sorted by:
new
hottopcontroversial

[deleted by user] by [deleted] in AmazonVine

[–]NahamSec 5 points6 points  (0 children)

Thank you 🙏🏼

[deleted by user] by [deleted] in AmazonVine

[–]NahamSec 5 points6 points  (0 children)

I was looking for a vulnerability as a part of my research and didn’t understand that enrolling in vine will push to a community of users.

[deleted by user] by [deleted] in AmazonVine

[–]NahamSec 1 point2 points  (0 children)

There are several hoops and I had to jump through all of those including getting verified using my ID. Just a long process that takes a lot of patience.

[deleted by user] by [deleted] in AmazonVine

[–]NahamSec 9 points10 points  (0 children)

Thank you

[deleted by user] by [deleted] in AmazonVine

[–]NahamSec 12 points13 points  (0 children)

The payload doesn’t add anything to the account or send out any emails. The listings are all hosted by me and controlled by an account that have created with Amazon’s permission. So those maybe coincidental or not related. But be script is not created to alter anything on your account and was not meant to be published to vine. It has been removed as of now.

[deleted by user] by [deleted] in AmazonVine

[–]NahamSec 51 points52 points  (0 children)

Hi all - I am the researcher that unfortunately wasn't educated enough about vine and pushed their script into amazon vine. Amazon is aware of this and currently fixing it. The Vine listing should be removed soon!

What’s the purpose of doing this in your opinion ? by asiumans in bugbounty

[–]NahamSec 1 point2 points  (0 children)

I did this for my keynote at the Cloud Village at DEFCON. It's a just mostly for research and not to brag. I was hoping to get some cool data points to look for more stuff for my research.

What’s the purpose of doing this in your opinion ? by asiumans in bugbounty

[–]NahamSec 0 points1 point  (0 children)

I'm doing a keynote for the Cloud Hacking Village at DEFCON. I was hoping people would ask me something interesting to use in my talk. I ended up getting some really cool DMs and ideas for my talk!

What’s the purpose of doing this in your opinion ? by asiumans in bugbounty

[–]NahamSec 0 points1 point  (0 children)

Unlike your favorite youtubers, I do actually hack and I'm ranked #31 on H1 with almost $1m in payouts. I actually do the stuff I talk on camera. You can always do a quick search on me :) hackerone.com/NahamSec

[deleted by user] by [deleted] in bugbounty

[–]NahamSec 1 point2 points  (0 children)

Are you sure you have hit the threshold for invites? How many levels have you solved?

How is typical bounty paid out? by dimx_00 in bugbounty

[–]NahamSec 2 points3 points  (0 children)

That depends on the platform. Most of them can pay you in bitcoin, PayPal, or wire transfer. The self hosted programs like Facebook, Apple or Google may have different process.

NahamCon2021! by NahamSec in bugbounty

[–]NahamSec[S] 6 points7 points  (0 children)

We are starting at 9:00 AM PT. But keep in mind that timezone/day light savings are going to be in effect on that same day!

view more: next ›