One month ago I started to chase on a new private program. Since we were in touch by mail and since their office is pretty close to my place, I proposed to meet. They immediatly accepted. We talked for an hour, about security, my job, their program. That was so interesting, question after question, we learned alot from each other. I though it would be nice to share this experience, some people probably have some of these questions in mind, so in this article I tried to resume our interview.

...

As a full time bug hunter, it’s important to use the tools you are confortable with, sometimes a small improvement can change your life. During the great 3 days course presented by Nicolas Grégoire, he showed us a browser called Autochrome. Combined with a tiny Burp Suite extension, it becomes very easy to visualize the things you really want to see and reduce the noise for your eyes. In this article I will show you my current configuration.

...

This article is the following of the previous one (obviously…) about why I love bug bounty. However I realized that that one sounds like everything is perfect in this job, but since the world is not whole pinky full of rainbows, and butterflies, and unicorns, I have to say the truth. Long time resolution, loneliness, deception, companies, there are also bad points (or maybe I’m just frustrated to get so much duplicates these days xD).

...

As a user I would say that I don’t care about all these Flash stuff that try to catch my eyes, most of the time I have a plugin to disable them. As a developper, it reminds me the (not so good) old time when the marketing peoples always wanted to add “movement” in the website, yeah it looks so kool! As a hacker, well… I didn’t know how nice it could be, but I recently learned how to find issue in there and it’s funny as hell. I was close to the success as I quickly found 3 XSS, but unfortunately all my reports were marked as duplicate :/

...

A friend recently asked me what methods I use to find subdomains. To be honest I was confused, like “oooohhh so much, brute force mmm… zone transfer and… brute for… wait Google and mmm… many other tools!” What a shame that I was so inaccurate after so much time spent to look for subdomains. Time to dig a little bit! After I wrote a list of the most popular methods, I tried to make a list of some tools and online resources to exploit them. Of course this list is far from exhaustive, there are many new stuff every day, but it’s still a good start :)

...