Bug Bounty

How DDay Became The Most Valuable Hacker

Most Valuable Hacker at a HackerOne Live Hacking Event is the most prestigious award in the bug bounty space today. Douglas Day won it at H1-305 earlier this year in 2024 and has shared his experience in this blog post. I especially liked this part, which is very...

How a top hunter figures out a complex target

We all read bug bounty write-ups and learn from them. However, the bug is always the culmination of the bug hunting process. We never see the initial phase, where the hunter is confused with everything and only learns how to use and understand the parameters. Ron Chan...

Oh Sh*t bug bounty moments

Bug bounty is means hacking is mostly done on production targets. And we can be as careful as possible, we’ll still break things at times. Here’s a thread with some Oh Sh*t bug bounty moments from the community. https://x.com/hacker_/status/1509986966384877569

Monke’s Guide to Bug Bounty Methodology

Monke disclosed his whole bug bounty methodology and included many interesting topics like program selection, scope selection or tools used but also important non-technical aspects like mental health and collaboration....

The 3 biggest lessons from my first LHE

I’ve been a participant of the h1-702 Live Hacking Event in Las Vegas and it was an unforgettable experience! This one week profoundly changed the way I see bug bounty. In this article, I’ll describe my biggest lessons from the LHE. Of course, most technical things...