Bug Bounty Methodology V3.0: Hunt like a rat

Over time i ran into some issues when i was following other people’s methodologies. I was testing like my mentors and my hero’s but it never felt like their way of testing quite fitted my way of life and i never found any bugs doing that.

I am a stubborn rat. When i can’t find a way i make my own. I’ve developed a methodology that i think minimizes dupes beause i focus on out-thinking the competition instead of being the first to find a new subdomain or asset and testing it. I love leftovers 🙃.

--

--

--

No b*llshit Hacking tutorials with extreme value in short bursts

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

What is forensic?

Security Advisory Regarding Crestron TSW-XX60 Touch Panel Devices

Getting Started with MetaMask

https://medium.com/@vincentvanft/crypto-rich-kids-nfts-c0545a3f7e6f

These are the phones that will be incompatible with WhatsApp at the end of May

Have a Good Night Sleep With Memory FoamMattresses. https://t.co/DgxGBxl2Uc

Will Transcription Services Sign an NDA? Are Transcription Services Secure?

Enable ssh from GCP browser via IAP while restricting ssh with GCE firewall

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Thexssrat

Thexssrat

No b*llshit Hacking tutorials with extreme value in short bursts

More from Medium

X-XSS-Protection headers. Protection or vulnerability?

How to hunt for bug bounties

How I could have read your confidential bug reports by simple mail?

Top 25 Subdomain Takeover Bug Bounty Reports