#bug-bounty

is it ok the skip networking in pre security since its premium? i am a beginner

Hey everyone

thats one of the most important aspects, search for NetworkChuck on youtube, he has free networking course

As per Google A bug bounty program is a crowdsourced security initiative where organizations reward ethical hackers for discovering and responsibly reporting software vulnerabilities before they are exploited

What's that 🤔

Got it

ok thanks

Gave +1 Rep to @sharp blaze (current: #3736 - 1)

Bruh

Thanks

Gave +1 Rep to @fervent harbor (current: #3736 - 1)

hell yea i mean no

does someone where i can find promotion codes for tryhackme payment?

Try ChatGPT. I got somewhere from 30%-40% off. Totaling around ~$45 knocked off. I use it every time for all kinds of related things.

@obtuse fern

@obtuse fern ^ multiple rooms

Done!

Thanks for reporting 🙂

Gave +1 Rep to @vivid topaz (current: #377 - 24)

Hi

Hello

Whats going on brothers?

I am a beginner and learning Pre Security form THM

Who want to become my career companion and friend to share things with DM

I am waiting for someone who wants?

Happy Hacking

wassup brotha

thats great

happy hacking to u too!

I need an advice.
As someone who is just getting into bug bounty, what will be your advice. Should I or should I not get into it. It seems a little useless ? Because mythos etc , however speculative, is a future possibility. If ai can automate the whole process of bug hunting and even recommending fixes, isn't it better to get into ai security or maybe cloud security? Or something that has a scope of being relevant for a longer period of time ?

My perspective could be due to lack of knowledge, kindly enlighten 🙂

Don’t worry too much about AI it’s more Hype then people actually know how to use it right. Improve your skills and use AI as a tool

https://github.com/Mr-Destroyer/endpointhunter hidden api endpoint finder with param queries ,

Thanks ! 😊

Gave +1 Rep to @zenith bluff (current: #900 - 8)

some ai also a threat in security! they hack email and computer as well

DM

Hello, just leaving a footprint. Security Researcher and Engineer trying to get back into Bug bounties. Have 6 years in the field and still learning daily. DM me if anyone wants to run some rooms, study, or bug programs

thats beautiful

Hey can I ask someone a question ASAP in DMs about a bug bounty I might have just got

Hi, how do you make AI help you? I have to reasure my ai im working white hat 10 times before its giving me answer to my question (also answer is shit) im sending stuff and its telling me it wont help and that i should delete this conversation all the time

read up on prompt injection to manipulate Ai models. Some models are better than others on providing educated instructions and assisting with certain security task.

such as?

such as what? If you're referring to which models are best, I suggest researching on that to get your own understanding. It's subjective on which models are "best" for certain task

i see, thanks

im getting best results with gemini but I still cant do certain things

it got to the point I had to send fake email and screenshot it to ai lol

depending on the model a good rule of thumb is to create a "workspace" from what some platforms refer to as and give it direct and thorough instructions to ensure that doesn't happen. You also have to learn how to word certain things to get those responses.

here is a reference: https://www.bugcrowd.com/blog/a-guide-to-the-hidden-threat-of-prompt-injection/

use other models as well when you are performing work or learning. Some perform different task better than others

Hi everyone 👋
I just joined this channel. I'm currently learning penetration testing and looking for someone experienced who could guide me or mentor me.

If anyone is willing to help or point me in the right direction, I’d really appreciate it. Thanks!

looking for people to add to a growing team bug bounty/red team and security focused group people who are actually trying to learn not just lurk
you do not need to be an expert but you need to be active curious and willing to put in work focused on real world skills like recon vulnerability research web testing api analysis and general offensive security mindset
this is for people who want to level up together share findings and build real experience not just theory if you are consistent ask questions and actually show up you will fit in
drop in if you want to grow in tech and be around others doing the same🫡. Private Dm Me!

Hey there guys I’m new here and recently started learning about the fundamentals of cybersecurity. I would like to try bug bounty in the future, but for now I would like to make sure that I have the “ground” to step on. Is anyone interested in learn with me or mentor if it’s not too much of a problem? Thank you in advance. Y’all can dm me, I’d love to meet.

Hey! I saw your message and I’m in the exact same boat. I’ve recently started with the Networking Fundamentals as well. I’m following a structured roadmap to make sure my 'ground' is solid before jumping into Bug Bounty. I'd love to team up and grind through the labs together. Let's connect!

Welcome! I’m a fellow beginner and also just started my journey. I've got a pretty solid roadmap that I’m using to navigate Phase 0 right now (Networking & Linux fundamentals). I’d love to connect! Having a study partner makes the grind a lot easier and we can help each other level up faster.

How to get started with bug bounty

With Pre Security

Then you will find your own way. Keep Going.

That's not a straight path.

Thx

Read existing reports to get to know different methodologies

hahahahaha

But I am saying right that you should just started.

You can start with Pre Security

Cyber Security is not stuck

It changes every second so adapting it

Know jus start with pre security course at THM

I am also at it

Thx for the advice

hey I would like to team up as well

hi

i have 2yr + experience in cyber sec in domains like reverse engineering , some android pentesting , web app pentesting , and Ai as well.

i would like to team up with well experienced hackers

for knowledge and ctf solving

Hiee i also want a team iam a web app pentester

I have 1yr core experience

anyone into CVE hunting

I would like to team up as well

Is there a separate group created so we could hunt and learn stuff ??

Hi everyone, I'm looking for someone who'll scam with me and earn!

i did replied you do check

sure

Hello I'm better decent with hacking more of offensive anyone wanna team up

I want learn does anybody have time to mentor or anything, I have a roadmap and I want get started with windows basics and networking

Hi

I'll send you pm

How do I know if I can be useful?

Useful for what

@night gust I’m just looking to make friends with similar interests. I’d like to do bug bounties, challenges and projects. Until now I’ve learned almost nothing in college and I’m thinking of dropping out. If anybody wants to learn along with you can dm me.

Wanna team up ?

Me , I'm starting to learn bb too let's connect.

U are sting did u clear your fundamental ?

I'm in class rn wait let me text u when this class ends

Ok

Yep

Yep

come dm

🤨

@gentle bear I just sent a friend request. Teach me whatever you can bro and try to tag along.

Yo

Even I'm starting from scratch bro.

