.png)
7 hours ago
6 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello, Infosec Community!
I’m Guru Prasad Pattanaik. On the internet, I go by the pseudonym “TH3N00BH4CK3R.” Today, I’m here to share a defining moment in my journey of Bug Bounties—how I identified a critical vulnerability in one of the world’s largest banks, Barclays, and the recognition that followed. This discovery holds a special place in my heart as it was my first-ever triaged bug.
I’m equally eager to hear your thoughts. I would greatly appreciate your insights if you spot any mistakes or have feedback. So, without further ado, let’s dive into the story!
Like all other bug hunters, I began by gathering all the subdomains for target.com and filtered them using the httpx tool to identify active hosts. Once I had a list of responsive subdomains, then, I ran automation tools like Secret Finder to detect potential sensitive data exposures and ffuf tool for directory enumeration, but neither yielded fruitful results.
Next, I shifted my focus to testing the subdomains manually, analyzing their functionalities such as Sign-In/Sign-Up, Forgot Password, Search Input, and Contact Forms, but again, Despite extensive efforts, I still came up empty-handed with no significant findings. I firmly believe in manual testing over complete automation, so I shifted my focus to hacker-friendly search engines like Shodan and Censys, but unfortunately, they didn’t provide any useful findings either.
Sometimes, the most conventional methods fail to yield results, and that’s when thinking outside the box becomes crucial. I began my journey with subdomain enumeration tools, manual testing, and even creative Google Dorking, but all of these efforts turned up empty. It felt like I had hit a dead end — until I decided to explore the Web Archive. This move turned out to be a game-changer. By digging through historical snapshots of the target domain, I uncovered some hidden subdomains, outdated endpoints, and previously exposed configurations that were no longer visible on the live site.
You can use a cleaner version of Web Archive by replacing the target in the URL: https://web.archive.org/cdx/search/cdx?url=*.target.com&output=text&fl=original&collapse=urlkey
The search revealed some untouched domains and endpoints that had been missed by regular methods. One trick I remembered from a Medium Blog turned out to be especially interesting. The hacker in the story had found a Sensitive Information Disclosure just by using “%40” in the find option.
“%40” is the URL encoding for “@”
This filters the result. This simple trick helped them uncover Email Addresses and other sensitive details like CSRF Token, UUID, Password Hashesh, and Forget-Password Links endpoints. It was such a cool reminder of how small tweaks and creative thinking can make all the difference when digging deeper into web research.
This approach not only broadened my perspective about recon but also gave me the breakthrough I needed. Web Archive research proved to be a hidden goldmine, emphasizing that persistence and unconventional techniques are often the keys to unlocking opportunities in bug hunting.
Bug bounties are a race against time, where speed and efficiency can make all the difference. It’s not just about finding the bug. It’s about being the first to report it before your peers beat you to it. The difference between a triaged report and a duplicate report often hinges on mere seconds or minutes. Knowing this, I didn’t waste any time. As soon as I confirmed the bug, I quickly crafted a clear, detailed report and submitted it right away.
In the fast-paced world of bug hunting, every moment counts, and acting swiftly can be the key to success. You won’t believe it — the bug was triaged the very same day because of its severity. Since this was my first valid discovery with such a large company, the excitement was sky-high. The sense of accomplishment was overwhelming. To top it all off, I made it to their Hall of Fame, marking a huge milestone in my bug bounty journey. The joy and pride I felt were truly beyond words.
A huge thank you to all the readers for the incredible love and engagement on my blogs. I’m truly honored and grateful for your support!!
Don’t forget to like, share, and comment! Keep learning and growing!!
LinkedIn: https://www.linkedin.com/in/guru-prasad-pattanaik/
Instagram: https://www.instagram.com/guru.p05/
Twitter: https://x.com/gurupra9161
Bengali (Bangladesh) · 
English (United States) ·