Profile avatar
yu5k3.bsky.social
Doing security research. For whom?..
60 posts 624 followers 169 following
Regular Contributor
Active Commenter
Posts 13 Comments 37

πŸ˜΅β€πŸ’« 2025 YTD #BugBounty stats update, Week 8: πŸ“„ 2 issues Reported (1 Crit, 1 Medium) As you can see, the stats became even worse this week πŸ˜† One RCE got classified as Medium for the first time in my life 🀯 Trying to negotiate and explain its impact, let's see how it goes...

submitted 12 days ago β€’ 2 comments

😐 2025 YTD #BugBounty stats update, Weeks 6-7: πŸ“„ 2 issues Reported (2 Crit) Reported 2 RCEs and sticking to my plan of focusing on Criticals. Not too much for two weeks, but chaining vulns takes more time than expected.

submitted 20 days ago β€’ 1 comment

πŸš€ 2025 YTD #BugBounty stats update, Week 5: πŸ“„ 0 issues Reported I took the last days of my parental leave in Jan and spent most of the time with kids and family. No reports, no vulns, just quality time πŸ‘¨β€πŸ‘©β€πŸ‘§β€πŸ‘¦

submitted 31 days ago β€’ 1 comment

The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2024! portswigger.net/research/top...

submitted 33 days ago β€’ 2 comments

Server-Side Prototype Pollution gadget collection https://github.com/KTH-LangSec/server-side-prototype-pollution #BBRENewsletter87

submitted 43 days ago β€’ 1 comment

Now's the time to vote for the Top 10 Web Hacking Techniques of 2024! I'm excited to see my research "Exploiting the Unexploitable Insights from the Kibana Bug Bounty" nominated this year! 😎

submitted 53 days ago β€’ 1 comment

πŸŽ„ 2024 YTD #BugBounty stats update, Week 51: πŸ“„ 12 issues Reported (5 Crit, 3 High, 4 Medium) πŸ’° 4 issues Paid βšͺ 1 Informational πŸ”΄ 1 OOS Reported Prompt Injection, so I'm in the club now, bro 😎

submitted 72 days ago β€’ 1 comment

🫑 2024 YTD #BugBounty stats update, Week 50: πŸ“„ 11 issues Reported (5 Crit, 3 High, 3 Medium) πŸ’° 4 issues Paid βšͺ 1 Informational πŸ”΄ 1 OOS Keeping my promise to report something every week, even if it's not super critical or exciting.

submitted 83 days ago β€’ 1 comment

✌️ Bug Bounty Tip: If you don't have time to watch the full video, just check out this slide! If you find a very restricted Prototype Pollution where you can only add empty objects or arrays to the prototype, but the gadget requires properties with payloads.. #bugbounty #bugbountytips #bugbountytip

submitted 88 days ago β€’ 1 comment

Dear Bug Bounty programs, You cannot simultaneously prohibit bug escalation and pivoting _and_ insist reports include accurate evidenced risk calculations. Regards, A tired bug hunter

submitted 90 days ago β€’ 4 comments

πŸ€’ 2024 YTD #BugBounty stats update, Week 48-49: πŸ“„ 9 issues Reported (5 Crit, 3 High, 1 Medium) πŸ’° 4 issues Paid βšͺ 1 Informational πŸ”΄ 1 OOS me: Starting full-time BB πŸ˜ŽπŸ’»βœ¨ Universe: Here, have the flu and a fever for a week 😜 me: Cool... not quite the "hot start" I had in mind πŸ₯²

submitted 90 days ago β€’ 1 comment

Developers: β€œFinally…” Bug Hunters: β€œWe had a good run, old friend!”

submitted 96 days ago β€’ 0 comments

submitted 99 days ago β€’ 2 comments