52 @X accounts with a bug bounty platform 🪲🔍 @Ravro_ir @redstorm_io @saloonfinance @scantitan @SecunaSecurity @sherlockdefi @SlowMist_Team @swarmnetics @synack @Testbirds @thebugbounty @thezdi @v1bounty @vulnscope @yeswehack @yogoshaofficial @zerocopter 🧵 3/3

52 @X accounts with a bug bounty platform 🪲🔍 @detectify @d_vuln @epicbounties @federacy @Findbugks @gobugfree @HackenProof @hacker0x01 @hackrate @HACKTIFY @hacktrophy @HatsFinance @huntrdev @immunefi @inspectiv @intigriti @nordicdefender @openbugbounty @pentabug 🧵 2/3

Join our huntr Discord ➡️ bit.ly/3s3wsIl

More big news! We have acquired @huntrdev to create the world’s first AI/ML bug bounty platform. Join us in our mission to protect AI/ML from security threats and attacks, and earn up to $50k in bounties. Register now at huntr.mlsecops.com. #huntr #bugbounty

100 Days of Hacking! Day 83 #Special ⬇ ~# How to get your 1st CVE 📍❤️‍🔥 - Choose a Project - Identify a vulnerability - Confirm its impact - Notify the vendor - Collaborate on a fix (suggest) - Request a CVE - Document the issue - Submit to a CNA - Receive CVE ID - Share responsibly This resources will guide you, how ⤵️ - A Simple Guide to Getting CVEs Published trustwave.com/en-us/resource… - How to get your 1st: securitycafe.ro/2021/11/01/h… - Road map to getting your first cve: slideshare.net/ShreyaPohekar… - CVE IDs and How to Get Them: cve.mitre.org/CVEIDsAndHowTo… - Using GitHub to manage your first CVE: authzed.com/blog/using-githu… - Almost every publicly available CVE PoC github.com/trickest/cve - CVE assignment documentation github.com/RedHatProductSecu… - Read Hacktivity: @huntrdev @huntrHacktivity #Pentesting #Hacking #bugbountytips #infosec #cybersecuritytips #redteam #CTF #pwn #blueteam #Offsec #100DaysOfHacking #networksecurity #Software #coding #programming #computer #Hardware #BugBounty #CybersecurityNews #cybersecurity #CyberSecurityAwareness

I placed 1st on the leaderboard (30 days) at @huntrdev .

Hello @huntrdev Can you please assign CVE here, as asked by the maintainer huntr.dev/bounties/f3782eb1-…

🫴 Security fix for @nuxt_modules Nuxt API Party: nuxt-api-party.byjohann.dev A vulnerability allowed attackers to leak secret API keys. Fixed in v0.13.0 – please update. 🙆‍♂️ Reported by @huntrdev. Much appreciated!

Couldn't agree more with all of the points. Some programs and platforms should specifically take a look at number three (random(?) tag @huntrdev) github.com/hakluke/bug-bount…

I got my first public CVE published (CVE-2023-2239), used @huntrdev - it was a super simple vulnerability, but a high risk one regardless 🙂 - huntr.dev/bounties/edeff16b-… #Vulnerability #securityresearch #infosec #CVE #bugbounty

30% commission please

Top 11 worldwide for past 30 days vulnerability submitted at @huntrdev 🔥 Thanks @yappare for recommending this platform :3

I’m excited to participate in Open Source Summit North America 2023 in Vancouver, Canada! Together with Adam Nygate of @huntrdev, we’ll speak about "The Supply Chain Conundrum and Why Traditional Application Security Is Failing Us". sched.co/1K58D #OSSummit #SupplyChain

Pre Auth REC via SQLi CSRF in a open source php application, already reported through @huntrdev

Hitting it tonight on @huntrdev What I like most about the platform is helping smaller, open source projects secure their code and software. It's not about the money as much as it is the little guy, and sometimes ensuring best security practices move mountains for them.

First place on @huntrdev ! :)

Thanks to @icougil for helping us debugging the stripe issue, to @rezaduty for finding and reporting the security issues and to @huntrdev for issuing our first two CVEs 🥳

I tried for a bit and got bored. The bug bounty world is crowded, and I believe it takes advantage of people. Anymore I mess around on @huntrdev, where I get to chase projects I want, not worry about invitations, and actually make a difference securing FOSS projects.

You rock!

It's all Github projects. Some can be a pain, so I usually look around for things that well maintained installation directions or can load into Docker. If you ever need someone for Live Recon and want to talk about the platform I'd love to do so.