Bug Bounty Reports Explained
@gregxsunday.bsky.social
June 30, 2025 at 10:51 AM
June 28, 2025 at 10:51 AM
June 27, 2025 at 10:51 AM
June 26, 2025 at 10:50 AM
June 25, 2025 at 10:47 AM
GraphQL isn’t just an API to deliver our payloads. Often, its implementations are what actually cause them. To see what bugs it can lead to, studied disclosed bug bounty reports. IDORs, privescs, DoS, CSRFs, SQLis - it's all there. Enjoy!
Enjoy the videos and music that you love, upload original content and share it all with friends, family and the world on YouTube.
youtu.be
June 24, 2025 at 11:39 AM
GraphQL isn’t just an API to deliver our payloads. Often, its implementations are what actually cause them. To see what bugs it can lead to, studied disclosed bug bounty reports. IDORs, privescs, DoS, CSRFs, SQLis - it's all there. Enjoy!
If your GraphQL testing stops at introspection and ID swapping, you’re missing out. SQLi, CSRF, caching bugs, race conditions, WebSocket bypasses - it’s all there. I studies 90 real reports to find what actually works.
June 16, 2025 at 2:33 PM
If your GraphQL testing stops at introspection and ID swapping, you’re missing out. SQLi, CSRF, caching bugs, race conditions, WebSocket bypasses - it’s all there. I studies 90 real reports to find what actually works.
June 16, 2025 at 10:03 AM
This is why you should run bug bounty tools from a VPS feat. Arthur Aires #bugbounty #bugbountytips #bugbountyhunter
June 14, 2025 at 11:02 AM
This is why you should run bug bounty tools from a VPS feat. Arthur Aires #bugbounty #bugbountytips #bugbountyhunter
June 13, 2025 at 11:03 AM
June 12, 2025 at 11:07 AM
June 12, 2025 at 11:06 AM
Automation to get Hackerone program updates feat. Arthur Aires #bugbounty #bugbountytips #bugbountyhunter
June 11, 2025 at 11:06 AM
Automation to get Hackerone program updates feat. Arthur Aires #bugbounty #bugbountytips #bugbountyhunter
In today’s episode, Arthur Aires shares his bug bounty methodology which starts with heavy fuzzing and automation to find the best assets for manual exploitation and escalation. Enjoy!🔥
Enjoy the videos and music that you love, upload original content and share it all with friends, family and the world on YouTube.
youtu.be
June 10, 2025 at 2:35 PM
In today’s episode, Arthur Aires shares his bug bounty methodology which starts with heavy fuzzing and automation to find the best assets for manual exploitation and escalation. Enjoy!🔥
In this video, Arthur Aires walks us through two real-world deserialization RCEs that include bypassing a class allowlist and then exfiltrating data via DNS.
Techniques you'll want in your toolbox. Enjoy!
Techniques you'll want in your toolbox. Enjoy!
Enjoy the videos and music that you love, upload original content and share it all with friends, family and the world on YouTube.
youtu.be
May 28, 2025 at 10:31 AM
In this video, Arthur Aires walks us through two real-world deserialization RCEs that include bypassing a class allowlist and then exfiltrating data via DNS.
Techniques you'll want in your toolbox. Enjoy!
Techniques you'll want in your toolbox. Enjoy!
An ATO that doesn’t make sense feat. Jasmin “JR0ch17” Landry #bugbounty #bugbountytips #bugbountyhunter
May 21, 2025 at 9:14 AM
An ATO that doesn’t make sense feat. Jasmin “JR0ch17” Landry #bugbounty #bugbountytips #bugbountyhunter
Manipulating referer policy when DOM Purify is used feat. Jasmin “JR0ch17” Landry #bugbounty #bugbountytips #bugbountyhunter
May 20, 2025 at 9:13 AM
Manipulating referer policy when DOM Purify is used feat. Jasmin “JR0ch17” Landry #bugbounty #bugbountytips #bugbountyhunter
May 19, 2025 at 9:11 AM
Using match and replace rules for quickly applying polyglot payloads feat. Jasmin “JR0ch17” Landry #bugbounty #bugbountytips #bugbountyhunter
May 17, 2025 at 9:11 AM
Using match and replace rules for quickly applying polyglot payloads feat. Jasmin “JR0ch17” Landry #bugbounty #bugbountytips #bugbountyhunter
May 16, 2025 at 9:19 AM
In this episode, Jasmin “JR0ch17” Landry breaks down how he consistently lands highs and crits - from SSRFs to less common bugs like XXEs and SQLis. Enjoy🔥
Enjoy the videos and music that you love, upload original content and share it all with friends, family and the world on YouTube.
youtu.be
May 14, 2025 at 2:03 PM
In this episode, Jasmin “JR0ch17” Landry breaks down how he consistently lands highs and crits - from SSRFs to less common bugs like XXEs and SQLis. Enjoy🔥
Hunting for privilege escalations by modifying the JS feat. @renniepak.nl #bugbounty #bugbountytips #bugbountyhunter
March 19, 2025 at 11:57 AM
Hunting for privilege escalations by modifying the JS feat. @renniepak.nl #bugbounty #bugbountytips #bugbountyhunter
March 18, 2025 at 11:57 AM
March 17, 2025 at 11:57 AM
The mysterious bug bounty methodology
March 15, 2025 at 11:57 AM
The mysterious bug bounty methodology