Amsterdam, Hackyx, and XSS
First time in Amsterdam, officially launching hackyx.io, the cybersecurity search engine, and starting to hunt XSS vulnerabilities. Next stop: Berlin.
A Search Engine for cybersecurity, Javascript Analysis
Building a cybersecurity search engine, analyzing JavaScript for bug hunting, and realizing that working from trains and coffee shops beats working from home.
Weekly Posts, Hackerone, and a European trip
The first Aituweek post. Starting a weekly habit to share bug bounty progress, HackerOne experiences, and the beginning of a solo European trip.
My first official LHE with YesWeHack !
Two back-to-back YesWeHack live hacking events in two weeks. From the InCyber Forum LHE to HackMeI'mFamous, a full recap of competing and learning at official events.
Bug Bounty seen as a video game
What if bug bounty is just a video game? Cassim draws parallels between hunting vulnerabilities and gaming, from leveling up skills to grinding through targets.
My goals in 2024
Looking back at 2023 with 20k in bounties and 3 months full-time, then setting ambitious goals for 2024. Bug bounty targets, a marathon, and building a sustainable career.
My process when I approch a new target
How to approach a new bug bounty target even when top hackers already found bugs there. Cassim shares his step-by-step process for looking at different places than everyone else.
My setup as a remote hacker
The remote setup of a digital nomad bug bounty hunter. What Cassim uses to work from Tokyo, Paris, or anywhere, and why comfort matters more than specs.
Negotiate your bugs to win more
CVSS is not perfect and the same vulnerability can be worth different amounts. How to properly evaluate your findings and negotiate bug bounty reports to get what they deserve.
Difficulties of being a full-time hunter
The reality behind the big bounty screenshots on Twitter. Cassim exposes the real difficulties of being a full-time bug bounty hunter, from income instability to mental challenges.