just crossed 10k reputation on
@Hacker0x01
🥳
Even though my objectives are not tied to internet points, it somehow feels good to hit that milestone.
It was way slower than a lot of people but I'm glad I did it, on my own pace :)
Good news, CVSS 4.0 spec has this line regarding Privileges Required (PR) :
Self-service provisioned accounts, that may be necessary to attack a cloud service, do not constitute a privilege requirement if the attacker can grant themselves privileges as part of the attack.
Found an ESI injection but all tags are blocked by the WAF?
If ESI comments works, you can try to bypass the WAF for the XSS with something like this :
<img+src=x+on<!--esi-->error=ale<!--esi-->rt(1)>
Beware of
@Burp_Suite
last update, it deleted the default directory where project files are stored (/Applications/Burp Suite Professional .app/Contents/java/app/). I lost all my Burp projects.
🚌 Hacker Bus Update: We made the insulation and flooring. We fixed the benches. Fridge is ready to go! Next step is electricity and ventilation. Taking a break for winter but plans to go from Montréal to Las Vegas next summer. Who is in? 😎
I finally reached 4k reputation on
@Hacker0x01
! I would have been really happy to reach it with a super cool bug, but it was a phpinfo disclosure. 😂🤷♂️
Now
@Burp_Suite
whole UI freezes for like 2 mins when searching in a 3mb JS file.
This tool is becoming more and more unusable. Not sure why I'm still paying for this.
Do you still think being full time bug bounty hunter is risky? Big techs are laying off thousands of people but I haven't seen many bug bounty programs shutting down 🤓
Now that I have your attention with a cool picture from my ongoing trip, please
@Hacker0x01
fix your mediation system.
It had flaws in the past but it's only gotten worst. It seems you put a lot of effort to protect programs from abusive hackers, but not much for the opposite.
Today is my first day as a full-time bug bounty hunter. I’m so excited about this new adventure.😀 If you're a program manager, please invite me to your programs! I’ll also be available to take some short pentesting mandates, so please DM me any opportunity you may have. Cheers!
Just imagine triaging for a product you never actually used b4. You receive a report, and then you have to figure out the whole thing by yourself as fast as possible. It's frustrating when triage do some mistakes, but at the same time, I understand..
(also triage my report plz)
#BugBounty2020Goals
- Make as much money (or more) from bounties as I was doing with bounties + a day job 💰
- Keep my HackerOne Impact and Signal above 90th percentile 📈
- Have a balanced lifestyle, do sports, travel the world 🏄♂️
Side quests:
- Do not starve to death ☠️
Professor ramsexy 😺
A few years ago when I started doing talks in colleges, few hands were raised when I asked who wanted to pursue a career in cybersecurity.
I definitely see a change here, as there is a LOT of interest from students. 🐛💥
@cegepsoreltracy
Yo, the last decade was crazy. Bug bounty changed my life, and I'm so grateful for everything. I'm living the best time of my life right now, let's fucking go 2020! 😎🍻
Ok so basically a black hole is a region of spacetime where gravity is so strong that nothing—no particles or even electromagnetic radiation such as light—can escape from it.
I really like this docker image. It allows you to send all your Burp traffic to a local proxy, where it is sent to your VPN.
No more messy routing while hacking :)
Last week,
@SebMorin1
and I found a bug I NEVER found in bug bounty or pentest : a SSI injection. It's an old ass class of bug that I have only seen in CTFs 😂. It feels good to exploit something new (or old? 🤔).
Today I was wondering why my payloads didn't worked while trying to exploit a SSRF through an image generator. Turns out my note taking software automatically replaces straight double quotes with opening/closing double quotes. I wonder how many bugs I missed because of that 😂🤦♂️
👀 Eyes on the prize! 👀
Want the chance to win some seriously cool PRIZES!? 📲 🎧 📸 🌴 🐁 Act fast! Start
#hacking
with CISA today, submission deadline is December 15th! 😎 👇🏽
#hacker
#bughunting
Hacking again on a program that used to be good until they tried to screw me a couple of months ago.
