BBRE Premium is a membership focused on hacking web applications and bug bounty.
Become a member and every two weeks you will receive emails with hacking tips, tool tutorials, case studies or career advice. If that’s not enough for you, you will instantly get access to the archive with over 400 articles.
Maybe it’s stupid but as a pentester, finding bugs that others miss was my motivation to continuously learn new stuff. In bug bounty, with so much competition, we don’t even have a choice but we have to stand out from others.
There are tons of low-quality articles and tips out there. I’m spending a lot of time reading them and filtering out the good ones. I don’t have to keep it for myself so I’m sharing it with you in BBRE Premium.
You can get access to the private Discord server. Unlike the public ones, you won’t be one of thousands of members and it’s much easier to connect in a smaller community.
Every two weeks you will receive an email with new articles that will make you continuously learn instead of having a burst of motivation followed by not doing anything later.
example from issue #37
Pause-based desync attacks explained
Example from issue #41:
How to avoid being overwhelmed when reviewing the code?
Example from issue #40:
SSRF – CASE STUDY OF 124 BUG BOUNTY REPORTS
Example from issue #10:
Finding bugs in regexes, even if you don’t know them well
Example from issue #41:
You will get access to Discord community where you can meed like-minded people, make friends, learn from others and hack together!
While from the outside, the free Bug Bounty Reports Explained YouTube channel and the paywalled BBRE Premium may seem like separate things, the truth is that without BBRE Premium I wouldn’t be able to dedicate so much time into creating those free resources for the whole community. I know for a fact how many people benefit from them and I want each member to know that by being a BBRE Premium subscriber, you support the whole community.
5 years if you find low-risk vulnerability in GitLab ($500)
10 years if you find medium-risk vulnerability in PayPal ($1000)
101 years if you find high-risk vulnerability in Shopify ($10,000)
303 years if you find critical-risk vulnerability in GitHub ($30,000)
New emails every 2 weeks
Access to all the articles in the archive
Access to the private Discord community
I was a pentester but I made a decision to quit my job for bug bounty and creating content. I’m documenting my learning journey by creating the best materials about web-security in the form of this newsletter, Bug Bounty Reports Explained YouTube channel, Bug Bounty Reports Discussed podcast and all the other social media channels.
contains 4 articles which are mostly links with some of my recommendations of why you should read those links.
The total amount of words is 352.
contains 7 articles.
4 of them are mostly links with some of my recommendations of why you should read those links. But the additional 3 articles are not links. Two are articles written by me and one is a summary of a conference talk.
The total amount of words is 3117, almost 9 times more than in the free newsletter!
No. When BBRE Premium was smaller, I used to generate a one-time payment link to then manually insert the transaction into my website but it was time consuming and at this scale, I can no longer afford it.
BBRE Premium is focused on offensive web security so it’s the best match for bug bounty hunters, pentesters and application security engineers.
BBRE Premium is not for beginners. It’s focused on intermediate and advanced topics. There are tons of great free materials for beginners out there.
Every 2 weeks, on Tuesday.
You will receive 26 emails per year and immediately after subscribing access to the whole email archive with all the past issues.
No, as far as I know, there are no secret links. The premium is not about sharing links but. It’s either articles written by me or summaries of longer articles or videos written by someone else.
For example, in the 10th issue, I made a summary of the talk by Shubs’ about source code review. It was publicly available on YouTube but you could either spend an hour watching it or read my summary with takeaways and linked tools. It was no secret but it saved my subscribers a lot of time.
I have a policy that in these situations, I return half of the difference, eg. $10 if you didn’t apply a $20 coupon. One of the reasons is that I’ve already paid the transaction fee from the full price.
Bug Bounty Reports Explained @ 2024. All rights reserved.