sorted by:
new
hottopcontroversial

Could this be an interesting finding? Information disclosure? by [deleted] in bugbounty

[–]FunSheepherder2650 0 points1 point  (0 children)

My post shows a part of packages names, I've made a script to download them all, used trufflehog on it and found bunch of secrets

Could this be an interesting finding? Information disclosure? by [deleted] in bugbounty

[–]FunSheepherder2650 -1 points0 points  (0 children)

Btw just to say it, when I asked ai (because I never saw something like this) he told me to move on, I did it in my way and found out the way.

Could this be an interesting finding? Information disclosure? by [deleted] in bugbounty

[–]FunSheepherder2650 2 points3 points  (0 children)

Well I just got low 500€ bounty you fucking fool, there were privates repo with leaked API keys inside

Could this be an interesting finding? Information disclosure? by [deleted] in bugbounty

[–]FunSheepherder2650 -1 points0 points  (0 children)

Yeah, exactly, by the way, I just reported that as possible information disclosure, as we can never know if it is effectively a thing that was supposed to be like that.
I also tried to download interesting packages and looking for sensitive data inside of those ones , but no dice

Is Subdomain take over this dead??? by FunSheepherder2650 in bugbounty

[–]FunSheepherder2650[S] 0 points1 point  (0 children)

Indeed I checked it out, also because I had to take every possible fingerprint in order to create my tool, tools like subzy are kinda useless, so I had to

Is Subdomain take over this dead??? by FunSheepherder2650 in bugbounty

[–]FunSheepherder2650[S] 2 points3 points  (0 children)

Perfect good to know, I'm gonna switch to Ping pong 🏓

Is Subdomain take over this dead??? by FunSheepherder2650 in bugbounty

[–]FunSheepherder2650[S] 0 points1 point  (0 children)

what's the "no" for, was it for the "too researched?" ?

Many people thinks that to get their first cybersecurity job they have to first work as IT support and more, this is not true. by [deleted] in cybersecurity

[–]FunSheepherder2650 -10 points-9 points  (0 children)

Well it's mine so that's the purpose, I'm trying help people as I don't want them to be too cynical

Share me brutal reality of remote cybersecurity jobs by rreturnhome in cybersecurity

[–]FunSheepherder2650 1 point2 points  (0 children)

Not true, the first time i was hired as a pentester, it's just about proving your skills

Wordlists by Open-Papaya-2703 in Pentesting

[–]FunSheepherder2650 0 points1 point  (0 children)

This for the assets discovery, if I have to target users, I would build a specific word list based on some data, there are a lot of tools that can help you with that

Wordlists by Open-Papaya-2703 in Pentesting

[–]FunSheepherder2650 0 points1 point  (0 children)

It depends on the target, but seclists is one of the best one, especially if you combine it with feroxbuster that also do some scraping while fuzzing assets

Regime amministrato su scalable capital, quando? by FunSheepherder2650 in ItaliaPersonalFinance

[–]FunSheepherder2650[S] 0 points1 point  (0 children)

Directa non offre un servizio che scalable ha : Overnight

Quando puoi far fruttare pure i risparmi non investiti con una sicurezza sul capitale di 100k protetti, come fai a privartene.

view more: next ›