Day 2
I enumerated my target for sub domains in order to increase the scope for my attack vector and found quite a handful of them but as of now couldn't find any low hanging bug. I looked at the API and tried making some requests to them but got a message saying that I am unauthorized(obviously). I tried a few ways to get something but I couldn't. I looked at another target and found something on that target but when I opened the file which I thought was useful turned out to be empty, looks like I just got trolled by the person who made the website. Well gonna try something new tommorow.
I also found this amazing video which was recently released and was presented at the Nahamcon 2021.
Check it out here
Also found this amazing website where bug hunters can find another hunter to collaborate with, haven't tried it myself but seems like a nice place to meet some bug bounty hunters
Check it out here
Don't be dumb on the internet
Top comments (0)