Yea

Bro I didn’t study hard enough or I just took useless classes

I do use Linux and rn I'm a masters student in computer applications.

@gentle bear wow

Na still learning. First networking.

I kinda want finish with iIT

IT

Yea nice

begginer ohh if i want i will be your mentor

Yes please.

if u are into off sec

i know about off sec

Create a server let's learn there

Yes

u also begginer

I'm planning to start learning idor vulnerability but haven't started. Whatever u say we go along with that ig

I am a begunner

come dm

I can’t spell I have auto correct off

come dm

I have classes till 4pm.

okay

Yo

I’m here

i am kidding u know 😂

@slim anvil @gentle bear what's ur level?

Levels? What levels? Consider me 0

heyy, new member here👋

im a green hat

I might've joined this server 1 Yr ago but I never used thm, all I did was login and yah that's it. I've been learning from pwn.ccollege (linux)

U use Linux or windows

Linux (cachyos)

I'm about to distro hop again for 1 last time let's c.

http://<metasploitable-ip>/dvwa

And do the cybersecurity paths on thm

I still use old school Debian

hi

I have tried using Linux but setting it up is confusing.

What distro?

what happend ?

today i downloaded Metasploit2 its amazing actully !

Well I downloaded it with the help of some tutorial, but i think the video was made like five years back so the version was not the version i downloaded, but i think i will delete it if possible then restart. Thanks for asking.

Nah, it's mostly pretty straight forward (unless we're talking about gentoo/Arch/LFS)

@severe badge DM me

what level ?

How well are u with cybersecurity

intermediate level

Wanna team up

check your dm dude we already talk yesterday

@torn stump

R u the same guy who said, I team up with experienced ppl?

Nvm it was the other guy

@severe badge Hi Crypo s33d I can see you are having some trouble?

can we team up?

DM me

Hi guys !

Needed a little help

I've recently finished the web fundamentals path

And I wanted to practice some CTF style rooms

Is there like a list of machines I can begin with on thm

do the ones Guatamela/ bsides themed machines

bro

are u being serious

wdym by "provide a hack"

BRO 😭😭

im not assuming that

idk what ur on

:hammer: zerox25122011#0 has been banned.

thank you kgb

hello guys, how do i start with bug bounty? i have been doing CTFs on tryhackme since the AOC2025, and i want to level up my skills and profile with some actual bugbounty experience. help a newbie out 😉

Web security fundametals path & owasp top 10

alright sir, I just have to get a premium sub. i almost have completed the free rooms in web sec fundamentals. wish me luck

can i actually send a message now my stupid ban is lifted well

Good luck 🤞

hey can i dm you

why?

Hiee everyone

Hi

I’m looking for a mentor. Got decent knowledge but need some supervision for guidance on bug bounties. If anyone willing to mentor me, would love that.

Can u help me hack?

So a few weeks ago, I say TryHackMe's Bug Bounty PDF they had on LinkedIn. Really inspired me to get into Bug Bounty. Actually got a TryHackMe Account a few weeks later when they ran a promo. Going through OWASP top 10 and getting a refresh on TryHackMe before hitting the PortSwiger Labs.

Anyway, part of the doc mentioned getting into a program. What would be a good program for someone new to bug bounties?

Can I goon on ur face?

First

no u

Yes me

oi

I got sum bugs

mind your language

🐛

berg bernty

Bug bounty is great fun when you discover something accidentally and work with Muir to form a PoC XSS attack for it

Do you know from experience?

or you send xss through a PR

Hiii

Rogue bug

Yes, THM has paid out for an XSS to muir and I @lavish hollow

THM is teaching me how to exploit THM 🤔

to some extent

If I wasn't so active helping, I wouldn't have found the flaw

can we put a bounty on spooks?

can we put a bounty on spooks?
@prisma axle how much? I’ll go get the rifle

I'll go get the sword!

lightsaber

depends what kind of bugs we find

bed bugs don't classify for bounties

I see how well this channel is going to do.

here I’ll start it out on topic https://m.youtube.com/watch?v=gIz_yn0Uvb8

a great video by Jason Haddix that can give a lot of insight on the methodology behind finding a bug especially the reconnaissance methodology

did red team village upload everything on youtube now?

yes every talk as well as workshop is on YouTube

awesome that is good news

i checked on saturday and it was empty

Bug hunters

here I’ll start it out on topic https://m.youtube.com/watch?v=gIz_yn0Uvb8
@prisma axle yes everyone watch this video, especially when Jason starts talking about port scanning tools

No reason at all lads

Send $$$

Sorry, it's a dupe.

Hello I found a vulnerability in try hack me. It is critical problem.

email info@tryhackme.com

Ok

New channel

Wrong chat, post it in #site-bugs I guess?

ha sorry

is SuitGuy the Mod of this channel?

No, he hunts down anyone who posts in here

That's what bug hunter means

i'm still in doubt what is this supposed to mean

The message was the problem

I'd guess a non-native speaker found an exploit on the site

How would someone get started in this field?

Google

Get some skills

Excellent list of bug bounty write-ups

https://pentester.land/list-of-bug-bounty-writeups.html

Also it's a good idea to just track current bug bounty programs/trackers and just look at the bugs being found today

https://hackerone.com/hacktivity

https://www.bugcrowd.com/bug-bounty-list/

https://portswigger.net/web-security https://www.hacker101.com/ https://tryhackme.com/ is what helps me. But im new so don't go on my advice. I found some bugs but got discouraged quite quickly by the "another researcher has found this bug 7 years ago but we didn't patch it" thing.

@marsh falcon
We need new labs, thank you

....

there’s so much wrong with that message

We need new labs, thank you
@normal crescent You could make some

Two new labs released today.

😮

hi did you ever had this bug ? In room "Learn Linux" you can't respond to an answer because fields are not shown ?

#site-bugs

Or #site-support first

woops sorry

hi did you ever had this bug ? In room "Learn Linux" you can't respond to an answer because fields are not shown ?
@ocean valley yes, had the same

Go to #site-support and type Hi my tryhackme name is: [Insert THM NAME] and I'm having the task bug on the learn linux room. Ashu* will help you when he is back :)

Ow cool, thanks!

hi did you ever had this bug ? In room "Learn Linux" you can't respond to an answer because fields are not shown ?
@ocean valley me too

@restive egret username?

on THM site*

proximity220

Not sure if it's a big or it was intended to be like thag

bug*

But it's not possible to complete the room

It's being fixed

Please be patient

Yeah no probs

But it's not possible to complete the room
@restive egret I am getting the same error in the learn linux room. Did you find the solution.

