I think the reason cool and creative bugs often don't have a big impact, is that you found a way to do something weird on the site, but you're searching for a way to barely exploit it. That requires some really creative thinking to find a cool bug. When you just find a CVE with some big impact on a site, you're not thinking very creatively and just want to report it as soon as possible
Well, counterintuitively, the bugs I am finding on this program are more complex and harder to exploit that bugs that I was finding on public ones. I am also waiting for the next 100 hour video from Elastic but I am starting to think that before I get the disclosure there, I will finish the 50 hours on this private program and since I won't have to wait for disclosures here, I may publish this bounty vlog earlier.
I think you're wasting away your genius thinking with these bug bounties. You can probably score much more in traditional pentesting with your skills, and way less friction.
@Cristi Vlad I'm just curious to know more about that. What does the traditional pentesting mean? Is it like freelance pentesting service more like bug bounty hunting? Or, Is it joining a company as a pentester?
Hi!
In a few days, the price of BBRE Premium goes up but if you subscribe, you will lock in the current price forever! Go to bbre.dev/premium
Hey bro can learn web development make someone a better hacker
???
yes
@@francisdonald4298 ye its more easy for developers to find bugs,have a friend working dev in java,he found great bugs in programs thats use java.
@@axelvirtus2514 i appreciate thanks bro
I think the reason cool and creative bugs often don't have a big impact, is that you found a way to do something weird on the site, but you're searching for a way to barely exploit it. That requires some really creative thinking to find a cool bug. When you just find a CVE with some big impact on a site, you're not thinking very creatively and just want to report it as soon as possible
Cool find!
love your content brother❤
Well done! Thanks for video
Cool find!
You feel any difference in "difficulty" when comparing public an private programs?
Also, im still waiting for the next 100 hour video!
Well, counterintuitively, the bugs I am finding on this program are more complex and harder to exploit that bugs that I was finding on public ones.
I am also waiting for the next 100 hour video from Elastic but I am starting to think that before I get the disclosure there, I will finish the 50 hours on this private program and since I won't have to wait for disclosures here, I may publish this bounty vlog earlier.
how did you learn web app security.
❤❤❤
Hello, I need you and your help with my revenge plan, and I can explain to you why I want revenge and with the right evidence, can you help me?
No
How can we bypass the BBRE PREMIUM ? he he he
Actually, one guy did, accidentally, and he has the free subscription now
wow, that's great. I should try then 😀
I think you're wasting away your genius thinking with these bug bounties. You can probably score much more in traditional pentesting with your skills, and way less friction.
I will consider this option but after a few years.
@Cristi Vlad I'm just curious to know more about that. What does the traditional pentesting mean? Is it like freelance pentesting service more like bug bounty hunting? Or, Is it joining a company as a pentester?
3:30 : !
7:47 : !*!