Received my highest every bounty today of $45k.
21.02.2025 02:04 — 👍 10 🔁 0 💬 4 📌 0Received my highest every bounty today of $45k.
21.02.2025 02:04 — 👍 10 🔁 0 💬 4 📌 0
Exploring the DOMPurify library: Hunting for Misconfigurations mizu.re/post/explori...
10.02.2025 18:49 — 👍 4 🔁 1 💬 1 📌 0Project successful. Found my first bug using an LLM!
05.01.2025 08:50 — 👍 3 🔁 0 💬 0 📌 0It's a shame there are no maintained Langchain implementations for Go. Had to switch to Node because of the limitations with the current, unmaintained Go library.
04.01.2025 00:58 — 👍 0 🔁 0 💬 0 📌 0I suppose the solution to this is error handling where you let the LLM know the file they specified wasn't found. It's just such an odd concept and feels completely different than any programming I've done in the past.
03.01.2025 07:44 — 👍 1 🔁 0 💬 0 📌 0I don't know if success rates improve with more expensive models like o1 or o1-mini, but 4o is not consistent for me. Supplying the ability for it to fetch files works 90% of the time, but other times it'll add an extra comment after the filename, causing an error.
03.01.2025 07:44 — 👍 1 🔁 0 💬 1 📌 0
My project this week includes Langchain project to analyze javascript files.
I've actually had some pretty good results so far. Having an LLM make decisions in a program's execution is really interesting and useful (when it works).
Though, I have no idea how anyone uses this in production.
Do you still participate in Bug Bounty?
23.12.2024 04:04 — 👍 0 🔁 0 💬 0 📌 0
Slow bug bounty year for myself. 2024 stats...
5 lows
4 mediums
9 highs
3 criticals
While my number of submissions was very low, my average bounty was around $11,200, allowing me to only submit a couple bugs a month without feeling too bad.
I'm kind of surprised. At this point, I can cause all `if` and `switch` branches to execute, I ignore `break`s, and ignore `return`s that don't have a value. I was expecting websites to completely break, but they're almost all completely functional.
10.12.2024 23:17 — 👍 0 🔁 0 💬 0 📌 0Neat.
09.12.2024 04:28 — 👍 3 🔁 0 💬 3 📌 0What are US based bug bounty hunters doing full time nowadays? Full time bug bounty? Security engineering? Research?
08.12.2024 03:49 — 👍 3 🔁 1 💬 1 📌 0Thanks! I'm going to try this.
06.12.2024 06:07 — 👍 0 🔁 0 💬 0 📌 0I have severely underestimated the difficulty of this.
06.12.2024 05:19 — 👍 1 🔁 0 💬 1 📌 0
State of the art XSS using the ISO-2022-JP charset
hackvertor.co.uk/hack-pad/2
I got this to run, but it doesn't work as well as I'd like. Decided to modify v8 myself and rebuild Chromium, which has actually been a lot of fun.
05.12.2024 08:50 — 👍 2 🔁 0 💬 1 📌 0
Beyond that research paper (which unfortunately, the code is not open source), I found this recent talk: www.youtube.com/watch?v=kQOM...
That has an open source solution (I have yet to test): github.com/wspr-ncsu/FV8
It actually seems like something like this has been implemented before for malware analysis: chungkim.io/doc/www17-jf...
04.12.2024 22:28 — 👍 1 🔁 0 💬 1 📌 0
For additional context, I'd like code like so...
if (false) alert('x');
to execute the `alert` despite the false condition.
Unless there's some magic functionality that allows this in extensions that I'm unaware of, the only other thing I can think of is modifying an existing browser's functionality, which I'd really like to avoid.
04.12.2024 22:14 — 👍 1 🔁 0 💬 1 📌 0
I want a way to change code execution flow of javascript within the browser. I'd love to be able to do this through an extension, but there seem to be too many limitations (i.e. no ability to monitor / modify conditional statements at runtime).
I'd like to avoid a simple match replace. Any ideas?
Thanks!
30.11.2024 18:25 — 👍 1 🔁 0 💬 0 📌 0
The configuration options in "Settings > Tools > Proxy Default Proxy history message display". We can act separately on Websocket messages, HTTP requests and HTTP responses
We can now configure what version of messages should be displayed in Proxy History 🥳
28.11.2024 13:37 — 👍 18 🔁 1 💬 1 📌 0I bought a year of Burp Suite Pro for almost 1 BTC.
28.11.2024 06:13 — 👍 0 🔁 0 💬 1 📌 0If some of their users become upset, meh, who cares. If some of their large b2b customers become upset, that's a much bigger issue.
25.11.2024 01:48 — 👍 1 🔁 1 💬 0 📌 0Starting to think of bug severity in terms of "how might this affect shareholder price". At the end of the day, that's all that the companies who determine your bounty amount care about. Your data is already public from other breaches, but those breaches may not be associated to that company (yet).
25.11.2024 01:47 — 👍 1 🔁 1 💬 2 📌 1👋
21.11.2024 16:57 — 👍 2 🔁 0 💬 0 📌 0I've been seen.
19.11.2024 07:00 — 👍 1 🔁 0 💬 1 📌 0Post a pic YOU took (no description) to bring some zen to the timeline
17.11.2024 04:15 — 👍 2 🔁 0 💬 0 📌 0