Cookie Information:
We're required by law to let you know how we use cookies on this website. Find out
more information
on our privacy policy.
Bug
Bounty
Hunter
Learning to hack
Learn about vulnerability types
Free Web Application Challenges
BARKER
BugBountyHunter Membership
Reading Material
Getting started in bug bounties
Browse Disclosed Writeups
Useful Guides for bug hunting
Effective Note Taking for bug bounties
Making use of JavaScript (.js) files
Using XAMPP to aid you in your hunt
Bug Bounty ToolKit
Finding bugs using WayBackMachine
Our members & events
Browse our hunters
FirstBlood Hackevent
Member Contributions
My methodology during Firstblood
— Contributed by
Jomar
Members Area
Choose vulnerability type
×
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)
Open Redirects (+Oauth flows)
Server Side Request Forgery (SSRF)
SQL Injection (SQLi)
Command Injection
Insecure Direct Object Reference (IDOR)
XML External Entity (XXE)
th4nu0x0
- Rank #75
Level 2
Barker Bugs Discovered
: 25 / 129
Total Submissions
: 23
23
accepted
0
rejected
3
bug chains
Active Hacking Time
:
1 days, 23 hours, 19 minutes and 40 seconds
BARKER Activity
Active Hacking Hours
Bug Submissions
Hackevent Activity
Report Title
Severity
Viewing/Cancelling anyone's appointment
High
[IDOR] Modifying anyone's Appointment information
High
Creating Admin account using a leaked token on r/BugBountyHunter and using restricted API calls .
High
Event is leaking attendees Personal information.
CRITICAL
9500000
Respect Earnt
Bug Bounty Platform Activity
Connected Bug Bounty Platforms
HackerOne:
th4nu_0x0
24 submissions
Disclosed Bugs (On HackerOne)
Barker Bugs Discovered: 25 / 129
Barker Bugs Discovered: 25 / 129