A curated list of mindset tips and mental models that will level up your bounty game. For more, head back to the main page.
Source: https://twitter.com/DanielMiessler/status/1296641221696172032
"The difference between motion and action.
Motion:
-talk to a personal trainer
-research your book idea
-explore different types of meditation
Action:
-do 10 squats
-write 1 sentence
-meditate for 1 minute
Motion feels like progress. Action is progress."
– James Clear, Atomic Habits
Source: https://twitter.com/hakluke/status/1345384372820611073
Sometimes, the best way to learn how to hack something is to build it first.
Source: https://twitter.com/0xpatrik/status/1326867341263728640
There are multiple paradigms for long-time success in bug bounty:
1. Bug class specialisation / new research
2. Being faster than anyone else / Detection techniques
3. Looking at different targets / Recon
4 ...
All of these, however, revolve around the word "unique".
Source: https://twitter.com/hakluke/status/1319382749019475969
Video: https://www.youtube.com/watch?v=s-baVDolDpI&lc=UgykSV4QCpdsO_MFZU94AaABAg&ab_channel=hakluke
Contents:
1. Persistence
2. Automation
3. Quality Educational Resources(Pentesterlab, The web application hacker's handbook)
4. Collaboration
5. Community
6. Health
7. Know the basics
8. Do what you're good at
9. Hack where there's less competition
10. Just Start
Source: https://twitter.com/Bugcrowd/status/1352126283505922049
When hunting for bugs, look for features that are complex. As a rule of thumb:
More complex = less secure.