@eternal harbor it's a bug, it'll get fixed soon

@eternal harbor Ashu can fix this for you, I heard

@lavish hollow take over I'm not allowed to give help 😦

Pffft you can help

But sure

I’m your assistant

@eternal harbor @restive egret I’ll need your THM usernames (if this is occurring for you)

@eternal harbor @restive egret I’ll need your THM usernames (if this is occurring for you)
@lavish hollow proximity220

@eternal harbor @restive egret I’ll need your THM usernames (if this is occurring for you)
@lavish hollow ZeroVuln

Alright, you will be sorted within the next hour

Thank you

Alright, you will be sorted within the next hour
@lavish hollow error still not resolved

Mhm staff are busy rn sorry. I'll give them a ping but there's nothing I can do on my end

ok i am wait

Try using the find tool and look in #resources

Oh! I just posted there. Thank you so much.

hey guys i'm in this bug bounty program and i can't sign up because it is blocked in my country if anyone can help me with this and create an account for my testing will be appreciated

DM me if you can

A VPN may be able to sort that out, however I would check with your laws to see if circumventing web restrictions is illegal or not.

A VPN may be able to sort that out, however I would check with your laws to see if circumventing web restrictions is illegal or not.
@young cloud i tried VPN but it is amazon cloudflare blocked

i don't think it is illegal

If your country is blocking it it’s for a reason.

¯_(ツ)_/¯

it is for stores like wallmart and bestbuy i think thats why i can't use it

If your country is blocking stuff its because the law states that you can't. As a result we can't really give advice

Also try using Tor

@worn bone PG13 please.

@gloomy stream That doesn't seem like responsible disclosure if it is a bug

where can user report that? @vocal folio

Email the admins

Delete the post here

Deleted!!! @vocal folio where can we find email details?

hello@tryhackme.com

👍 👍 👍 👍

can anyone provide me burpsuite pro keygen

That's illegal

So, no.

@opal spoke https://portswigger.net/buy/pro This website works well if you want

@opal spoke https://portswigger.net/buy/pro This website works well if you want :GWrjkKappaLUL:
@north jackal thanks

My pleasure 😌

Do I have to officially register somewherefor testing the application in a bug bounty program?

What application?

I mean general domain

Don't attack stuff without permission

Yeah so the domain has a bug bounty program do I need any further permission?

Well read what their program says and direct questions to them.

Generally most services will have a non production service which you can play with (I.e Facebook)

Does THM have a specific ToS for bug bounty?

Don't active scan, don't do anything that will affect other users. Probably more.

brute force? 👀

How to start bug bounty pls help me

Step by step

1. Get good at web hacking

2. Sign up for a private program

3. give up when you realise it's not a get rich quick

Thanks bro

Please don't call me bro

Please don't call me bro

Just a "thanks" would have been fine

Oky

Have a good night

hey guys, anyone good at enumeration?, I've got a couple of questions pls

I guess you can ask them directly :D

hey guys, anyone good at enumeration?, I've got a couple of questions pls
@sharp yarrow you can ask here, known one will answer you 🙂

how can devloped tryhack room

how can devloped tryhack room
@eternal glade https://discordapp.com/channels/521382216299839518/554713196804440101/738835180071944214

Hey there so i was looking around a website and saw that they were using Wordpress. So me (very board) i ran WPScan and found 5 usernames. Should i email them for a possible bug bounty (they don't officialy have bug bounty) or should i just forget it?

Im pretty new to bug bounty and im not too sure on the Swedish bug bounty laws (i'll read up on them). So what should i do?

That’s pretty low level I wouldn’t submit you would probably just get a grumpy security team

if you can take those usernames and do more with them to get a higher vulnerability then you could consider submitting

however I would not be scanning a website which you don’t have explicit permission to

and if they have said verbally they have a bug bounty it doesn’t matter you need written permission before doing anything

yea

Can find user names by simply clicking around long enough.

May I ask what company/whatever this is related to?

Because you need written permission to perform bug bounties I believe. Not all*

If you can’t specify this may not be the best place to ask

If you're messing around on someone else's website I do not want to be apart of it.

Nice.

It's 100% legal

So you just found something in a (bounty) program. got no clue what to do with what you found. Asking others without proper details(and now deleting messages 🤦‍♂️ )

They have their own responsible disclosure

And you can't disclose it to us?

No

It seems really really sketchy.

I am just asking if someone can explain

Nothing more, I don't want somebody to do work that can be done by me

But it's okay

I'll ask somewhere else

If you think that I am a black hat then you got it wrong. It's not worth it and will never be!

It seems really really sketchy.
@lavish hollow Not really, he wants to claim the bounty (in case it's not a dupe). So it does make sense. If you can provide some more context @brisk rover someone might be able to better help you 🙂

Thank you @frail compass

i am not familiar with those topics so I am not entirely sure

also if it's a private program you can't really disclose much publicly

You are the one that can help!

No problem @frail compass

@frail compass #lounge

At least you're are trying to help

^^, we all try to help, i think it was some misunderstanding

I am just reposting my question:
Anyone has experience with Algolia Api Keys? Found an Algolia Search Api key and ID as well as a suggestion key in the source code. I've readed the docs, saw that the keys are not allowed to be publicly accessable but I couldn't get any further.

probably worth just being a tad less defensive would've been better, but we live and learn :), just clarify stuff in case someone has the wrong idea 😛

Yea indeed thank you @frail compass

no problemo, glad we cleared the mist

have a look to see what that key might be used for

The others were thinking that I am doing blackhat stuff on a disclosed api key come on guys..

I've readed the documentation already

can you query the api using that key?

The whole api key section

Hold on

Yep

see if it has full blown permissions

like remove and stuff like that

It makes a request to a specific script/endpoint with the id and the key

It's an endpoint

and see if you can query an endpoint that you don't normally have access to

does the webapp have a user/admin interface and do you have access to any of them?

Only user

hmm, try accessing something until you get 403

see if the key can be used to access that part

I guess it may have admin access, backend is in java

let me ping someone and see if he has any knowledge of this

@bitter remnant any experience with this

Okay I'll do that! Thank you man! I apprectiate it!

no problem

I will provide a screenshot

Did you replace the values there?

