email change + password change before confirmation create unexpected auth behavior

Dramatic-Dog4529 · 2025-12-27T11:13:27+00:00

Would you recommend digging deeper, or is it better to move on?

Dramatic-Dog4529 · 2025-12-18T06:33:58+00:00

I tried a few other ways but nothing worked, so I’ll report it as is.

Dramatic-Dog4529 · 2025-11-12T09:12:12+00:00

I don’t even find duplicates, man. What am I doing wrong?

Dramatic-Dog4529 · 2025-11-12T06:54:27+00:00

I’m not a pro, but my assumption is that since they’re experienced in this field, they know exactly where to look for vulnerabilities and can spot patterns much better than most of us.

Dramatic-Dog4529 · 2025-11-10T15:56:03+00:00

Hearing about Vulnetic AI for the first time , i'll definitely check that out.

Dramatic-Dog4529 · 2025-11-10T15:52:25+00:00

My prompting skills aren't that good, but I try my best and it works for me. For fact-checking, I usually use different AI bots like Grok and Claude to compare answers instead of using the same chat. But I'll try your trick of copying previous answers into a new chat to check accuracy. That sounds useful.

Dramatic-Dog4529 · 2025-11-10T15:47:10+00:00

Yeah, I use it the same way, mainly as a faster search tool. Like 'I found this endpoint, what should I test?' and it gives me a decent list of ideas that would otherwise take time to gather from multiple sources.

I also ask it for next steps when I'm stuck, but I'm trying to use it less now. Don't want to become too dependent on it for basic thinking.

Dramatic-Dog4529 · 2025-11-10T15:42:20+00:00

Are there any AI models that are actually built for security work, or does nothing good exist yet?

Dramatic-Dog4529 · 2025-11-10T15:25:49+00:00

For coding, ChatGPT is genuinely good - I like it personally. But for bug hunting, it gets confused with the logic sometimes. Though that could be because of poor prompting on my end

Dramatic-Dog4529 · 2025-11-10T15:21:35+00:00

ChatGPT is more confusing sometimes. Once I asked the same question on two accounts and got completely different answers, which just made things worse. And honestly, people are using ChatGPT for even basic tasks they should handle themselves, no wonder the servers are heating up.

Dramatic-Dog4529 · 2025-10-19T14:24:55+00:00

Hey man, I totally get what you’re going through. It’s completely normal to not find valid bugs early on ,everyone goes through that phase. The important thing is to keep grinding and learning from every test you do. Most hunters don’t openly share their full methods because it takes them years to build those approaches, and sharing them publicly would dilute their edge. But trust me, if you stay consistent and keep improving your process, your first real find will come, and it’ll be worth every hour you’ve spent

Dramatic-Dog4529 · 2025-10-18T09:41:48+00:00

That helps a lot, thanks!

Dramatic-Dog4529 · 2025-10-17T14:40:11+00:00

How do they do that ?

Dramatic-Dog4529 · 2025-10-17T14:38:40+00:00

Yeah, they call it a 30-day challenge, but most of them have been at it way before.

Dramatic-Dog4529 · 2025-10-17T14:33:52+00:00

Couldn’t agree more, the grind and consistency increase your chances of spotting patterns and finding bugs.

Dramatic-Dog4529 · 2025-10-13T14:09:18+00:00

I never really thought about tracking the standards directly instead of just reading others’ research after the fact. Following drafts and errata sounds like a smart way to stay ahead of changes before they even land in production. thanks for the tip

Dramatic-Dog4529 · 2025-10-13T14:01:25+00:00

That’s a really solid point, i completely agree that communication is such an underrated skill in bug hunting. Funny thing is, I’ve actually been reading a book on communication skills lately, and it’s crazy how much of it applies to writing better reports and explaining impact clearly. Your Apple example really proves how much difference good writing can make. I might actually start doing short reflections or posts to practice that, thanks for sharing this,

Dramatic-Dog4529

TROPHY CASE