I am Nitin yadav(KD) back again with another write-up on the best tool for finding easy vulnerabilities. So without further wasting time let's roll to the bug and how I found it.
This time I thought of finding the bugs which I had never looked for so. And as you can see people saying about recon and making your own methodology. So I thought of giving it a try and started making my own methodology. And frankly speaking, it really helps. As I don't hunt on the same program if I am not finding bugs I switch to another program but this time I decide to not change the program I have to find some bugs there and at least test the program for 1 month. So It was a private program and I started testing and also take notes of that.
How did I start?
I thought of testing the program using the owasp checklist
As I move further I found some bugs but after some days it became boring. So I thought of a shortcut
How I got easy bugs?
As you have read my last blog If not you can find it here —
Here I talked about a great tool and really it helps. I thought of using Nuclei and started it on in-scope domains.
But my bad luck this time. I got nothing and I stopped testing.
But after some time I thought that the templates used in nuclei are the same as everyone is using them so what's the difference and how can I find bugs using the same templates as everyone else is using so I started looking for the templates which are not given by Project Discovery team and got some templates by some of the cool researchers out there.
And I load the templates and then as I always do. Relax and let the tool do its work within just half an hour I found 4 or 5 bugs and that means $$$$
As by manually testing I don't think I may find those bugs so I think both are important I reported the bugs and after that
Relax and wait for a response from the team
I hope you enjoy this one and I see you next time ;)
Take care, and happy hacking!