Hello amazing hacker and welcome! I hope you are doing well. Please sit back and relax, uncle rat is going to tell you the story of how he found his first critical vulnerability. I’m going to tell you the events that led up to this bug, what i was thinking at the time and how i felt when i got that vulnerability.
It all started with me wanting to hunt a VDP and i know what you’re thinking. Eh, uncle, no cash is no fun but hold on. I knew this program paid out bonusses for getting crits so i set my arrows to [REDATED].
I usually hunt paid B2B program’s but this program was totally different, it was a recon target so i had to change up my strategy totally but i was determined to get a bug. I know how to do recon, i just had not applied it up to this point. One of my heroes is https://twitter.com/stokfredrik and he also hunts main apps only so i’ve devoted my whole time hunting to main app untill this point.
I had my target, this small rat was ready to sneak past any security defences [Redacted] threw at me and believe me friends. Rats are sneaky animals, and smart, very smart.
The hunt is on
To start i had to begin where everyone began. Since the target had a very broad scope, i had to enumerate everything first. I had to scout my grounds.
I always start with subdomain enumeration and it’s my believe that to do this effectively you have to consult as much sources as possible so i want off to run every single tool i could find: