Bug
Bounty
Hunter
Access your account
Getting started
Learn about vulnerability types
Getting started in bug bounties
Test your knowledge
Free Web Application Challenges
BugBountyHunter Membership
Guides for your hunts
ZSeano's Methodology
Effective Note Taking for bug bounties
Making use of JavaScript (.js) files
Testing APIs
Testing file uploads
Bug Bounty ToolKit
Finding bugs using WayBackMachine
Useful Resources
Disclosed HackerOne Reports
Public HackerOne Programs
Our community
Endorsed Members
Hackevents
Member Articles
My BARKER Experience
— Contributed by
bongo
Reaching 1000+ reps on H1 and how you can do it too!
— Contributed by
iBruteforce
My Hackevent Experience
— Contributed by
iBruteforce
BugBountyHunter Experience & Review
— Contributed by
eliee
BugBountyHunter.com Review
— Contributed by
gprime31
Challenge Available
Mass assignement and learning new things
— Contributed by
Jomar
Reaching 1000+ reps on H1 and how you can do it too!
— Contributed by
iBruteforce
Choose vulnerability type
×
Cross Site Scripting (XSS)
5 labs available
Cross Site Request Forgery (CSRF)
1 lab available
Open Redirects (+Oauth flows)
3 labs available
Broken Access Control
Free Labs coming soon! Available for members
Server Side Request Forgery (SSRF)
Free Labs coming soon! Available for members
SQL Injection (SQLi)
Free Labs coming soon! Available for members
Command Injection
Insecure Direct Object Reference (IDOR)
1 Lab Available
XML External Entity (XXE)
Free Labs coming soon! Available for members
thecast
Rank #103
—
Level 3
73
unique bugs discovered
232 hours, 43 minutes and 37 seconds active hacking time
75
reports accepted
97
Accuracy
Vulnerability Types Found
Bug Submissions & total bug count
Hackevent (FirstBlood) Activity
Below you can find disclosed reports from our Hackevents which are events we host for our members to win rewards. You can find
more information
here.
Report Title
Event ID
Severity
Vulnerability Type
Stored xss leads to doctor / admin account takeover
FirstBlood v2
High
Stored XSS