I have covered the keys and the id

yes

oh ok

If someone wants to know what the impact is

If no limit is set ofcoars

https://owasp.org/www-community/attacks/Cash_Overflow ?

Thank you Ninja

The same vulnerability as with Google Maps API Keys when they are not configured correctly

I'm not an API keys guy, but I can say the following. Algolia keys almost tend to have no impact at all, and usually isn't taken into account by most triagers. It IS taken into account if you're able to provide a working PoC. I recommend looking at this: https://github.com/streaak/keyhacks#Algolia-API-key Try searching for a param similar to those given in the payload example. This payload, as mentioned by the author, is simply used to show the possibility of a XSS attack. If I'm being honest, it's something you shouldn't target. There aren't many resources for Algolia key exploitation, as there is for any other non high priority bug, unless you are able to manipulate it, show user impact, and a working PoC. The payload given might help, but probably won't do much. Remember, I'm not too experienced, this is just based off of what I've seen. If you're a beginner trying to mess around with these keys by all means go for it, but stuff like this which is usually counted as a P4 at best definitely requires some skill to pull off and escalate. idk, once again, I don't work with these keys. I've seen this case a number of times in multiple repos for public programs, so I'm guessing it might help. Now, after seeing the Cash Overflow vuln yes it definitely might be a valid vuln, due to misconfiguration.

Once again Cash Overflow is DoS, so just remember to look over the program scope

Thank you so much @bitter remnant ! First time I found this in the source code

lmao sure. I usually start off with GitHub repos so that's great! Keep me updated!

And I tought maybe it does have some impact like Cash Overflow so I started to search for some resources and I ended up at the documentation

No blogposts from security researchers at all, but thank you!

Haha yeah, I didn't see much too when I came across stuff like this first. Solely based on my short time of experience with this stuff lol.

At least I learned something new! Thank you

how did you guys get started doing bug bountys?

1. Get good at web hacking
2. Sign up for a private program
3. give up when you realise it's not a get rich quick

hello, i am new here i want to learn hacking?

me too

can someone answer to me and jin #4465.

@glad tide wrong room

@glad tide usually that's a #general question but a good place to start is from TryHackMe which teach you the fundamentals and can progress to become more advanced

@still jasper thanks

hey guys, I'm trying to exploit an XSS vuln
the issue in short : when injecting an arbitrary parameter to the url and giving it a value,
the url is echoed unmodified in the response body within a tag's attribute
for instance :
https://example.com/?arbitrary=whatever"><img src=x onerror=alert(1)>
this payload is getting placed inside meta tag's attribute
but the payload is urlencoded in a way that prevents me from escaping the HTML context
anyone could help pls?

Are you allowed to test on whatever website that is

Are you allowed to test on whatever website that is
@compact axle yeah

Have you googled encoded payloads that can help you

yeah I did, but the problem is that the server is not decoding the payload
ex: <img%20src=x%20onerror=alert(1)>
gets echoed without decoding the %20 to whitespace

Try spaceless payloads

tried that but no luck

@frail compass

I'm guessing it's unexploitable, or I'm just missing something
but even <svg/onload=alert(1)> didnt work

if you can't do xss try doing something else like changing colours of the pages

or try DOM based

can u give some examples

payload all the things is your friend

https://github.com/swisskyrepo/PayloadsAllTheThings?files=1

ok I'll try check that out

thanks for help 🙂

no problem

i looked for bugs for a bit but didn't find any

Guys i want to get started in bug bounty..

Can anyone help

there are plenty of books to get you started and places to develop your skills

it's not a thing you just throw a nmap scan/nessus and you get it done.

There's this great website called https://tryhackme.com which lets you practice and learn webapp skills

^ that too

and the webacademy or however is called from burp

I am solving CTF on tryhackme
Earned 3 badges too

i feel like with bug bounty i'll never get past recon

just spider a site and learn its endpoints and understand whether they touch dbs, include stuff, etc.

test for sql, xss, lfi, find nothing repeat

Bug bounty is so much more

You need to identifying your full scope and look at all their assets rather than just the main one because others have probably already scavenged the heck out of it

@sick roost https://m.youtube.com/watch?v=uKWu6yhnhbQ

I would recommend checking out hat training or one of his other shorter talks and understand methodology

thanks a lot 🙂

bug bounty is so confusing

ive been doing networking for years and bug bounty seems to be focused on web pages more

That’s exactly what it is

It’s just crowd sourced web app pentesting

ohk so i need to focus on web app pentesting , thanks

i got told that if a hacker masters python, he can basically hack alot without pen testing experoence

I mean, python is just a programming/scripting language

Knowing python doesn't make you a master hacker

People think it does, they're wrong

🐍

But python do help when you stuck at something and it shows an error like for ex: error on line 20 and it takes while to solve it if you do not know it! Knowing it is good but mastering it would be much like a choice!

I disagree bug bounty can very easily be done without python

if you have all the python knowledge in the world would you still be able to automate sqli?

you have to understand sqli as well

what if you are using automated tools and you get error on line something because of package or something, google helps but it is all about time you spend to solve that thing!

Yeah, but python alone won't make you a master hacker

what if you are using automated tools and you get error on line something because of package or something, google helps but it is all about time you spend to solve that thing!
@native snow that’s using a tool not mastering python

any script kiddie with a keyboard can use a tool

you don’t have to understand the python behind it

using a tool and getting an error of python and solving that! that's what I'm talking about not mastering but knowing it, is good!

That wasn’t what the conversation was about though that’s where the confusion came from

Sed, Sorry though!

Python's use in programming comes from it being a fairly easy language to learn because it's consistent and easy to read. Being able to automate things about your job saves time and that's the goal of learning Python. You want to learn how to automate because it might save you time and ensure consistent results. Knowing Python doesn't make me a master hacker, it just gives me another tool I can use to make my future job easier.

