Note that during these interviews I also moderate thus quality may vary.

Profile ๐Ÿ

  • 10yrs hacking
  • bug bounty X
  • has oscp, respectable standard
  • coding: ghetto bash, curl

Tips ๐Ÿ

  • mentors, whoโ€™s in your corner and who can you communicate with
  • friendly helpful competition with peers
  • surround yourself with people that have the qualities you wish to attain
  • be an autodidact, ie. self teach to an extent
  • put the time in ~8+ hours a day, ie. bruteforce while watching Adventure Time
  • no one can teach you the practical skills, ie. experience
  • canโ€™t be single-minded, ie. get a multiple of your time
    • always have multiple irons in the fire
  • multiple censys account to avoid x
  • donโ€™t rely on tools, could have skewed results. E.g. screenshots cannot appropriately display underlying content, errors and functionality.
  • user correct host header, cname in host header
  • reading RFCโ€™s and leveraging that knowledge a la Inti
  • requests are free
  • vhost scan
  • everything youโ€™re doing is to extend your attack surface
  • discovery > web skills
  • fuzz interesting things

Routine ๐Ÿ

  1. wake up, coffee
  2. 6-7 Verizon hosts of interest found over night
  3. nmap 80,443,xxx,xx
  4. based on that look for target to hit
  5. shodan, censys, xx over night look for interesting
  6. brute force those hosts
  7. hack those if anything interesting

Workflow ๐Ÿ

Automation = dns resolution

  1. donโ€™t rescan, assume assets donโ€™t change every X week
  2. nmap nmap -T 4 -iL hosts -Pn --script=http-title -p80,4443,4080,443 --open
  3. filter out new stuff
  4. burp
  5. run scan
  6. fuzz while scan is running
  7. intruder

Tools ๐Ÿ

  • nmap
  • amass
  • ffuf

Collaboration ๐Ÿ

  • Would like to collab with agarri
  • Shout out to shubz, x, green hat hackers

Enjoy my content?

You can support me in a couple of ways:

Buy me a Coffee or share it with your friends

Select links throughout the site are affiliates. They give me a small kickback, don't cost you anything extra and are always curated.

More from the beelog

  1. Nahamsec interviews Todayisnew

    Eric crossed $2M in bounties. His handle is a reminder to focus on the gift we are given with each new day. His friendly demeanor, and automation are highly sought after.

  2. Essential Bug Bounty Books for Beginners and Pros

    Security books recommended by top bug bounty hunters and hackers. Covering web application security, mobile security, and programming.

Don't bee a stranger

If you want to work together, have a question, or if you just want to say hi, feel free to reach out!

You can find me on Twitter, Discord, and Instagram.