A bug bounty mistake…

Sometimes if it looks like XSS, it may not actually be XSS.


There was once a time when I had first started looking for security vulnerabilities on real targets. I had spent a few weeks learning everything I could, and I had already spent about a year learning Web Development.
In all honesty, I did not have a freaking clue what I was doing.




Writer, Web Developer, Hacker, and Family man

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How ride-sharing business is fighting fraud?

Data Protection Solutions & Compliance Regulations — Seclore

OTP bypass via response manipulation and brute forcing.

How To Share Your Android Phone Internet To PC Through Tethering

It is okay to lie, sometimes.

ICONFi Major Update Teaser

Why You Need a Backup Strategy (and Which Kind of Backups You Need)

Dynamic Application Security Testing — DAST

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adam W.

Adam W.

Writer, Web Developer, Hacker, and Family man

More from Medium

Broken Link hijacking — What it is and how to get bounties with it! $$$

Interesting Stored XSS

Facts to clear about Log4J for “Bug Bounty Hunters”