Hey people, silly question, i looked through some bug bounty programs and i found that it is really common to find that CSRF is out of scope, anyone knows why?

because social engineering is basically always out of scope and csrf typically needs the help of it

its basically just controlling a privileged user

Oh i see

Thanks for answering 🙂

From my experience, Python is good to create undetectable Payloads, alot of metasploit and veil framework payloads are recognized by anti virus, so if you master python, then you master payloads and also you will know how to communicate with servers via python codes

I mean python payloads are picked up too

Just ask our own Elf

you clearly dont understand the concept of how an AV works

Failed

AV works a lot like the moderators here. If you do sketchy things, we assume you're sketchy

Anything can be detectable if detected by signatures or known behaviour or the heuristic modules

From my experience, Python is good to create undetectable Payloads, alot of metasploit and veil framework payloads are recognized by anti virus, so if you master python, then you master payloads and also you will know how to communicate with servers via python codes
Python is a programming language, it's not magic, i saw earlier you saying that python is good to hack, and it is because its easy to get into it, but what matters is what you can do with it, and also some metasploit payloads are written in python.

@ruby skiff yes thats true, but can a pen tester reach the level of expert hacking without knowing coding, look at the virus stuxnet and the spyeye trojan, so what im trying to say is to become a state hacker , we definitely need to master a language , would anyone agree?

Who wants to work for the state.

In order to write your own malware, you need to be able to write code?

That seems... out of scope but kind of self explanatory.

@ruby skiff ok not the state, but hackers at that level

that can simply breach government networks

Well, that's very out of scope for this channel. And it's sketchy as all hell. So I'm gonna steer away from this convo

@vocal folio how else can malware be written, im not aware

What

@ruby skiff lol im just a drop out kid , but i am amazed of there work,

and i want to learn the right way, imagine walking in the wrong direction for 3 years just to find out i had to walk the other way

As I said, I am steering away from this convo. Please do not @ me anymore

ok

@eternal garnet please read the context of the conversation as well as the channel that you are speaking in. I would also advice not talking about hacking for a nation state like that as I seriously thought you were a bad actor and still do. Just be careful of what you say so you don’t get kicked out of here

Ditto ^

And to turn this educational:

Malware even if backed my a nation state is bad.

You ain't gonna get anything done with anything near the high-level that is python

That's the educational bit

And what CMN said

yeah this definitely isn't bug bounty related

bad

Malware even if backed my a nation state is bad.
@ruby skiff
To be fair, any malware is bad

Very true mate

👀

Gotem

what's up

what's up
Up is the direction diametrically opposed to the force of gravity. 😁

We get it you like science smh

I’m kidding 😄

Everyone likes science!!

Hell yeah!

Hey guys i need guidance with starting bug bounty i am good with python programming but dont know how to start with bug bounty.

James gave a guide

1. Get good at web hacking
2. Sign up for a private program
3. give up when you realise it's not a get rich quick

Ok i am good with web security too

What kind of private programme are we talking here ?

*program

I’m guessing a programme that’s private but you might want to google

There’s tons when you type “private bug bounty program”

Ok thank you

guys is this channel a general bug bounty channel or THM has a bug bounty thing?

Both 🤔

Bug bounty discussion chat for all things related to bug bounties

@prisma axle sorry what do you mean by bad actor, im just qurious and have questions, i can verify my identity if you like to prove im just a normal student:(

Guys, to become good a bug bounty, what courses do use recommend 🙂

1. Get good at web hacking
2. Sign up for a private program
3. give up when you realise it's not a get rich quick

So you'd probably want to look into web hacking

i need an analsyis/ network admin/ reverse engineer / digatial forenses help
like i installed an obvious do not install this will fuck ur shit up malwared out hacked new high end video game title and didnt do anything to it for about 6 months, when my laptop was getting to where it could have hurt its hardware and started to look at everything
and its been a nightmare
like ive done resets across multiple devices so many times
like i have the most crazy looking .pcap files
other wifi's in the area have duplicates running in the range of my pc
its fucked
like this has got to be some real deal hardcore pwnage
like im so pwned. my router login page is now gone. i discoverd that it had custom java script loaded into and has 3 wifi ids acossiated with it

First of all, wrong channel. Second of all, well, you've learned why piracy is bad as well as the fact it's stealing. Third of all, please mind your language. Try #general.

hex rule 15

what is this room made for

well, talking about bug bounties

Bug bounty discussion chat for all things related to bug bounties

hi guys.. can anyone please tell me how to learn bash script? Any good resources or something?

Not really for bug bounty

try #resources

oh sorry.. it was for automation, btw

hi guys.. can anyone please tell me how to learn bash script? Any good resources or something?
@hollow drumjust try to make a script of your own choice and without using the internet

can anyone help with downunder ctf

?

@hollow drumjust try to make a script of your own choice and without using the internet
@fallen palm but i'm a noob with no scripting experience

You're never actually going to learn anything if you don't try it.

What are some enumeration resource for a heroku endpoint?

nmap

X509v3 Basic Constraints: critical
is this vulnerability ?
which tool is best for Improper TLS protection ?

Not sure but I searched this up and it might help @granite dust

https://geekflare.com/ssl-test-certificate/

Hi guys! Do Gigya API Keys need to be private or is it okay to find one in the source code? I found one as a value of a parameter of a javascript file and when visit it and I remove the key from the parameter I get an error (invalid api key instead of the script). And in that file I also found an ssoKey. The documentation (developers.gigya.com) doesn't seem to tell if it needs to be kept secret or not

API keys are supposed to be a secret that only the client and server know. Like Basic authentication, API key-based authentication is only considered secure if used together with other security mechanisms such as HTTPS/SSL.

And what if there are 2 types of keys? Secret and just an api key?

Does that mean that the api key is allowed to be disclosed in the source code or not?

API keys should be kept secret as I said.

As they are unique

But usually wouldn't class as a bug bounty as needs social engineering

Thank you!

I won't report it --> no impact

Social engineering? Depending on the company can’t you use fuzzing tools to determine what input the API needs

Some of the methods look... destructive

It may as well be but having a level of certainty will allow you to choose what method you take

API fuzzing is just brute forcing mainly, and a friend of mine who uses an API has a blacklist feature which uses an algorithm to detect patterns and similarities in what is being entered to the API, as well as a lockout feature after a specific amount of tries.

Having this information allows you to proceed carefully.

Jabba

I don't understand what point you're making

APIs have documentation. This is a key for a third party API which has public docs.

