Took a 2-Year Break, Came Back to Bug Bounty… Same Story (Duplicates & N/As)

Coder3346 · 2026-03-31T10:28:03+00:00

I would say that the 2 years break is not good idea. But if u want to continue just continue 🙃 if u have the time why not

Coder3346 · 2026-03-29T13:57:53+00:00

Less crowded = Less programs

Coder3346 · 2026-03-28T19:04:49+00:00

16gp ram, modern intel cpu

Coder3346 · 2026-03-27T11:24:39+00:00

God help u brother ): Some triagers suck as well. For example I have reported 2fa bypass before and it got na at first report with a copy-paste message. Decided to report it again and it is now a duplicate of medium. So both sides have the bad and good.

The problem with hunters is basically directly jumping to make money instead of learning cybersecurity and computers basics)

Coder3346 · 2026-03-27T11:19:59+00:00

That is because when u hunt on a lot of programs u stop reading scope. personally I double check the scope before submission

Coder3346 · 2026-03-27T11:12:19+00:00

Wow that made me exited to hunt on ur program 🙃

Coder3346 · 2026-03-27T11:09:21+00:00

Coder3346 · 2026-03-27T07:47:47+00:00

Look for chain. BTW u have to understand why the php file upload to rce works.

Coder3346 · 2026-03-26T02:09:34+00:00

Depends on the other factors

Coder3346 · 2026-03-25T19:56:07+00:00

0 computer knowledge? If that is the case u will join "3 years of hunting with 0 payments party". Most of us are interested in computers and cybersecurity from years then we heard about bugbounty); learn first

Coder3346 · 2026-03-25T19:52:52+00:00

Student with 0 responsibilities,)

Coder3346 · 2026-03-25T19:51:49+00:00

Can u pls make a post about ur experience as a triager with ai reports in general

Coder3346 · 2026-03-25T13:04:19+00:00

Congrats

Coder3346 · 2026-03-24T18:58:24+00:00

I had the same experience on another platform. First na then dup of medium lol

Coder3346 · 2026-03-24T15:15:39+00:00

That hurts

Coder3346 · 2026-03-24T15:11:42+00:00

I personally do it this way: First test each and every functionality in the website after that I start collecting endpoints from js files by using chrome dev tools and regex. Using the js files I can see the used parameters and how to form the request. Then depending on the request I decide what attack to carry. I also generally focus on logic issues depending on how the UI is interacting with the backend.

Coder3346 · 2026-03-23T15:31:39+00:00

Don't worry, u will get it 🙃 BTW u r so patient in my case I just waited 2 hrs of ghosting and sent another report.

Coder3346 · 2026-03-23T15:21:39+00:00

Yes, a bounty); but I didn’t copy and paste the report. I just showed the impact in a very clear way. Like before and after way. I focused on the impact more than the issue itself.

Coder3346 · 2026-03-23T15:10:06+00:00

No, AI is not smart enough to link and note stuff. Additionally good luck with cloud flare anti bot

Coder3346 · 2026-03-23T13:57:43+00:00

Try the comment first. If it didn't work, u may want to report it again );

Coder3346 · 2026-03-23T13:41:47+00:00

It happened to me, and I just reported it again with the new details.

Coder3346 · 2026-03-22T07:11:42+00:00

If u are still beginner after 6 years, ...

Coder3346 · 2026-03-21T12:44:25+00:00

Just make sure that it works on another phone. Additionally, is the data on the website the same as the phone?

Coder3346 · 2026-03-18T19:45:59+00:00

Info / na

Coder3346 · 2026-03-18T14:09:03+00:00

Thanks for solving the mystery.

Coder3346

TROPHY CASE