Hey guys I’m back!
So I have been reporting this particular bug to many different websites to see whether it's worth reporting or not.
What is the bug?
Weak Registration Implementation>Use of Disposable Emails/Phone-numbers
I’ll be telling y’all how I got my first bounty after six months of hunting regularly.
It was an unlisted program, let’s call it example.com. (Always wanted to say this :”) )
So I started hunting on the site with some basic sub-domain enumeration and validation. After validating the sub-domains now it was time to start fuzzing these babies to get some sensitive info. (Evil laugh)
I started my Virtual Machine and started fuzzing the list of sub-domains, at first I did not find anything impactful which sadly continued till the end of the list until I got…
Cyber Security Analyst