My point is that social engineering isn’t needed

You should NOT be fuzzing anything

Yeah it’s bad hehe

Oh I wasn’t aware it was a public api

Social engineering? Depending on the company can’t you use fuzzing tools to determine what input the API needs
@lavish hollow Interacting with the API wasn't really brought up

I was under the impression that as Hex said “Social Engineering” he was hinting that was the only method of using an API

Unless my fatigue is making me completely miss the point of the discussion and stupidity*

I left that out so they didn't go and do it

I mean they wouldn’t get far

can anyone send me the tryhackme bug bounty page link?

https://help.tryhackme.com/miscellaneous/the-bug-bounty-programme?from_search=52416047

You mean this? https://help.tryhackme.com/miscellaneous/the-bug-bounty-programme @upper rover

Lmao

rE

ahaahaa

yeah this one. Thanks @young spoke

:(

Aha!

😆

I see how it is.

xD I win this round Jabba

anybody know about a way to exploit xss in referer header? the site does not filter or encode the value before rendering it but all browsers url encode it so im having a hard time exploiting it

Maybe curl?

how so?

will the js acually run then?

The Referer request header contains the address of the page making the request. When following a link, this would be the url of the page containing the link. When making AJAX requests to another domain, this would be your page's url. The Referer header allows servers to identify where people are visiting them from and may use that data for analytics, logging, or optimized caching, for example.

See security considerations: https://developer.mozilla.org/en-US/docs/Web/Security/Referer_header:_privacy_and_security_concerns

You would need something to evaluate the JS in the referer header which isn't likely unless the refered URL is in itself containing an XXS vulnerability, but this would just be forwarding to a malicious payload and will not count as an exploit on the original refering site

guys i am beginner in bug bounty so ay chance i can get references or any courses you suggest for this kind of field?

hacker101 and the talks given by Jason haddix can be a great place to start @craggy onyx

okay thanks!

hacker101 and the talks given by Jason haddix can be a great place to start @craggy onyx
@prisma axle being a web developer, is a prerequisite before going to the bug bounty??

No @dense prawn

No but it helps

hi all, new to this server (and networking in general).. just out of interest how much do good bug finders get or is it more for the kicks?

Depends on the platform, program, and severity

It's not a stable source of income

Depends on all those things. Don't rely on it as a source of income

It's very much like the lottery

https://latesthackingnews.com/2020/09/26/national-australia-bank-nab-launches-bug-bounty-program/

Anyone know where I can find a template for a contract that a company won’t sue me for the bug I found? They want to work with me, but I wanna be safe

You'll need a memorandum of understanding

It's a document outlining the agreement between two party's, but it's not legally binding

But it's a good way to outline the agreed engagement etc...

Further legal documents required can be discussed with a solicitor for large clients but if your planning on engaging as a business you will need insurances you can discuss in due process

It depends on how deep you want to go

Usually this is overkill for a freelance client and an agreement will do

Hey I would not work out contracts yourself theres a company who fights for security researches rights let me find them real quick

@tacit kernel are there templates for such an agreement?

can anyone send me the sample report of any bug bounty ?

https://www.gov.uk/government/publications/setting-up-school-partnerships/guide-to-writing-a-memorandum-of-understanding-mou @wary vortex

https://templatelab.com/memorandum-of-understanding/

@teal elm https://docs.hackerone.com/hackers/quality-reports.html

Any advice for an absolute beginner bout to start ....

Read writeups, read books, do some research

and most importantly

1. Get good at web hacking
2. Sign up for a private program
3. give up when you realise it's not a get rich quick

1. Get good at web hacking
2. Sign up for a private program
3. give up when you realise it's not a get rich quick
   @still jasper Any Free Practice website at first?

@fresh shell https://tryhackme.com

Yaa that I got it but any other places?

HTB, portswigger academy

#bug-bounty message

Youtube is a source but not always a reliable one, but twitter is always a good place to find people that are like minded, as is the obvious Discord servers... but read up on bits figure out what you want to gain at the end of it, are you doing exams or just for shits and giggles?

HTB, portswigger academy
@vocal folio thank dude

Guys since this is a bug bounty channel , what should I learn to become good at bug bounty other than learning JavaScript

Look up the OWASP Top 10. It has the most common vulnerabilities covered. @eternal garnet

@modest vector thanks dude 😁🙋

Guys we’re can I learn sqlmap

Google ?

sql injection room

IIRC many bounties don't allow sqlmap?

sqli room x2

@vocal folio ahh I never knew that

Always read the scope

Otherwise you can get in trouble...

Like, a lot

Ahhh thanks man

I vote adding phishing and social engineering to the tryhackme scope... I wanna phish skidy

I have the perfect idea for a vector

"Get 40% off your AWS bill today! Jeff Bezos hates this one simple trick!"

"Why you need to learn AWS discounts NOW!" - NetworkChuck

I was thinking of either an AWS bill or a DO outage

maybe a cloud flare outage

DigitalOcean not working properly? Try this one simple trick!

I vote adding phishing and social engineering to the tryhackme scope... I wanna phish skidy
@prisma axle I never seen a scoope with phishings before...

It’s almost always out of scope however there is one that does

Do you mean 100$ https://promo.linode.com/hackersploit100/

Also, you have to add your credit card like most "trial" services, and they more times than not try to charge you for something

Idk why iposted this on here fml sorry moving it

!hoonk

!honk

@wheat canyon this is not #bot-commands

@grim stag no invite links

Oh shoot

Anybody there need help

Just ask what you need help with and someone will help you

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

don't forget 😉

https://tenor.com/view/fry40l-burnouts-barratheworld-skids-smoke-gif-9208174

hey guys I'd like to ask a question about web cache poisoning. I don't understand what "unkeyed header" means. does it refer to the headers that web server just doesn't look at, when deciding whether to send the response from cache.

https://samcurry.net/hacking-apple/

hi

https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1

Does anyone know out of curiosity if pentesterlab teaches sql injection well enough for example or is the content given just challenge based?

!honk

I found a bug in ms teams

If I enter into a meeting and leave it , it will still show people that I am in the meeting

@brittle hare Without any security implications, that's pretty useless

But bruh it’s a big issue cause people will think the people is still online

Even tho they aren’t

And even time issue also

If I text in teams

The next msgs the time is earlier than me

How is that possible??

I mean you can report it

But I’m sure bug* bounties are more related to security risks or something really ground breaking

( Correct me if I’m wrong )

Also you’ll need to see if you can replicate it on another account because it sounds really vague and I’m sure many people have left and joined meetings before?

