Bug Bounty

Bug bounty hunting insights, strategies, and experiences from a full-time hunter on YesWeHack, HackerOne, and Intigriti.

Building a SAAS, and some automations

A dev-heavy week in Paris. Meeting coworking spaces for ReWorker, building new SaaS features, and thinking about what parts of bug bounty to automate versus do manually.

Enjoying being full-time, automation

Juggling multiple projects as a full-time hunter. Building automation not to be first on bugs, but to know where to focus. A hard-working phase to build a strong foundation.

LeHack, Client Side vulns

Testing automation at the LeHack live hacking event, finishing the n8n scanning setup, and diving deep into client-side vulnerability research.

Specialization, Javascript, and Automation

Choosing to specialize rather than stay average at everything. Analyzing what skills matter most in bug bounty, building automation, and diving into JavaScript security.

Public programs, Recon and ReWorker

Launching the ReWorker side project MVP, shifting from private to public bug bounty programs, and getting back into recon. Managing multiple projects as a full-time hunter.

Back on Track, Pentest and Sport

Back to hacking after a dev-focused stretch. Joining a HackerOne public program event, embracing the freedom of choosing what to work on, and balancing bug bounty with sport.

Rest week, Planning and Event

Back in Paris after Istanbul. A rest week with friends, less hacking, more planning. Mapping out the next steps for bug bounty, sport, and development projects.

Hackyx, State of the Art and AI

Working on Hackyx from a coworking in Istanbul, exploring AI applications in security, and walking streets that feel straight out of Assassin's Creed Revelations.

Dev, dev, and dev

A full dev week from Budapest. Rewriting Hackyx with Next.js for server-side features, learning a new framework, and briefly exploring a new European city.