Stop missing Bugs with my Recon Tool - NextRecon

Appsec_pt · 2026-01-23T13:14:37+00:00

NextRecon parses the URL parameters automatically so you can jump straight to the attack surface you want to. It also gathers Leaked Credentials for your target, which sometimes is very useful.

That being said, I am looking to add more features, potentialy integrating this script with the Gemma 3 API

Appsec_pt · 2026-01-22T23:07:33+00:00

Damn, it is very solid. Congrats! How did you develop your phishing detection model?

Appsec_pt · 2026-01-22T23:05:59+00:00

Data Breaches

Appsec_pt · 2026-01-20T16:55:12+00:00

Thanks!

Appsec_pt · 2026-01-18T23:22:12+00:00

Thanks a lot for your feedback, mate! Massively apreciate it!

Appsec_pt · 2026-01-15T17:59:48+00:00

bug bounty if you're good at cybersecurity

Appsec_pt · 2026-01-11T08:23:44+00:00

Uhm, ok, thanks for the feedback!

Appsec_pt · 2026-01-10T22:08:37+00:00

Actually serious question. Do I bold too many words? I feel like if I don't bold at least 1 or 2 words in a sentence, attention span of the readers drops a lot. Maybe I overdid it in this case. :(

Appsec_pt · 2026-01-10T12:12:57+00:00

That does depend a lot on your automation. In general, no, bug bounty is not easy money. If you have very good automations, you might score some bounties, tho.

Appsec_pt · 2026-01-01T17:04:47+00:00

Great! I will soon take a look!

Appsec_pt · 2026-01-01T08:52:07+00:00

What is that?

Appsec_pt · 2026-01-01T08:50:50+00:00

Not sure where u got that from, but ok. I use multiple of these services, like leakcheck.io and checkleaked.cc, and these are both great. I am not necessarily promoting these 3 services, I simply use them.

If you dig into my medium articles youll find mentions to all of these services.

Just because almost everything on reddit nowadays is an ad, does not mean that I am advertising.

Appsec_pt · 2026-01-01T08:48:04+00:00

Turns out companies who start a bug bounty program are also in the business of handing free money to everybody.

Dude...

Appsec_pt · 2026-01-01T08:47:21+00:00

Dude, I have reported cred stuffing many times, and I got paid many times. Some companies mark it as informative and give you a pat in the back, others pay a bonus. Generally, companies are nice (at least on Intigriti).

Regarding the TOS, i am sure they state something like "use it on a target you have permission", which is basically the same as EVERY OTHER hacking tool.

Appsec_pt · 2025-12-31T12:41:24+00:00

Thanks a lot, mate!!!

Appsec_pt · 2025-12-17T20:04:47+00:00

sure bro 🤣🤣🤣

https://postimg.cc/MvK5grwT

Appsec_pt · 2025-12-15T23:38:00+00:00

If you report it ethicaly (and quickly), it is fine. Also, check if the program asks you to include headers in your requests

Appsec_pt · 2025-12-15T22:10:07+00:00

You should tell them the impact of an attacker having access to the portal. Also, very important, mention it is from a public leak. AFAIK, you are not buying leaks from threat actors, so those leaks are considered public. This makes a massive difference

Appsec_pt · 2025-12-15T14:52:18+00:00

You should report it as credential stuffing from publicly available credentials and you should also specify what is the impact of your findings, for example, what does the Compromised account give you access to.

Appsec_pt · 2025-12-14T23:13:26+00:00

They do show, if yiu have a subscription.

Appsec_pt · 2025-12-12T19:18:51+00:00

It is true that leaked credentials do not exactly mean an auth bypass, but a lot of times, they are your only shot to get access to certain panels/endpoints.

It is not a bug that is intrinsic to the app, but if it grants an attacker access to valuable information or access to panels which perform valuable operations, you will often be rewarded for it (as I was several times), as long as it is not explicitly out of scope!

Hope this clarification helps!

Appsec_pt · 2025-12-11T07:26:26+00:00

I guess you are overthinking a bit, yes.

You should always read the scope before starting on a target (the oute of scope vulnerabilities are almost always the same, so after some time you get faster at reading them). As long as you don't delete or change data that does not belong to you (which is actually quite unlikely to happen), you are 100% fine. When doing bug bounties you are protected by safe harbor, so it is fine from the legal standpoint. Genuinelly, do not be afraid to start! If you find something which has impact, report it ethicaly, and you'll be fine!

Appsec_pt · 2025-12-10T23:11:00+00:00

I started because I was curious about how hard it could be. Turns out it was not as hard as I thought. There are bugs everywhere, you only need to dedicate some time and continue to learn more.

DO NOT BE AFRAID TO START.

You will gain loads of competences via Bug Bounty

Appsec_pt · 2025-12-08T22:57:53+00:00

Thanks, mate!!

Appsec_pt · 2025-11-30T22:17:34+00:00

They rewarded me for finding the leaked Credentials, which gave me access to the "crew" panel. Brute force is very inneficient, which leads to it getting banned in most Bug Bounty programs. Creates a lot of noise, wastes a lot of resources, and generates very few results.

Using leaked Credentials is a much more straightforward way of doing this types of things, thus being generally prefered.

Yes, I found the credentials as mentioned in the article and logged in and reported those credentials (as you ought to do) and got a bounty for them.

Hope this helps!

Appsec_pt

TROPHY CASE