^

!honk

Anyone has a script that installs most used tools for bug bounty

Install Kali Linux

Already installed

What tools are you missing?

You’re only limited by your knowledge, if you find a potential exploit you need to know what you need to exploit it

Well that’s my opinion anyway

Well that’s my opinion anyway
@lavish hollow Fully agree

just as a sidenote. have a look at the following:
https://github.com/nahamsec/bbht and this https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

Hi

İm want learn bug bounty

İm read some article about bug bounty

So im learn half html5

And learn half Python

Loaded kali linux in the my pc

what should i do now

Keep learning for a while.

okay but what is it

I will be glad if you help

I'm quite new to bug hunting and got invited to a private program and I did some LFI and it changed the RID value within the source code when I did /..ls?=false i'm not sure if that does anything but then I came across something which was a reporturl and this is what came up when I got directed to the directory and i'm not sure if I am able to do anything with it FL(nginx,NoCookies)|name=ruxitagentjs|config=domain%3D<programname>%7CreportUrl%3D%2Frb_bf98738ejy%7Capp%3D3300639e6ec22919%7CfeatureHash%3DICA27SVfhjqrux%7Cvcv%3D2%7Crdnt%3D1%7Cuxrgce%3D1%7Cbp%3D3%7Ccuc%3D6og6s1z8%7Cdpvc%3D1%7Cmd%3Dmdcc1%3Dcpnum%7ClastModification%3D1602760231903%7CdtVersion%3D102012009048458022%7Ctp%3D500%2C50%2C0%2C1%7Cuxdcw%3D1500%7Cvs%3D2%7CagentUri%3D%2Fruxitagentjs_ICA27SVfhjqrux_10201200909654722.js|featureHash=ICA27SVfhjqrux|version=|buildNumber=10201208945073022|lastModification=1602760231903

hi guys.. where can I find sensitive information in a .git folder, if it is publicly available?

Do you have explicit permission that you’re allowed to do this?

it's a bug bounty program

So you’re on a private program?

yup

I’m just interested because you’ve come here before googling which makes me question your skills

no I've tried searching.. but I couldn't find how to look for sensitive data. some of the results are too complicated for me.

i'm a noob, btw

@hollow drum https://github.com/internetwache/GitTools
or
https://github.com/arthaud/git-dumper

thanks man

Hay guys anyone here

Yes.

Yeah

🌾

I believe you should be told how to authenticate

This status is sent with a WWW-Authenticate header that contains information on how to authorize correctly.```

Yes the server could do it by IP address

It'll be some serverside config

I doubt it'd be a single IP on the blocklist

maybe you're in the same CIDR class as an employee? idk

Probably subnet addressing instead of regex

regex totally the wrong solution

yeah, regex and IP suck to combine

Something like this right 0.0.0.0/24?

for a class C, yeah

I tried to replicate the misconfiguration and found a nice solution which didn't work
@brisk rover I don't think it's exactly a misconfiguration?

There's APIs to see if an IP belongs to a hosting provider or Tor exit node

Then you can make life annoying for those people because they're not likely to be legit users

yeah, I never said it wasn't

Not really

So this looks more likely to be the case of tor exit nodes being blocked

I also have never know a bug-bounty program require such a configuration.

So why do you need to tunnel through tor?

If it's working without tor, then you have access correct?

So what's the catch?

So you're able to access a website when you're not using a VPN or tor, and that's considered a bypass?

It sounds to me that it's just filtered by blacklist rules

Be more specific with your explination or provide a URL and test case

Is it a school website?

No

A company which has a responsible disclosure

What's the URL?

Via dm

DM me the URL then

Suitguy, man, I don't know what's wrong with you, but you are clearly thinking that I'm a black hat

But that's okay

👀

lol recently started and made 500 the other day

https://tenor.com/view/judging-justin-timberlake-gif-6219360

lol recently started and made 500 the other day
@fallen palm really!! i'm new to all this

It's a bug bounty

lol recently started and made 500 the other day
@fallen palm How you did that? lol

Yeah

You Find a reliable source to sign up for to start bug bounty then there's something called A bounty board where they have companies asking for help with certain things and if you find what they're looking for and you need to make a really good report describing everything and how can it it affect the company and then you submit but you need to provide evidence as well

If you have anymore questions feel free to DM me

@drifting flume @fallen palm

I don't want to DM

But I am curious of what vulnerability you found, if you don't mind me asking

👀

Account breaching vulnerability

Account takeover?

Essentially

@fallen palm check your dm

I mean
How to find a bug at your first day on bug bounty
To normal people take months

for big ones

i found a very minimal one

took me till sunrise

now there is one that is $20,000 on the bounty board now that will take months

i got paid very little $500

for finding a decent sized vaun its about $1,000

@drifting flume

Which plataform did you use?

hacker1

https://www.hackerone.com/

Thanks !!!

really reccomend it take the small jobs first

like i did

they don't usually take long

Hackerone is really competitive
But of sure is the big one

lol

Hi

hello guys

can anyone tell me bug bounty(related) rooms ,to improve skills

Hello there @wraith pewter

Please dont post in other chats

For bug bounty related stuff, keep it to this one

anyone

Please be paitent

@wraith pewter burp, juice shop, zap, authenticate, ssrf, OWASP top 10, ZTH web, ZTH web 2, Upload Vulns, Web Fundamentals, Inclusion, web scanning, sublist3r,

I dont know thats just a few on the site that might help get you into the flow of bug bounty

theres tons of other web challenges on the site as well

anyone
@wraith pewter literally web. Take the web path if you want.

how to get started in bug bounty,, I new vulnerablities but I am bad at finding bugs..

*knew

Have you Googled?

ofc

how to get started in bug bounty,, I new vulnerablities but I am bad at finding bugs..
@rugged cradle I have some write-up how to get started in bug bounty. I hope it can help you.
https://medium.com/inbughunters/getting-started-in-bug-bounty-7052da28445a
https://medium.com/swlh/how-to-get-into-bug-bounties-383266799832

@rugged cradle I have some write-up how to get started in bug bounty. I hope it can help you.
https://medium.com/inbughunters/getting-started-in-bug-bounty-7052da28445a
https://medium.com/swlh/how-to-get-into-bug-bounties-383266799832
@faint crown thanks ...

