Xss - Tag - My Personal Bloghttps://f0dh1l.github.io/blog/tags/xss/Xss - Tag - My Personal BlogHugo -- gohugo.ioenbenhibafodhil@gmail.com (F0DH1L)benhibafodhil@gmail.com (F0DH1L)2025 F0DH1LThu, 24 Jul 2025 10:11:07 +0100My First H1 Bounty: From Open Redirect to Profile Manipulationhttps://f0dh1l.github.io/blog/posts/first-h1-bounty/Thu, 24 Jul 2025 10:11:07 +0100benhibafodhil@gmail.com (F0DH1L)https://f0dh1l.github.io/blog/posts/first-h1-bounty/From Open Redirect to DOM XSS to Profile Manipulation

My Journey to HackerOne

After 2.5 years of playing CTFs, I decided to start doing bug bounty to test my skills and try to make some money. My first month on Bugcrowd was mixed - I got some N/A reports, a few informational findings, and some valid P4/P3 vulnerabilities.

Bugcrowd isn’t a bad platform, but I had found some critical vulnerabilities there and submitted them. The problem was that they didn’t respond to my reports for more than 2 weeks, which made me lose motivation to keep hunting on the same platform. So I decided to switch to HackerOne to get my motivation back.

]]>