Browse Tag

bughunting

A Review of my Bug Hunting Journey

This post is a review of my bug hunting journey so far, from when I just started, to the point where I made it into the Top 200 bug hunters on Bugcrowd recently, after two years on the platform.

My profile statistics as of 30 December 2018

The Beginning Phase

Like anything else in life, you must start somewhere, or you will never make it. The worse way to fail is to never even get started.

Keep Reading

Fastest Fix on Open Bug Bounty Platform

This is a write-up on the Fastest Fix on Open Bug Bounty (OBB) Platform. The security team was extremely prompt in responding and fixing the bug.

I don’t usually write articles related to the bugs that I have reported to organisations through responsible disclosure, however, I have gotten explicit permission from¬†Kevag Telekom GmbH to write a blog post about this report.

Fastest Fix Achievement Badge

To achieve “Fastest Fix” on Open Bug Bounty, it is compulsory to complete all the following within 24 hours:

  1. Reporting a bug through the Open Bug Bounty platform (link)
  2. Contacting the affected organisation (via Twitter, Email, Contact form, etc.)
  3. Providing a Proof of Concept (POC) to demonstrate the vulnerability
  4. Getting the organisation to fix the vulnerability and deploy it to the production environment
  5. Conducting a regression test to verify that the vulnerability has been fixed
  6. Triggering Open Bug Bounty platform to verify the fix and update its tracking status

After successfully completing the above steps within 24 hours, the following simple badge has been earned:

Fastest Fix on Open Bug Bounty
In the name of gamification, OBB provides Security Researchers with Awards and Achievements. They are simple badges that could be earned through fulfilling certain criteria.

Keep Reading