@faint crown thanks ...
@rugged cradle you're welcome dude

😃

Anyone tell how does CVE is useful to bug bounty

well

a cve is an exploit

and bug bounty is about finding exploits

no there isnt a lot of connection between bug bounties and CVEs, you can find CVEs as a result of a bug bounty program or you could use a CVE to exploit a specific application the program is using (must be in scope) but is very rare because of scope, updates etc. for the most part you wont use CVEs in bug bounty

You can learn a lot from reading CVE entries. It shows the various vulnerabilities found for a particular piece of software/vendor, how they are reported, weighted by CVSS score, research related to a vulnerability, related proof-of-concept exploits, and the different vulnerability types that exist. A good site to do research: https://www.cvedetails.com @wraith pewter

Tq

Could u give one example how to exploit with cve

Links,demo or something

It will vary massively depending on the CVE.

There’s lots of rooms on thm that highlight cve you can search in the hacktivites page for ‘cve’

how should i get started with bug bounty?

y’all are really gonna make me want to make a blog post on getting started on bug bounty aren’t you

I have a summary somewhere

1. Get good at web hacking 2. Sign up for a private program 3. give up when you realise it's not a get rich quick

y’all are really gonna make me want to make a blog post on getting started on bug bounty aren’t you
@prisma axle Finally you notice it !!!

@vocal folio you're forgetting about
25 closed for dupes
103 Will Not Fixes
and
927 Not Applicable

don’t worry spooks a little salty from him staying up till 2 am doing bug bounty then the company saying nah we good fam

817 non-exploitable findings, not defects. Oh Bug Bounty, the art of not paying out.

so I will be stealing that and making it a blog post

hello

hi

hey, do you have a bug bounty topic or question?

!help

@green mist #bot-commands

discord pays so little in bug bounties

Does self-xss need to be either stored or reflected or can it just be none of those 2

https://owasp.org/www-community/attacks/xss/

There's your categories.

I clicked in hear thinking you guys had posted bounties. Lol

There are bounties for thm posted

Anyone got some good resources to learn Nuclei, or should I just start exploring and building my automation based on the github documentation?

Guys I have a question
If a client sends 2 csrf tokens, but they are different: is this then still double submit validation serverside ?
or must they be equal ?

hard to tell without actually looking at the code, but they might be 2 csrf tokens for 2 different validations, and that's why they may be different

anyone here wants to be my mentor on bug bounty where i follow along and learn I dont want bounties i just want to learn and i learn best by seeing and working along with someone

https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

This is how I learned the basics

@sharp flame Why do you wanna do Bug Bounties?

so that i can learn more just learn better working along with others and i enjoy pentesting and i feel it could help me advance in the field and secure a job in the industry

thanks blackout

hello who is admin ?

@hollow urchin ?

i found a bug in the platform

who report this ?

how*

Is it a bug or a security issue?

sorry my english is so bad

maybe security issue

https://help.tryhackme.com/miscellaneous/the-bug-bounty-programme

thanks

uwu

@fickle heath if there is two csrf tokens in request then try to send one and see if request go through without any errors

I'm not sure if this has been posted or if this is the correct area to post this, sorry in advance. Feel free to delete or move the post if necessary. I just stumbled across this and figured it was worth a mention.

https://www.samsung-qledecode.com/

This is as far as I've gotten so far. https://corpo-cmp1-cwxlza.com/ev2325m it's a staticy .wav file.

Well, this is another thing about QLEDecode

https://corpo-cmp1-cwxlza.com/4l9f874

It's a 7z

But with password

Also decoded the file name bm9tdXNpY2J1dGl0J3N0aW1ldG9kYW5jZQ with Base64 and it came out to nomusicbutit'stimetodance

Found from reddit.

@granite ravine nice. The password shouldn't be too hard to crack

Apparently it is, as twitter and reddit people say

Anyone here who can help me with an android app issue??? I'm testing it and found something need help regarding that

Can you give some more specifics

does the app have a bug bounty or responsible disclosure, what is the vulnerability generalized, can you weaponize it for PoC, would It be considered a low hanging fruit and not even worth submitting?

!help

argh getting so close to finding a way through exploiting one of the exploit on this bug bounty site.

can someone help me break this barrier?

@hearty warren sure can you just explain here some of the steps you’ve taken and what you’re stuck on without giving away the bounty itself obviously

its much easier to show

Can you show it here without leaking too much?

is it ok to share http request from burp? there is three consecutive requests.

it doesnt have sensetive information

yeah

Portswigger Academy

Pic1

Respone, action changed to sign in

Getting a undefined user session with the email.

so basically after sending the request to sign in. i think what is happening is it redirects me back to the login page because it cannot find the email. This is annoying because i can technically get unauth bypass. The way to go from here is two ways:

1. maybe the WAF blocked the requests 2. SQL injection on the email address.

hello im working on a ug bounty atm and i found a kraken-test subdomain kraken is in scope but would kraken-test be in scope as well?

Does the policy say anything about it being out of scope?

It does not say anything about kraken-test being out of scope

Then it should be fine

Sweet thank you for your help @still jasper 😁😁🙏

Well, it depends. Does the program have a wildcard subdomain listing?

If not, subdomains are probably out of scope.

Really is best to err on the side of caution and go with what IS stated, rather than what isn't.

it does not have a wildcard subdomain listing.

i see where your coming from @young cloud thank you

If it were me I wouldn't touch it in that case. You're welcome.

I'd have thought you could ask?

Ask the company/target?

I doubt they would do a case by case approval with the amount of people there are in those public programs.

depends on the security team some are super duper chill

hey I am trying to inject SQL into a website for finding bug. when I write ( ' ) at the end of the url it's return error code 500 so is this website vulnerable to SQL injection ?

by the way thanks in advance

Research error code 500.

Could mean a world of different things.

Hey, I am new to bug bounty,
Can anyone already doing bug bounties teach how to go on hunting for bugs, I just want a person to collaborate and learn with

@wanton mica DM..let's talk

yea pls me too i wanna learn bug bounty as well

same

https://www.hackerone.com/top-ten-vulnerabilities

@paper bobcat its not always for sure tbh
but you should try more than just ' in order to spot SQLI

also once you get a different web page once you add ' there are a lot of possibilities that is vuln

@brazen coyote I have added more sql payload many of them put 500 error and some put 403 forbidden