What to do when stuck bug hunting
or, some ideas to get out of that rut
Some call it a burnout. You probably heard of it. But, instead of actually doing something about it, some of you probably left for some other more convenient time and then forgot about it. I did. So, for some of you this is also a friendly reminder. From various interviews by nahamsec, it appears that being burned out can also mean not finding any bugs. Personally, I can’t imagine being good at something consistently and at the same time having to take a break from it. It makes no sense. What does make sense, it’s getting your ego kicked in after not finding any bugs, or getting duplicate bugs where you thought you had found the one to rule them all (jk, but you get the point).
Are you burned out or are you being simply lazy
This one has to be answered honestly if you expect to make a real progress.
If you’re hunting for xss by trying a few common payloads and maybe a few waf bypasses on obvious parameters (like search/query), and you’re not having any luck (because in this case it’s all about having luck), then you may be lazy. This is not to say don’t only hunt for xss, it is to say, you have to try all the possible and impossible xss payloads, all the known ones, the encoding, double encoding, unicode, etc. You have to attack all the parameters…