Hello, luvs, I don't have any technical writeup for some reasons first, some of my reported issues are still unresolved, or their NDA doesn't allow me to disclose details. Next, the past months of my life have been so crazy. Late graduation (because I went to college late), IELTS exam, Individual security assessments, crazy COVID-19 situation and lockdowns, and so on... This post is more like my diary for the past months so pardon me if it's not well organized.
Besides i'm spending all my free time on HunterSuite .
Playing on bug bounty platforms
I have been doing this for so many years but not on bug bounty platforms, so I joined. HackerOne and BugCrowd.
I worked on Netflix, Bitdefender, Razer, ZOOM, NordVPN, and found and report vulnerability on every single target I've worked on, which makes me so proud. The total worth of vulnerabilities I've discovered in farily short preoid of time pass ~$8k in case you are crious.
Well, to not give you false hope and information, I've discovered the vulnerabilities on them because I used to work as a penetration tester before bug bounty world. If you are a beginner, I highly suggest you start here and then here. I also used HunterSuite to automate a lot of parts, and it's not advertising but a fact <3.
Accessibility: you have so many options to choose from, and it's growing very fast. I solely choose my target based on one single factor.
Love: Do i enjoy using your product? Honestly, that's how I choose my targets. These platforms allowed me to work with tech giants I love efficiently and effectively.
Credit: when you have successfully found vulnerabilities on biggest names out there, it helps your credibility and resumes a lot
not really, i don't really hate anything just a title
Some triage teams are incredibly awkward, which made me think about what's really wrong with them? But I also thought about another side of the monitor. There is a problem called "bounty fishing." amount triages. "Bounty Fishing" means a lot of unskilled researchers try to fool the triage team with some "uninterpreted" scanners' results and even fake data. Being an amateur is not a problem, but this is a scam attempt, which is worse than an unprofessional triage.
This issue is just "very small" percentage of triage teams, but still was annoying; there are way more awesome people and programs.
For example, Razer paid $1.5k for the critical I've reported, but because it was a duplicate, I got $0, It sucks, and I believe these platforms or newer platforms to come will have better solutions. But for now, it is what it is.
finally, financial reward part, honestly, I don't want to work on a billion-dollar company for free it doesn't make sense, but as long I'm treated well and paid reasonability I don't really mind, I can enjoy my time spent.
1-Day Exploit and WebSec challenges
I also created a PoC for an exciting 1-day exploit. (more than half a million devices affected and the issue is of-course patched) have done all 138 WebSec academy challenges. (it was very fun and I learned cool stuff)
The story of ZOOM vulnerability from N/A to high
As their NDA does not allow vulnerability disclosure and issue is still open, I can't give more detail besides the story.
The moral part of the story? Communication. Even though I got upset about the initial decision, I did not act harshly. I tried to reason with them, and they took it nicely, so I believe ZOOM security is working so hard to keep up with their security.
Thank you ZOOM and HackerOne <3
I'm doing fine despite sad pandemic and lockdowns. Working with @j3ssie (who eventually kills me with his perfectionism ) almost every day on HunterSuite, Receiving phone calls and, the limited visits I get from my loved ones keep me alive and motivated. I'm also looking for doing a computer science master in the upcoming months.
That's it for now.
Stay safe, stay sane, and stay home as much as you can.
<3 0xsha