trieulieuf9

This image is a glimpse of list of test cases I check over time in my most successful bug bounty program. Captured in Sublime Text sideview. ~2500 test cases. These are only cases I write down, I estimate the test cases I did write down is 3 times this amount. So I have done 10k of test cases in this program. And I have reported 230 valid bugs on this program. 10000 / 230 = 43 So on average, I will find one bug after 43 test cases. That's the ratio on my most successful program, for other programs, the ratio is even higher. A bug bounty beginner DM me on Reddit,  say  he has learned hacking for a year. But he can't find any bug on real bug bounty website. I ask ed what did he test, he listed about 20 test cases and that's it. This is the problem with not only him, but most beginners: their expectation of how much effort it takes to find a bug is much less than the actual amount. When the amount of effort they put in exceed their expectation, they get discouraged, they think...

This year, I almost always put my phone on Airplane mode, so that no spam, scam, real estate selling, stock broking calls can distract me.  People who know me can reach me via chatting apps, when I expect a call from someone, I will turn off Airplane mode for this period. I also cancel my mobile phone internet subscription, so I won't use my phone to go online while going out. I also leave my phone in another room when going to bed, so I won't go online before sleeping. This habit alone saves me at least 1 hour per day and boosts my sleep quality too. Now I really enjoy the time laying on bed before sleeping. These small things improve my quality of life and bug bounty performance quite a lot.

Limiting Beliefs When thinking of doing bug bounty. Do you feel overwhelmed, heavy, stressful? If yes, then you are likely to procrastinate when doing bug bounty. Why is that? Because you are holding some limiting beliefs about bug bounty that makes you feel doing bug bounty is hard work and stressful. These limiting beliefs may be: - Bug bounty is very hard, only top hunters success. - Bug bounty is very hard, now is 2025, most of bugs are found already. - Bug bounty is very hard, mass automation and AI will find most of the bugs soon. - Bug bounty is very hard, these websites are built by top programmers, their code are very solid, I will have no chance to find bug here. - Bug bounty is very hard, there are people spend 100+ hours in it and found nothing. - Bug bounty is very hard, developers are using programming frameworks, they code properly now, no chance for bug. If you hold any of the above beliefs, then you will have the tendency to wait for "perfect moment" before d...

1. Recently, I bought a $1500 Apple Studio Display. I never think of buying a monitor this expensive before, it costs more than the computer I am using. 5 Years ago, I would think this is a stupid buy, and I buy for the brand, not for the value. But no, this monitor reduces my eyes tiredness significantly compares to my old monitor. This allows me to have 1 more hour of screen time, If I spend this 1 extra hour to bug hunting every day, I will earn $1500 back very soon. Then this purchase has a really good Return of Interest. It improves quality of life too. 2. Previously, I didn't pick a mattress myself, I slept on any bed my current place has. One of them was very rough, I had to wake up at night to change position, otherwise my blood can't flow. The other one was very soft, my back was tired even after a night sleep.  I just bought a $600 Kymdan mattress last week. I don't wake up at night anymore, for the whole week. This leads to more restful sleep, I have more energy ...

For any bug bounty hunters/hackers who think they should learn some web application programming and want to learn how to program. https://github.com/trieulieuf9/A-Web-App-from-Stratch

  You can't control your result in bug bounty. Only effort. The word Hunter makes us feel like we need to find some bugs. Otherwise, we fail to be a hunter, our job is worthless, the process is just a mean to an end. If we think ourselves as bug hunters, we will have a lot of unnecessary thoughts, which leads to  unnecessary  stress, which leads to  unnecessary  burnout and procrastination. We have these unnecessary thoughts because we try to control the result, we think the more thoughts we put in it, the better we can control result. But in fact,  we can't control our result in bug bounty. Instead, be a security researcher. Who emphasis on the process, not the result. When testing a target, we learn how its security works, learn its features capacities, discover some quirks, and see if we can spot any security bug out of them. This leads to more enjoyment and less stress while hunting for bugs. With this small change in attitude and mindset, you will get ...

  https://www.youtube.com/watch?v=GoW8Tf7hTGA I just watch this video again. Maybe the 10th times. This time, I realize that there is something that connect everything else, people are pulled toward center on the Earth. All planets in the Solar System are pulled toward center of its center. The Solar System and many of its equivalents get pulled toward the center of a galaxy. Many galaxies are connected to form a supercluster of galaxies, at this point, we can't even see what is in the center that power all these galaxy-connections. The whole universe now looks very much like a living being. Each person is a cell of this GIGANTIC being. There is a rule in the universe, that's everything is available in abundance. When creatures on Earth need energy, the sun provides 100 times of what is needed. When these creatures need water, they are provided with rivers and rains. When they need air, there are so much air they take them for granted for the rest of their life. The Earth is va...