My First HOF(Hall of Fame)

Hello everyone, I am Rishabh Singh, today I want to tell you how I started and how I got my first HOF.

HOW DID I START?

So, first of all, I want to tell you that I am working in the automobile sector from the last 4 years and I don't have a technical background. I always used to learn something new so I met with my brother DarkLotus in April 2021 and asked him how is he doing? so he tells me about his work and I got some interest as he is a bug bounty hunter. And I started learning.

I followed all the things which he told me and I got my first HOF in a month period. And Below are the things that I do on daily basis:

I read blogs on medium.Follow the big bounty hunters on Twitter and read their tweets.I watched Mr. Robot(web series on prime video) for the perfect mindset.I learned OWASP Top 10 from bug-bounty-hunting-offensive-approach-to-hunt-bugs by Vikas Chaudhary sir.

How I Got my First Hall of Fame:

After learning few things I started to hunt on sites that gave HOF then I found a site phillips.com, I start hunting on that site after 3–4 hours then I found 2 bugs through Broken Link Hijacking.

Bug 1: Broken link hijacking via unregistered username on social media handle.

Bug 2: Broken link hijacking via unregistered domain on the sensitive endpoint.

Vulnerability Summary: Broken Link Hijacking (BLH) exists whenever a target links to an expired domain or page. Broken Link Hijacking comes in two forms, reflected and stored and I used the reference of Edoverflow blog and made a POC, and then I got revert after 7 days that my submission was accepted and they will add my name to their HOF.

And finally, I got my first Hall of Fame. Thanks again DarkLotus and all community members for this achievement.

You can follow me on Twitter for more updates :) @rsbarsania

Thanks for reading and happy hacking…❤