Review of 2024 and goals for 2025

2024 comes to an end now and it's time to review stuff and set new goals for 2025.

This was an amazing year for me and also the first year of being a full-time hunter, so it was important for me to reach my goals.

Did I reach my goals?

I had some goals for myself. Here they are :

• Travel into Europe -> Done
• Finish the Paris Marathon -> Done but not proud of the time
• Finish in the top 20 in YesWeHack -> Not Done
• Reach the mount Fuji -> Not Done
• Take a flat in Paris -> Almost Done
• Go to an LHE -> Done
• Be very good in Cryptography -> Still not done
• Earn 50k -> Done

I'm pretty proud of having done a lot of them, especially in the workspace. But it's only the beginning, a lot of stuff is still cooking.

This year, I traveled a lot and it was amazing, and next year, I will probably travel less and build on other stuff like my running shape and my work.

Money money money

I love people who share all the figures and are transparent as I know it can help a lot of people start bug bounty and know the reality of the job.

So it's my time to share my figures for the year. My goal was to double my salary as I made 20k euros last year being part-time. I wanted to reach almost 50k this year.

To achieve that, I stopped looking at programs with low bounties and I started looking at better programs, more responsive.

I was also still focused on yeswehack as I really love the platform, the team, and the triage.

I reported 69 reports on that platform.

Compared to last year, I reported way more high-impact bugs. And most of them are access control issues.

I earned around 40k on yeswehack this year and I still have some under-review bugs. It was mostly from 2/3 programs.

On HackerOne, I only did the little LHE which was a scam, and earned around 5k with it. And I also reported some other bugs for a total of 7/8k on Hackerone.

I also did some freelance for someone.

And the total is around 50k as I expected.

I'm really proud of this amount. But looking at how I managed my time and my work this year, I know that I can reach more next year.

Also, as you may know, doing bug bounty is not stable in terms of revenues. Yes, I made an engineering salary in France, but it's the total and not every month, so you have to manage your money the best way.

Here is the graph of the year to show you that it's not the same every month :

Some months, I just did not work and some of them I just didn't find any bugs. That's the game and you have to accept it.

This year I focused on programs that pay like 3k for a crit. Next year, I'm more confident in my skills to look at programs that pay more now.

I also did my first LHE with YesWeHack and that was amazing. I'm totally looking for more of them next year.

Travel a lot

This year, I travel a lot, around 6 months of the year. I visited 12 different countries and that was amazing.

I worked from anywhere in the world, and I met new people everywhere.

My favorite places by now are still Japan and South Korea. But next year, I want to try new places like the US or Canada.

But traveling a lot when working is not that simple. You don't have a proper routine, and it's hard to work the best way when you work in a coffee shop with bad internet or stuff like that.

I still want to travel a lot, but having a place to come back and a home is like what I'm trying to make right now.

The mindset of being full-time

I also discovered how it is to be full-time. And it's really nice but you have to face a lot of issues.

The first one is that you will not always find bugs. Sometimes you find a lot of bugs and sometimes nothing, it's a cycle. And you have to accept it and face it. It can be hard but it's the game.

The next one is that there will be some moments where you just don't want to work on that and look for bugs. During this time, you can do what you want and you have to stop looking at bugs if you are not on it because you will find nothing if your mind tells you to not work on it. Some people play video games, others do sport or anything else. I personally look at some other projects like coding stuff. I have too many side projects to work on.

You also have to manage your money to not spend everything when you have a lot of bounty. I still need to work on that, to be honest.

But, in my opinion, that was the best decision for me to start doing that. I'm totally free. I earn the same salary as my engineer friends, I have my own schedule and I can work on what I want. So I have zero regrets. I met so many nice people on this field who became friends, and this game of looking for bugs everywhere is so fun.

2025

As you would expect, I will still do it full-time, but differently. Now I want to stay in the same place for a longer time. To build my running shape, to work better on my project, and to stay near my friends and family.

I did not manage to set all my goals, but I have some that I'm already sure of.

• I want to double my earnings and reach 100k next year
• Come back on the Paris Marathon and reach my initial goal
• Specialize on a topic and be good at it for bug bounty
• Do some freelance in Pentest
• Visit New York ( and run the NY Marathon ? )
• Do more LHE

Looking at the earnings, I will have many ways to do it.

First, I'm now working on programs that pay way more than previously, and I started finding bugs in them so I'm pretty confident I can reach it.

Also, I will do some pentest now that I'm traveling a lot. I already have some contact so it will be helpful.

And if I finally take time to work more on my side projects it can be helpful too.

I also want to be in the H1 LHE cycle so I need to work more on that platform, and that's what I just started.

If you have any questions about anything, feel free to reach me on X or Discord.

Have a nice end of the year!