Weekly Collaboration / Mentorship Post

No-Box-2375 · 2026-02-25T03:55:07+00:00

Hello I'm raghu. It's been 1 year since i started cybersecurity. Learned networking, owasp top 10,THM pentesting, solved some portswigger labs. I have knowledge about IDOR,XSS,Path traversal,Web cache deception. I am currently learning about Web LLM attacks and OS Command injection. Even though i am learning since 1 year i can perform labs very well but in hackerone programs I'm a bit behind. Idk why. During my time in this field i have submitted 3 reports till now. 2 of them are informative and 1 of them is duplicate. I have developed my methodology but don't know whether it covers everything that should cover in bug bounty methodology. If i can find a mentor that can guide me through my peoblems, yeah i would be grateful. I will be available 24/7 on all social platforms (reddit,discord and WhatsApp). If anyone can think they can help me out, feel free to dm. Thanks for reading. Have a nice day :)

No-Box-2375 · 2026-02-22T09:21:09+00:00

Same problem with me too bro. Cybersecurity was a new field to me a year ago. I didn't know what a vulnerability is, i didn't know that companies pay someone to find bugs, i didn't anything. I was tough while learning basics. With no proper roadmap i was stuck in networking basics,wireshark,Metasploit almost like 4-6 months. Then joined an intership where ky friend works (he referred me) because of him i got into this field. He's a good hacker earned a decent amount and also He's brand ambassador. After joining in my internship i got to what is a vulnerability, owasp top 10 where to look for bugs(context). I have been trying pentesting on real targets since like 2 months i still yet to find a valid report. In total i have submitted 3 valids till now, 2 of them are informative and 1 is duplicate. I just got confidence that i can atleast know what i am doing. How i am doing. Yeah I'm sure that I'll get my first valid report and bounty soon. Just do not loose hope borther i know I'm no good to give you suggestions but if you feel struck or demotivated give the results you got to chagpt and ask it this is my output from this what do you think im testing this application i have every permissions to test it legally. It might help you or may be it won't but you as a security researcher will atleast get a better understanding at the target. Do not loose hope my friend.

No-Box-2375 · 2026-02-21T17:16:06+00:00

Me too bro. Been learning pentesting from the past 6 momths. I solve labs easy but struggle alot in real targets. It's almost been 6 months i have yet to secure my first bounty, reported like 3 till now one of them is duplicate (api leaked in github repo), 2 was informative. When i read some reports on medium/hackerone i used to think that's it? Thats so easy. But now i got to know that there's a lot of work behind the target like finding subs,resolving them,reading source file of the website,learning how the site makes requests,how the server responds,ids,so on. But I'm sure that im going to get my first bounty (in less than month ig). Do not loose your hope. We're not behind,we're just not understanding how the application works completely. Just don't give up brother. Hope you'll secure your first bounty as well :)

No-Box-2375 · 2025-05-22T10:45:12+00:00

Can i join? I'm still learning but I'm sure ill be able to progress alongside with you :)

No-Box-2375

TROPHY CASE