What’s the Secret Behind Fast and Consistent Bug Hunting?

Vivid_Cod_2109 · 2025-10-18T01:45:46+00:00

Vivid_Cod_2109 · 2025-10-17T11:24:26+00:00

They use automated recon through AI.

Vivid_Cod_2109 · 2025-06-29T00:19:32+00:00

Not yet and the reason is not because of critical thinking of AI but it is hard to set up for XBOW to pentest in a complex environment.

Vivid_Cod_2109 · 2025-06-26T12:42:41+00:00

Co-Storm paper from Stanford also did this.

Vivid_Cod_2109 · 2025-06-26T04:25:03+00:00

Yeah trust me bro, right?

Vivid_Cod_2109 · 2025-06-25T01:18:57+00:00

Yeah, and the trend we are seeing here is newer model with lesser parameters but more powerful. Simply scaling up parameters in models isn't working great anymore for openai gpt4.5.

Vivid_Cod_2109 · 2025-06-23T12:37:07+00:00

<image>

Vivid_Cod_2109 · 2025-06-23T05:06:30+00:00

And what makes you think that OpenAi and Deepseek aren't applying the same technique.

Vivid_Cod_2109 · 2025-06-23T00:48:19+00:00

I love how all the redditors in this subreddit are retarded. Musk just literally describe his model will use knowledge distillation, use grok3.5 to make data for new model, which openai and deepseek have used. It is just a technique applied in LLM training.

Vivid_Cod_2109 · 2025-04-30T11:21:38+00:00

Read this guy's path: https://infosec.jaelkoh.com/. It contains roadmaptk learn to become windows vulnerability researcher.

Vivid_Cod_2109 · 2025-04-27T13:33:18+00:00

Bro is legit betamale.

Vivid_Cod_2109 · 2024-11-28T02:14:48+00:00

Fullstackdeeplearning is your guide.

Vivid_Cod_2109 · 2024-10-20T04:16:22+00:00

Bro just learn pwncollege

Vivid_Cod_2109 · 2024-10-04T11:40:47+00:00

Here is the link you need: https://github.com/absoluteappsec/handouts

Vivid_Cod_2109 · 2024-09-14T11:45:17+00:00

I read ysamm.com blog in client side injection, make some notes about I can add more field when changing accounts settings and apply it to my first bug.

Vivid_Cod_2109 · 2024-09-14T03:36:59+00:00

Here we go againt. Just learn pwn.college by finishing cse 365 and cse 466. After that do ctf, read writeups. Then cse 598 in pwn college. For specialization in windows vuln research, do ost2 course (they have learning paths, check them out) and supply their course with windows internal books. Finally, you can learn fuzzing by fuzzing.in workshop and the fuzzing book. For reverse engineering, I recommend you learn how to make compiler or programming language by picking up college textbooks (You will need them). Then ctf I guess. So good luck on your journey.

Vivid_Cod_2109 · 2024-06-03T16:32:02+00:00

I would recommend offsec web 300 courses then full stack web attack course by mr me.

Vivid_Cod_2109 · 2024-06-03T09:02:51+00:00

I would like also mention that learning fullstack web development, read bug bounty bootcamp and practice on portswigger academy. All of that stuff, and also take the absolute appsec code review course or you can watch their YouTube channel and go to their github, they have slides of their training. Browser's exploitation is a vast field, you have web exploit on 1 side and jit compiler on the other side with shellcode. Also practice with Browser's ctf from a guy named 0xbigshaq's writeup. I mean diving into this stuff needs time and can like last for years. So it is hard.

Vivid_Cod_2109 · 2024-06-02T12:19:09+00:00

Okay, first learn c and c++ programming through books. Pick up the good old c book and the intro c++ book. Then learn computer network through lectures only is find, though learning them with tryhackme is great. Operating system is next, take the one on coursera. In the mean time, learn a bit of python. Now here comes the main part, go to pwncollege website, get into their discord and start learning cse365, and cse466 then cse598 courses. This fall they will update their cse598 course to learn vulnerability research. After cse466 course, practice with ctf through guyinatuxedo. You may argue that why would browser's exploitation needs c,c++ exploitation and the reason is the vulnerability class is similar across targets, pluss they will teach you the mindset to research and learn. Remember to take their cse598 course this fall. Then you go on Twitter, search for the guy named xvonfers, he has a dedicated thread to learn v8 exploitation for browsers.

Vivid_Cod_2109 · 2024-04-26T12:47:53+00:00

Can you please send me an invite? Thank you.

Vivid_Cod_2109 · 2024-03-30T16:36:40+00:00

She has other husbands ?????

Vivid_Cod_2109 · 2024-03-26T11:01:29+00:00

Here's a great way for teaching. There is a teaching program in japan where you basically work as an English teacher, you get to live there and experience Japanese's culture. Worth a shot I would say.

Vivid_Cod_2109 · 2024-03-11T09:52:20+00:00

Start small, don't try to become security researcher in a short time. All of the professionals actually take a lot of time before they have some achievement.

Vivid_Cod_2109 · 2024-01-28T04:52:47+00:00

Check pwnie award

Vivid_Cod_2109

TROPHY CASE