Turned the bullet points into an actual article on 01/04/2021

Profile 🐝

33 years old Masonhck357 has only been hacking for 1 year, but has made great strides. At the 6 month mark he decided to go full-time.

He hit rock bottom when his job was made redundant. This turned out to be a blessing in disguise. He began his IT journey, which started in the helpdesk.

During that time he got his comptia and network+ certs. This is when he saw STOK’s video, which immediately got him interested in bug bounty. He went to DEFCON.

His favorite hobby is going to the beach.

He hasn’t collaborated a lot, but is open to it. He would collaborate with anyone, but looks forward to doing so with Nahamsec and Specters.

Learning 🐝

When he started his bug bounty journey he didn’t know anything. He had no idea what the difference between a GET and a POST request was. Or how IPv4 or IPv6 work.

He started off on the wrong foot. He jumped into using tools without a solid foundation.

Realizing his mistakes he quickly recovered. He went deep. He started reading the RFC to get a solid foundation of HTTP works. He began asking the right questions. How do headers work? What do these cookies mean? And he turned to Google for the answers.

He picked up Bash, which allowed him to build one-liners for himself. Become familiar with the CLI. Watch others, and copy what they do, and then make it your own. Get familiar with the OWASP top 10 and focus on web security training.

Tips 🐝

  • As a beginner, pick one vulnerability type. Then pull up every single resource that you can find and go through them. While you’re doing this ask yourself questions. What was the authors mindset? What was their approach? Once you become familiar with said vulnerability, start looking at the DoD program, and grind for 8-9 hours.
  • When picking a program look at the bounty tables. They have to be financially positives. After that he looks at the scope and the amount of features the app has.
  • When feeling burned out he goes into learning mode. He also tries to understand why it’s happening. Always make sure to take long breaks. It’s good to push yourself but don’t overdo it.
  • Everyone deals with impostor syndrome. It’s okay to acknowledge that he’s a beginner.
  • Certifications aren’t a requirements for bug bounty. That being said the OSCP can be valuable when you’re searching for a job, as it can get you past HR.
  • Programming is beneficial, but not a requirement. However it’s a requirement for himself. He just finished a JavaScript course, and is planning to take a Golang and Python course.

Recon 🐝

Recon means to gather intelligence, it’s helpful when chaining vulnerabilities.

When approaching a single web app he performs the following steps:

  1. Use it as a user
  2. Go through sign up process and analyze requests
  3. Go through JavaScript automated and manually
  4. Waybackurls
  5. Take notes of interesting behavior/findings while analyzing (turns into checklist)
  6. Go through same process the next day while leveraging known data

Tools 🐝

  • FFUF
  • Waybackurls
  • gau
  • Burp Pro
    • Auto-repeater
      • Replacing auth tokens
      • Changing GET to POST
      • Change content type to XML
        • Look for error
    • Authorize
    • Upload scanner
    • Burp history
      • Compare sessions

Routine 🐝

He hacks for 8-12 hours a day. His routine consists of:

  1. Get up 5:00-5:30AM
  2. Meditate/gratitude
    • cognitive benefits
    • Listen to hacking related stuff
  3. Green juice
  4. Shower
  5. Start hacking
  6. Game / relax
  7. Hack some more (4 hours)
    • While in game queue go through Burp requests
    • Read write-ups
    • Perform light fuzzing
  8. Go to bed at 10:00PM
twitter icon + = heart icon

If you're feeling generous (and you found this useful) please click here to share on Twitter.

What's buzzing?

If you want to work together, have a question, or if you just want to say hi, feel free to reach out on Twitter.