3 min read

Categories

AMA with Mason


๐Ÿ“œ CompTIA Net+ Certified | ๐Ÿ“œ CompTIA Sec+ certified | ๐Ÿž Bugcrowd Hacker ๐Ÿž


  • What are your most discovered vulnerabilities? What vulnerabilities are you professionally looking for?

    • Broken Access Control.


  • Tell us about your setup for bug hunting i.e. toolings, checklist, VPS, note-keeping etc? What will be the scenario of bug bounty in 2021 according to your opinion? There are uncountable resources, so how can I know that which resource is best for me to get started?

    • Honestly nothing fancy, Burp, Notepad++ to take notes, I follow my own methodology checklist and some burp extensions!

    • More money and more opportunity my friend!

    • Listen to interviews from people who have been successful and apply that knowledge to yourself.


  • Q1) How much time you give to bug hunting?

  • Q2) How much time to recon when you start on program?

  • Q3) Android app hunting?

    1. 50-60 hours a week.

    2. When I start a brand new web app, I will spend about 2-3 days doing recon and getting to know the app better.

    3. SPARINGLY but yes Iโ€™ve got a few Android vulns under my belt!


  • How do you approach JS analysis in your methodology?

    • Searching for params, different keywords like Key, Token, redirect, url or any words that are relevant to the app you are testing.


  • Whatโ€™s your hacking schedule?

    • So Mon-Fri is about 8-10 hours and sat-sun is about 4-6 hours.


  • How many breaks do you take during hunting? How long are they? Do you use a timer? What do you do on these breaks?

    • So Iโ€™ve been toying with Pomodoro when doing the recon phase of starting a new app. It definitely helps in absorbing all the information. However when Im just hacking and looking for vulns ill typically do about 6 hours in the morning, 2-3 hour break and then 2-3 hours of hacking.

    • During my breaks, Ill typically eat, game sleep, maybe go kick it with a friend! whatever I want haha.


  • How do you learn new bugs and how do you explore new things in web applications hacking?

    • Pick vulnerabilities -> Exercise on labs -> Read some writeups -> Hunt on a program.


  • You learn hacking from books or video tutorials?

    • Writeups/Labs/Videos. I actually just ordered my first book related to hacking yesterday.


  • Any suggestions on business logic vulnerabilities?

    • Spend time getting to know the app and take lots of notes!! Business logic vulns are unique to the web app itself.


  • I am learning about Graphql right now on a hacking perspective. Should I only focus on important things like interception query or is there a better way to do it?


  • What activities make you better at bug hunting? What resources you think to be good except write-ups? What keeps you motivated?

    • I can answer all that with the same answer. I really do enjoy doing labs and ctf. You learn alot, its also a playground to practice and play around with different vulnerabilities that you otherwise probably would never get a chance to out in the wild @PentesterLab & @WebSecAcademy.


  • What are some signs that you look for to determine whether a bug bounty program is worth going after or not?

    • To me I enjoy an app with alot of features, more features mean more attack surface, more API calls, more code which translates to more mistakes.


  • What was the lamest bug, that made you a decent sized bounty?

    • There was one where I found an IP address belonging to them, went to visit it, downloaded some weird certificate, so I reported it and made $1000. Super weird.


The original twitter AMA can be found here :- https://twitter.com/sillydadddy/status/1333462011657691136