Big scopes, Hunter vs Farmer, and Journaling

I'm quite late this week with this post, as I was working on a lot of different stuff, so here it is.

This past week was both intense and chill, with some moments working a lot on a scope and some other moments just chilling and reading a lot of articles. That's why I love my job, doing what I want when I want.

I came back working on one of my favourite scopes on Hackerone with a friend, and it was great.

Big scopes

I love working on big scopes. When I say big scope, it's not especially with a lot of subdomains, but more with a lot of features.

During December, I stopped working on it as my friend was looking at something else, so instead of working alone on it, I went to crush some targets on Yes We Hack. I took a bunch of different little private programs and found a lot of bugs in them.

The issue with these kinds of scopes is that you don't know the program before sending some reports. The problem here is that it took a lot of time to be triaged and rewarded. The payout was low, and I was aware of that, but they always reduce the CVSS score and try to pay less.

One example is about a simple bug that can leak, without an account, all the IBAN and financial data of all the tenants. That was rated as Medium, and the program didn't understand why I would rate it as High, and just paid it in the Medium range. It's frustrating because you know how devastating it can be for a company to be leaked on the internet, and their data fully publicly exposed, but they just prefer to pay hunter the less possible.

On the other side, with big scopes and programs like Google, Shopify, and so on, they care about their security. They pay way more. You just need more time to find bugs on them, but the payout is much more interesting.

And coming back to my favourite program on HackerOne reminds me that, and finding another High on it, composed of a bunch of different gadgets from different parts of the app, was so much fun. I even made a video to show the exploit that is 7 minutes long. Maybe I should start a youtube carrer to explain the vulnerabilities.

That's why I know I need to focus on theses kind of programs, finding these kinds of bugs, even if I know it's harder and longer to find some.

Hunter vs Farmer

I discovered an article this past week about this concept: https://taylinsimmonds.substack.com/p/im-not-disciplined-but-heres-how

And it was very interesting. It's about the fact of being a farmer or a Hunter. The farmer is the kind of person who is very disciplined, never change and usually stick the their plans.

And the Hunter is more of someone who moves a lot, procrastinates more, and often changes direction. I feel more like a hunter, to be honest, and reading it was very interesting to me.

For instance, I tried for years to manage my time, to count my hours, and to see where I spend my time. But I always fail and come back to doing what I want. That's the same for discipline. I know I can be fully into something and stick to it for a long period of time, like running, as well as some other stuff.

And sometimes, I just want to do nothing, or just change from project to project. Reading this article was really interesting to me, and I highly recommend it to you as well.

Journaling

Starting in 2026, I decided to journal more and use a notebook to help me. I've already used a bunch of notebooks in the past, and I gave up a lot because of the system.

I tried to use a too complicated system, composed of a lot of different parts, and I was able to stick with that for like a month or so.

This time, I've changed a lot, and it's more free. I just write when I want and what I want, without any structure.

So I just bought two notebooks, a classic B6 one from Leuchtturm and a simple, small one from Moleskine.

In the big one, I tend to write longer stuff and think way more about what I'm writing on it. And on the little one, it's basically a brain dump for me, and I write anything in any order.

And I discovered that doing it was very helpful in my life, in different topics. For instance, about hunting, I tend to have more ideas by writing what I already found, or some gadgets I already have. Having a map of what I know helped me pop some bugs recently, so it was really useful.

Also, when listening to something or reading something, writing a bunch of notes about it is really helpful to remember it in the long term. So I'm definitely going to continue this habit.