Let’s get started!

Hey guys I’m back!

So I have been reporting this particular bug to many different websites to see whether it's worth reporting or not.

What is the bug?

Weak Registration Implementation>Use of Disposable Emails/Phone-numbers

Osu! Mina-san

I’ll be telling y’all how I got my first bounty after six months of hunting regularly.

It was an unlisted program, let’s call it example.com. (Always wanted to say this :”) )

So I started hunting on the site with some basic sub-domain enumeration and validation. After validating the sub-domains now it was time to start fuzzing these babies to get some sensitive info. (Evil laugh)

I started my Virtual Machine and started fuzzing the list of sub-domains, at first I did not find anything impactful which sadly continued till the end of the list until I got…


Cyber Security Analyst

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store