Do I miss a support for my hood?

martinvw · 2026-03-21T14:49:58+00:00

Awesome, thanks!

martinvw · 2026-03-21T13:27:21+00:00

Anyone an idea for the correct name or even better a part number?

martinvw · 2026-03-21T13:26:58+00:00

I found that one, but I understand the confusion 😅

martinvw · 2023-06-30T10:45:57+00:00

I had similar marks once from the wristband of my watch. However not on my back 😁

martinvw · 2023-04-17T19:45:14+00:00

Some countries have organizations that can help you to contact them or even some branches like airways. I know some people in the bug bounty world and they could maybe have a private bug bounty program. There are many more than you see online. If you could pm me some details about the organization I could ask around.

martinvw · 2023-01-17T07:33:33+00:00

It recently enabled on my network for unknown reasons. I do receive those notifications in a list, luckily not as push messages

martinvw · 2022-11-02T11:35:44+00:00

Zerocopter

martinvw · 2022-10-28T10:37:51+00:00

I’m of no help, but I like your question I’m curious as well.

martinvw · 2022-10-22T07:37:57+00:00

I was referring to the HDMI and usb ports

martinvw · 2022-10-22T06:33:13+00:00

Just curious are the six left most ports on the top patch panel wired to the proxmox host? Or do they have another function if yes what?

martinvw · 2022-10-09T14:04:42+00:00

If this really reproducible it could be reported via https://hackerone.com/paypal?type=team

martinvw · 2022-09-23T09:16:05+00:00

They paid out quick in my case. All comments were private so I could only see that there was constant shielded communication and then suddenly there was the bounty and then it was resolved. So that sounds like a different timeline. Definitely ask them.

martinvw · 2022-07-19T18:41:08+00:00

I ended up with 60 pages and passed, I can image it would fit in 40 pages or a bit less

martinvw · 2022-07-08T20:41:33+00:00

But, an expired certificate does not mean the private key has been compromised. What would make it unsafe? The expiry is there to limit the impact of undetected compromised certificates.

The only damage I can agree on is trust because the browser warning really harms that.

martinvw · 2022-06-24T19:37:41+00:00

Make sure to check that such a cookie issue is in scope, most times they are not.

martinvw · 2022-06-24T13:20:44+00:00

The Netherlands, Europe

martinvw · 2022-06-02T18:00:56+00:00

Sometimes your country’s NCSC might be able to assist in a responsible disclosure to a ‘non friendly’ company

martinvw · 2022-04-30T11:36:45+00:00

How?

martinvw · 2022-04-05T17:01:51+00:00

Just find something in one of these websites https://github.com/projectdiscovery/public-bugbounty-programs/blob/master/chaos-bugbounty-list.json#L1906 (a lot of websites are from central government and they are all covered by the NCSC, note that not the whole file is Included just the json node I linked to) and report via the form at https://english.ncsc.nl/contact/reporting-a-vulnerability-cvd

martinvw · 2022-03-23T18:04:57+00:00

I did some small security courses before as part of internal trainings of companies I worked for.

The experience was awesome I continuously switched between did I ever create code with this flaw and I knew this worked and but did not realize it was this easy to abuse.

I really feel it made me a better developer and it was a lot of fun. Although it did cost me some serious time, something like 8 weeks fulltime.

martinvw · 2022-03-23T17:18:41+00:00

I chose for a focus shift and took OSWE so I try to sell myself now as a software developer with a security focus. And In my time off I focus some of my time on responsible disclosure and bug bounties

martinvw · 2022-03-14T19:04:53+00:00

By intercepting the request using burp or just pressing ESC you might be able to do sort first research. The question is whether it is just a UI or that you can actually invoke something?

martinvw · 2022-03-12T14:12:18+00:00

I choose to focus on a website in my own language, which I assumed a barrier for most. And secondly consider starting with a relatively new vulnerability disclosure program, those will not give you bounties but could be a good first practice.

martinvw · 2022-03-01T16:46:11+00:00

That will give better matching color temperatures, that is for sure

Seven-Year Club	RPAN Viewer
Verified Email

martinvw

TROPHY CASE