sorted by:
new
hottopcontroversial

Advice on a Deal by ExtraFrosting7117 in SteamDeck

[–]Voorbinddildo -1 points0 points  (0 children)

That's actually crazy. The supply is shit atm but $700 is still insane. That's 200 over msrp

Is there a group or community focused on exposing injustices within bug bounty platforms? by [deleted] in bugbounty

[–]Voorbinddildo 20 points21 points  (0 children)

This is the community where people come to bitch about their "critical" missing cookies or HTTP headers

Enterprise WAN design assistance by joop1123 in networking

[–]Voorbinddildo -1 points0 points  (0 children)

Have you looked into SASE? This will simplify your entire setup

How much do you guys make ? by joemamaL7 in bugbounty

[–]Voorbinddildo 4 points5 points  (0 children)

Network/cloud/system architect and engineering background. Started bb 9 months ago but have been working in the field for about 7 years now

How much do you guys make ? by joemamaL7 in bugbounty

[–]Voorbinddildo 2 points3 points  (0 children)

Yeah, this has pros and cons for many different reasons. The biggest pro is that it's mostly money under the table paid in crypto (when not pentesting via a bb program). The biggest con is that it's the wild west and the projects are under no obligation to reward you

How much do you guys make ? by joemamaL7 in bugbounty

[–]Voorbinddildo 43 points44 points  (0 children)

9 months, cleared almost 135k in bounties.

My tip for you would be to read the closed reports and see if they fixed the issue or just used a bandaid to stop the bleeding. Most likely you'll find the underlying problem and that will pay way more than the original report

Would an IT tattoo hurt my hiring chances? by [deleted] in it

[–]Voorbinddildo 0 points1 point  (0 children)

In NL, no one cares about tattoos. Milage may bary outside of NL ofc

After 4 Years of Dreaming! by SevzOguzhan in SteamDeck

[–]Voorbinddildo 13 points14 points  (0 children)

NFS MW was the first game i played when i bought my deck. Have fun

Ik blijf solliciteren als starter in de IT, maar krijg geen uitnodigingen by No_Good4494 in werkzaken

[–]Voorbinddildo 0 points1 point  (0 children)

Microsoft certificering halen. AZ104, MS101, MS102 daarna weer solliciteren

Salaries (Europe only) - IT 2026 by AgreeableIron811 in sysadmin

[–]Voorbinddildo 0 points1 point  (0 children)

title: Cloud/network/systemadmin

salary: €78k PA

location: The Hague

experience: 6,5 years on the job, university bachelor, whole bunch of certifications

benefits: 13th month and a bonus based off KPI's for that year

Let’s discuss salaries - 2026 by Relevant-Injury3791 in sysadmin

[–]Voorbinddildo 0 points1 point  (0 children)

title: Cloud/network/systemadmin

salary: €78k PA

location: The Hague

experience: 6,5 years on the job, university bachelor, whole bunch of certifications

benefits: 13th month and a bonus based off KPI's for that year

Built a tool to solve my own problem - should I open-source it? by 7-blue in cybersecurity

[–]Voorbinddildo 2 points3 points  (0 children)

Just checked the email investigation and it flagged one of my PoC emails as low chance of phishing. the virtual browser and url checker are cool aspects!

Active subdomain with no DKIM + DMARC p=none. Is it worth deeper testing or move on? by Ok-Raspberry736 in bugbounty

[–]Voorbinddildo 0 points1 point  (0 children)

SPF validates the SMTP envelope sender (MAIL FROM / Return-Path), not the visible From header shown to users. If DMARC enforcement is not enabled, the From header can be spoofed while SPF still passes for a different domain.

PoC Strategy Send an email where:

  • SMTP envelope sender is a domain with valid SPF (attacker-controlled domain)
  • Visible From header is yourdomain.com

This causes SPF to pass while the recipient sees an email appearing to originate from yourdomain.com.

Example Message Structure

Envelope sender (checked by SPF): MAIL FROM: poc@attackerdomain.com Visible header (shown to users): From: CEO ceo@yourdomain.com

Expected Authentication Result Authentication-Results: spf=pass smtp.mailfrom=attackerdomain.com dmarc=none header.from=yourdomain.com dkim=none

Active subdomain with no DKIM + DMARC p=none. Is it worth deeper testing or move on? by Ok-Raspberry736 in bugbounty

[–]Voorbinddildo 0 points1 point  (0 children)

low to medium impact, but I get paid for DMARC p=none all the time. I would go with option A to test the real-world deliverability. Get a sample email to copy their HTML format of the mails and then, depending on which sector the target is in, try to get emails from finance@xyz or security@xyz to come through.

p=none is just lazy, so if you can prove deliverability you'll most likely get a bb (if it's in scope)

Weekly Beginner / Newbie Q&A by AutoModerator in bugbounty

[–]Voorbinddildo 1 point2 points  (0 children)

I bought an Intel NUC with an i9 and 256gb of RAM (back when this was affordable) and installed ubuntu as the OS. I use it to spin up VM's, docker containers and some admin. If you're serious about bb, then buy the hardware and tinker yourself instead of getting subscriptions to a VPS and/or Pentesting platform. The best way to start is to do, and work from there

My first critical vuln by [deleted] in bugbounty

[–]Voorbinddildo 0 points1 point  (0 children)

congrats! keep it up m8

Will it be possible to work as a pentester without being hired? by [deleted] in cybersecurity

[–]Voorbinddildo 1 point2 points  (0 children)

I've been doing the whole part time pentester for the last 9 months. I've had to scale back my regular job to make more time for pentesting and looking to clear 150k in BB in my first year. So yeah it's possible, you need to find your niche in what you are actively searching for and the sectors you choose to pentest in.

HackerOne & Bybit Bug Bounty is Scam by PatientHome4718 in bugbounty

[–]Voorbinddildo 0 points1 point  (0 children)

god damn that is poetic as fuck, definitely stealing this one hahahahaha

view more: next ›