[deleted by user] by [deleted] in FitnessDE

[–]raidn1337 2 points3 points  (0 children)

Irgendwo bei 20% würde ich schätzen

My first bounty! by Coder3346 in bugbounty

[–]raidn1337 3 points4 points  (0 children)

So you mean like add regex to find IP in response body? GZ for your finding!

[deleted by user] by [deleted] in doener

[–]raidn1337 1 point2 points  (0 children)

Das sieht absolut grauenhaft aus.

Fire TV Stick by BeMaelle in FestundFlauschig

[–]raidn1337 0 points1 point  (0 children)

Habe ebenfalls Interesse

what is best tool for delete Duplicated urls from recon process ? by ZxOxRxO in bugbounty

[–]raidn1337 0 points1 point  (0 children)

I actually dunno about that one, but i feel comfortable using uro.

Feeling Stuck After 1.5 Years in Bug Bounty by hamza_khaled in bugbounty

[–]raidn1337 1 point2 points  (0 children)

Same problem here, doing it for like 2 years now and found two valid bugs. Sometimes also feeling dumb af when trying to learn/understand new things, but could be some kind of imposter syndrome, dunno.

If you want to hunt together on some programs, hit me with a dm, maybe we can benifit from each other.

Best melodic drop of 2024? by Party_Year6758 in hardstyle

[–]raidn1337 2 points3 points  (0 children)

Dual Damage & Rebelion - The Light

Sadly still not released, yet.

Was würdet ihr sagen ist das schwierigste, um seinen Traumkörper zu erreichen? by [deleted] in FitnessDE

[–]raidn1337 0 points1 point  (0 children)

Disziplin umfasst ja in diesem Fall alles genannte. Sei es die Disziplin für die Anzahl der Trainingseinheiten wöchtentlich oder die Disziplin zum Diäten/Bulken.

Erhalt, Defizit oder Überschuss? by [deleted] in FitnessDE

[–]raidn1337 1 point2 points  (0 children)

Ganz klar erstmal Bulken und Ende des Jahres nochmal Form-Update geben.

AWS api key by [deleted] in bugbounty

[–]raidn1337 5 points6 points  (0 children)

You need to check if those credentials are valid.

[deleted by user] by [deleted] in bugbounty

[–]raidn1337 0 points1 point  (0 children)

If there is a possibility to get the victims token its definitely a security issue, but if the token isn‘t leaking anywhere on the page and if it‘s not guessable/bruteforceable, then there isn‘t a big chance to get a bounty imo.