.png)
13 hours ago
8 BOOK THIS SPACE FOR AD
ARTICLE ADStory of P1 Bug that turned out to be ?
🚨 Free Article Link: Click here 👈
whoami ❓
I am Abhirup Konwar (aka LegionHunter). I work as a full-time bug hunter and dedicate the rest of the time in understanding inner workings of open-source malwares.🥷
I have reported over 1000 bugs on OpenBugBounty as well as on HackerOne and BugCrowd along with numerous Hall Of Fame programs including NASA, American Systems (🥇Top 5 Bug Hunter) and self hosted VDP + BBP , with bugs belonging to both Client and Server Injection category, Sensitive Information Disclosure & Broken Access Control.
Brief Methodology
Picked up the target after going through many programs on Bugcrowd, mostly where many subdomains are in scope or all subdomains in scope or all public internet facing assets are in scope.
After finding all subdomains via subfinder, I like to visit each subdomain manually via browser using the extension “Open Multiple URLs”.
Just after few hours of manual crawling along with taking note of the potential functionalities to test later, I…
Bengali (Bangladesh) · 
English (United States) ·