Published inInfoSec Write-ups·PinnedPushing yourself through hard hunting days: A bug hunter’s perspectiveToday I am going to talk about the period when you don’t find bugs for several days, weeks or even months. This talk is going to be non-technical and completely related to mental health. I will try explaining it as simple as possible. During our bug bounty days, specially when…Infosec4 min readInfosec4 min read
Mar 21Interview essentials for a Pentester role: How to land your first job in SecurityWelcome to another, knowledgeable blog! This is for people who want to get into a pentesting job and they are searching for a right direction. I am from India so take this blog as per Indian job market because I really dont have any idea how it works in other…Interview5 min readInterview5 min read
Jan 19Hacking with cURL: Unleash the CLI beastCurl, or client URL is a command line tool that enables data exchange between a device and a server through a terminal. We can use this tool on almost every OS. Today’s blog is focused on how do we use it in our pentesting & bug bounties. Best thing about…Hacking3 min readHacking3 min read
Jan 3My hacking story: Its a Journey, not a destinationBackground Schooling College BCA and Hacking fever Jobs & struggle Hacking Events and Synack Hacker friends Upcoming plans If you are reading this blog, you know me. I write contents, contents on hacking, appsec etc. Apart from it, I have a Free mentorship program as well which is going on…Bug Bounty7 min readBug Bounty7 min read
Published inInfoSec Write-ups·Nov 26, 2022A great weekend hack(worth $8k)This post is a writeup of my recent findings on Synack which got me $8k for 5 bugs, on a single day. So, I was hacking on a program which was in QR period(QR period is a specific time defined by Synack where researchers with best reports are rewarded), and…Hacking4 min readHacking4 min read
Published inSystem Weakness·Oct 9, 2022The prerequisites: Things you need to learn before getting into Web hacking/bug bountiesBug bounties or web hacking is something which fascinates a lot of people. I mean, who doesn't want to earn money that also while hacking stuff! But it doesn’t that easy as it sounds like. …Hacking5 min readHacking5 min read
Published inInfoSec Write-ups·Jun 6, 2022Hacking Nginx: Best waysNginx is being used in the wild since a while now. We all have seen NGINX name somewhere while coding/hacking. NGINX has always been a target for hackers/bug bounty hunters due to a lot of misconfigurations in it, and as a security researcher/bug bounty hunter, hacking a web server always…Bug Bounty5 min readBug Bounty5 min read
Published inInfoSec Write-ups·Mar 6, 2022Going beyond the surface: Vulns that pay wellThese days bug bounty hunters have been finding many low-hanging fruits and a lot of them want to go beyond those bugs. This blog is for those who want to find some well-paid bugs which need a little more observation and time. I have put my methodologies and ideas to…Bug Bounty5 min readBug Bounty5 min read
Dec 27, 2021Weapons in my quiver: Tools and extension I use in bountiesAs this blog already describes, I will be putting some info about tools and extensions which I use daily in my bounties. For an early reminder, there is no new or self-created tool mentioned here and all the tools/extensions are well known. …Bug Bounty5 min readBug Bounty5 min read
Nov 14, 2021The Implementation plan for hacking: What not to do and whereHey guys, I hope you all are doing well and having fun in hacking. It’s been a while I posted any blog here. Didn’t quite get the idea what to write on, so it took some time. However, I came up with this topic and if it works well, you…Bug Bounty5 min readBug Bounty5 min read
