When there are few restrictions on tools during bug bounties

Hello everyone! I participate in bugbounties, and I found a site with only one sentence regarding the use of the scanner.

>Excluded Submission Types
>
>Vulnerability reports which do not include careful manual validation - for example, reports based only on results from automated tools and scanners or which describe theoretical attack vectors without proof of exploitability - will be closed as Not Applicable.

In this case, can I say that there are few constraints on the scanner or the automation tool, unless I copy and paste the results? I wonder if I can use the default values of the tool without setting a request per second in this case.

https://redd.it/1c8h6zm
@r_bugbounty

Gadget on Marriott

I got something on Marriott, unable to exploit. single quote to get out of attribute.

I'm wondering if anyone knows if Marriott is accepting reflected XSS, I can read from their page:

Out-of-Scope Activities

Web Cache Poisoning, Reflected XSS, UI redressing via custom .html files

Anyways, here is the gadget, tried XSS and dom clobbering, cannot pop it

https://all-inclusive.marriott.com/click-reservation/asdasd'caninjecthere

https://redd.it/1c8i9tv
@r_bugbounty

What can I test on the 'ver=' parameter in URL that I got from gau ?

Hello all, as the question suggests, am looking for something to exploit on the ver= parameter in the URL. Gf patterns show's there's a chance of RCE on it but idk how ?
Can someone suggest what can i test ?

https://redd.it/1c8lah7
@r_bugbounty

what do you think about android end points ?

I recently started testing API for IDOR and access control violations, I configured my old android phone to capture traffic in burp, but I want to ask, if it's really worth a time to test api endpoints ? I want to test something which is less competitive and I figured android endpoint would be the perfect candidate , is my understanding correct ?


I am new to bug bounty

https://redd.it/1c8l7c9
@r_bugbounty

Bug bounties other than web

Hey I am interested in big bounty but don’t want to go into the web app pentesting side of it cause I feel there’s more competition and its not my cup of tea. I love digging deep in files using linux command line basically forensics. I know basic C, Python and can learn any other language if needed as its just understanding the syntax, I know networking stuff.
Just wanted to know which areas would suit me I just want to get started and please mention some sites where I could hunt and get responses.
Any input will be appreciated.
Thank you 💖

https://redd.it/1c8megv
@r_bugbounty

Is anyone good here with manually testing XSS & is willing to teach it out of goodwill?

If there's anyone please comment.

https://redd.it/1c8sydy
@r_bugbounty

Does anyone know what kinds of Beatles these are also look at the little jumping spider so cute

https://redd.it/1c8xydj
@r_bugbounty

Happy holiday!

It’s even like a professional holiday.

https://redd.it/1c8z1mj
@r_bugbounty

how to setup hackerone ACCOUNT WITH ALL STEPS PLEASE HELP



https://redd.it/1c96pp5
@r_bugbounty

Why do bug bounty’s ? The company has all the leverage and can under pay you ?

I’m honestly really new to all of this but besides hacking there are also many ways company’s are at risk to massive loss .

To me it seems kinda unfair let’s say I know for a fact a company can loose 10 million in a month. I show them and. They pay like 500$ dollars.

Literally could have just exploited what ever I found.

All jokes aside tho there are various platforms im aware of that are susceptible to 500k in losses at the minimum. They would only need to change minor things some major. How would I go about telling them. Would I have to declare what I’ve found before getting paid ?

If so maybe I should just exploit them ?

https://redd.it/1c98bxm
@r_bugbounty

Hey guys, I made a YT channel where I show BugBounty PoC. I'm still beginner to the field and YT but hope you guys enjoy. ❤️☺️
https://youtu.be/4ukbgT5mQBk?si=rEIwv2iziu8X0H3Y

https://redd.it/1c9mvve
@r_bugbounty

VPN on cloud VMs

Hey all

I did try w proton and nord on DO and AWS. Loosing connection to the VM in both cases(tho required some additional movement w proton). So the question. Has anyone successfully connected to any vpn from any cloud provider? Also do you know if DO monitors port scans a lot? I know gcp does.

https://redd.it/1c9pova
@r_bugbounty

Submitting similar bugs together or separately

I'm reading through the codebase for an application with a program on Hackerone and there a number of different areas in which the programmers used the same user input in the same, unsafe manner. Each case results in the same security bug. Is it acceptable to submit each of these separately since they occur at different parts of the program, or is it expected that I reference each of them in a single report?

For what it is worth they could fix all of them by properly sanitizing user input when it first arrives.

Thanks

https://redd.it/1c9ry1d
@r_bugbounty

Is it necessary to study django in bughunting?

Do I have to learn Django after Python in bug hunting or can I skip it now?

and i have studied in programming

html

css

basic of js

python and i will study mysql as database

what i need too

​

https://redd.it/1c9yvr0
@r_bugbounty

Should I learn MySQL or SQL Lite with Python?

"bug hunting field"

https://redd.it/1ca1dpb
@r_bugbounty

Is bug bounty dying?

Lots of programs are leaving hackerone and other platforms daily. Is bugbounty dying?

https://redd.it/1ca4pur
@r_bugbounty

Hackerone triagers closing more cases as N/A?

I work on a large program and dabble am a hacker myself. I've noticed over the last couple of weeks, a lot more reports which would normally be closed as informational have been closed as N/A, which impacts a hacker's reputation. It seems like H1 triagers have been cracking down on reports with no or minimal impact. Anyone else notice this?

https://redd.it/1cag4zn
@r_bugbounty

5 submissions, all are duplicates

For the past 6 months, I am trying to become a bug bounty hunter but no luck. I found 5 vulnerabilities out of which 3 are high/critical but It's always getting closed as a duplicate.

Do I need to change my strategy, I am loosing hope. I am doing manual research only most of the time


https://redd.it/1cb1ipj
@r_bugbounty