.png)
8 months ago
44 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello, This write up is all about my only 1 heart breaking mistake 💔 accidentally pays me thousands of dollars and also got my first future job offer from multi billion dollar Korean MNC. 💼🌟 (I can’t tell you company name because of privacy).
I’m getting a lot of DMs about this, so I decided to write up one article to answer all of your questions.
Titled : ‘At age of 18, How I got “future” Job Offer from Korean MNC’.
If you haven’t read my previous two stories, I’ll give you the links at the end of this one.
Few days ago, I have posted in LinkedIn about my 2nd time 4 fig. Bounty (~$2259). After receiving bounty, From that their partner company I have received the mail.
But what is this? and why I received another bounty other than $2259? And why I got “Future” job offer. (This is about “Future” job offer not immediate.)
Okay, so here’s what happened. I was hunting in a company that offers rewards for finding security vulnerabilities, but they only paid for finding vulnerabilities with hardware, firmware, and other products, not for finding security vulnerabilities for websites.
Unfortunately, I made a big mistake by not reading their rules carefully. I started searching for security problems on their website without knowing they didn’t reward for that. This was the mistake I mentioned at the beginning of the story. I found 10+ high and critical vulnerabilities in just about a week. I was surprised at how many issues I found so quickly. Then I realized I should read the rules again. That’s when I discovered they didn’t pay for finding web vulnerabilities. It was really heart breaking movement for me💔. But this mistake after paid me in thousands of dollars and got first offer for future job. Company told me that they only pay for 2 reports and amount is — $2259. It was a huge amount for me, and it is game changing time💪🔄. Even though they only paid for two reports, the reward was substantial.
So, out of the 10+ reports I submitted, 4 of reports (2FA bypass, IDOR, BAC lead to OTP bypass, BAC lead to verification bypass) were about its partner company. Let’s say Company A owns both Company B and Company C. I found vulnerabilities in Company B and Company C, and I reported all of vulnerabilities to Company B. Then, Company B forwarded those 4 reports to Company C.
Company C replies me that they don’t have bug bounty program and not ready to handle this type of critical situation, but they are discussing internally about this and they can pay me $100 only.
One day, I just finished my lecture and I left classroom. As I checked my email, I received a message that literally Freeze my mind 😳.
They said me that “One day if you become a tycoon in the industry you working in, please let me know, there is a job opening for infosec. Hope you have a wonderful day and a bright future ahead.”
Already mentioned before in image.
[tycoon means “Expert of the Field/Industry”.]
This experience showed me that mistakes can lead to good things. Even though I messed up by not reading the rules properly, it ended up getting me a lot of money and a job offer. It’s a reminder that sometimes things turn out okay even when they start off wrong. I’m thankful for what happened and excited for what’s next in my journey.😊🙌🔒
Follow Me On Linked in (Most Active):
https://www.linkedin.com/in/manan-sanghvi-799863176/
Follow Me On Twitter (I’m not very active there, But still you can connect):
https://twitter.com/An____Anonymous
Other 2 write ups :
Bengali (Bangladesh) · 
English (United States) ·