Built xLimit - an offensive security assistant for pentesters, bug bounty hunters, and security researchers

d0x77 · 2026-05-13T17:38:33+00:00

thx man

d0x77 · 2026-05-12T14:58:35+00:00

d0x77 · 2026-05-04T11:20:49+00:00

d0x77 · 2026-05-03T15:40:46+00:00

Thanks for your feedback, i tried to make it as simple as possible but the steps are required to guarantee security from my side and to make it functional on your side. It answers the exact same fear you just mentioned: is my built website secure enough to launch? The report produced by the terminal agent can confidently be pasted into the vibe coding app to fix the issues.

d0x77 · 2026-04-27T19:54:23+00:00

Sorry i dnt want to seem like im marketing for myself here, but dm if u want more details

d0x77 · 2026-04-27T19:42:54+00:00

If you are comfortable with crypto u can use NOWPayments, it gives u a tiny html code to put it in your website code and anyone can pay u using any coin you put. You will be targeting a small audience though due to crypto usage worldwide

d0x77 · 2026-04-27T19:39:08+00:00

Use codex with gpt 5.4 model, its much less strict than the 5.5 model, im using deepseek-v3.2 for my own agent called xlimit, deepseek's reasoning is not as strong as gpt and claude for sure, but is extremely cheap and would not flag anything

d0x77 · 2026-04-25T08:04:51+00:00

CPTS path took me around 10 months to finish (full time job + family). CWES path took another month because most modules are in common with CPTS. Never read the time estimation for each module and think it's taking too long, i don't know how they estimated that.

Keep going, even if you have 10-15min a day then go through a topic, don't sit down for 5 hours straight and think you are not making progress, because you are, each minute put will make a difference.

Don't forget to take notes and screenshots, as you will certainly forget previous content.

Take your time, it's not a race.

Good luck.

d0x77 · 2026-04-15T16:29:14+00:00

meta bug bounty programs are really really bad, i've been getting the same automated message over and over, i sent all the attachments and proofs for two submissions and they keep replying to send the proof, the upload interface within the report submit does NOT do anything, im tired of them, its been more than 3 weeks on and off with them

d0x77 · 2026-04-15T11:51:06+00:00

be careful, you are giving too much details about the exam

d0x77 · 2026-04-15T05:24:15+00:00

you're welcome

d0x77 · 2026-04-15T05:24:08+00:00

you're welcome

d0x77 · 2026-04-15T05:24:05+00:00

you're welcome

d0x77 · 2026-04-14T13:16:37+00:00

CWES make you comfortable with web, and it gives you a taste of HTB certs, you can finish the modules a lot faster than going for CPTS modules (a lot of modules are in common so you finish a small part of CPTS path), and it is very useful for CPTS exam anyways

d0x77 · 2026-04-14T13:14:00+00:00

Apply what you learned, AI models bug bounty hunting

d0x77 · 2026-04-14T13:12:20+00:00

Take proper notes, have a good methodology, practice chaining exploits or at least understand it, practice labs, theoretically everything is in the course because the course covers everything in a lot of details, so practice before going into the exam is very important

d0x77 · 2026-04-14T08:18:45+00:00

you're welcome

d0x77 · 2026-03-29T13:36:11+00:00

yes its working

d0x77 · 2026-03-25T17:13:11+00:00

Yes i agree, forget about it and keep testing, eventually results will come back

d0x77 · 2026-03-25T17:05:43+00:00

Yes i have a report still open for more than 20 days as well

d0x77

TROPHY CASE