It feels just like I'm going back to an ex-girlfriend 😅 wish me luck
I'm doing 3 bug bounty presentations in colleges next week! And thanks to
@Hacker0x01
there's gonna be a raffle to win a Meta Quest 2 amongst all the students who attend my talks :) CAN'T WAIT! 🐛💥
This is what I like the most in being self-employed, I do what ever I want whenever I want. Skiing this morning at Mont Orford, 15 mins from home :)
#bountylife
I recorded a short video today for a MOOC (Massive Open Online Course) about cybersecurity, intended for Quebec universities students. I was quite impressed by the professionalism behind this project. Thanks
@SERENE_RISC
and
@EDUlib_ORG
for the opportunity🎥😎
I spent a couple of days in Singapore for
@Hacker0x01
#h165
. It was an awesome event in an impressive city. I'm so grateful to be able to live the
#bountylife
😀
The Bug Bounty Québec event was a huge success! 🐛
Thanks to
@DesjardinsCoop
for sponsoring the event 💰. Also, thank you to all the attendees who showed up. I'm super grateful that I was able to connect two of my passions at the same time: hacking and surfing 🧑💻🤝🏄
If too much people agrees to hack for reputation/kudos/drinks/t-shirts, that will bring the bug values down, then hackers will get less money, and same for the platforms, which benefits from people making money.
So apparently there is a "Manual testing simulator" in
@Burp_Suite
. If you type in "burp", a special Billing section appears so you can see how much money you have made while it's running. This is GENIUS! 🤑🤑🤑
I'm planning ~3 weeks van trip on the US/Canada east coast, starting may 17th at
@NorthSec_io
in Montréal. The itinerary is not decided yet, but I might go south until North Virginia. If any hackers along the way wants to hack or socialize, let me know! 🚐🇨🇦🇺🇸
Last week I had a video call with a 10 yo and his teacher. I'm doing mentoring with high school and colleges kids for a while now, but it was my first time talking with a younger kid. He was interested in a career in cybersecurity and he had a couple questions for me.
@steventseeley
RCE via ESI injection was demonstrated before in specific implementations (see
@Becojo
's bug at ) but I've never seen an ESI injection that led to RCE in the wild.
I got a last-minute invite to
@Hacker0x01
's next live hacking event in Los Angeles and I couldn't be more excited! Can't wait to test out this fun scope and see what vulnerabilities I can find.
#h1213
🌅🏄
However, incentivize VDPs with energy drinks (or rep/kudos/whatever), is a straight joke. Just imagine how clever these companies think they are when people are rushing to find bugs for some goodies and even promoting the company afterwards.
HACKFEST TICKETS GIVEAWAY
I’ll pay for the first 50 persons to DM me their name, email and ticket type (conference, CTF Classic or CTF Pro). Follow/RT suggested but optional. More info here cc
@hackfest_ca
So a month ago, I started mentoring local high school and college students on
@Academos_
. I had questions about my career from 3 students so far. It's such a great experience, I'm even considering doing some kind of internship with one of them. 👨🏫🐛💥
I've been a long time user of Burp + Firefox but I recently switched to
@CaidoIO
+ Autochrome and I love it, especially with the new PwnFox passive workflow. For the moment, I'm still having Burp running on the side for a few things like Intruder and a few extensions I use a lot.
I don't want to reply to everyone since it's really time consuming, but here some things I want to say. As a bug hunter, you don't want the global bug value to go down.
PEOPLE OF MONTRÉAL 🇨🇦
What: 5 à 7 Bug Bounty Québec 🐛
When: November 23, 5-9pm
Where: Oasis Surf, Brossard
For whom: Anyone with an interest in bug bounty. No need to be active!
Cost: FREE entry 🎟️, appetizers 🍤, drinks 🍻 and SURF 🏄
Register here:
Mastering Burp Suite training from
@Agarri_FR
is 🔥🔥🔥 I use Burp everyday since a couple of years and I can't believe how much my workflow has improved during the training.