Adventures in Bug Hunting Part 1
For some time I have been trying my hand at bug bounty hunting. Something I've come to enjoy doing. It's been a learning process (and continues to be), and I love the "thrill of the hunt." Ironically, my first acknowledged bug wasn't an XSS or a SQL injection that I found, or even an IDOR. It was a compromised website that with the help of my friends at Lost Rabbit Labs, were able to determine a few things and report to the appropriate sources. In the process of bug hunting arguably the most important aspect of it, and hacking in general is information gathering. How can you hack something you know nothing about? I did the usual DNS/subdomain gathering, using things like nmap, and then using the handy dandy ffuf for further testing. I also was allowed to use Wisquas, a versatile tool developed by LRL. It's a lot like a vulnerability scanner, and is extremely useful! (I recommend checking them out, and WisQuas. https://lostrabbitlabs.com/ ). Within this tool ...
