Our latest Hackevent has now concluded and we have two winners,
@IamVictorTeh
and
@AyushSingh1098
, congratulations!!!
We received over 700 reports from 69 unique members and over $10,000 was paid out! Thank you everyone who participated on our event and we hope you enjoyed it.
We just added publicly disclosed issues from
@Hacker0x01
sorted by vulnerability type so you can learn what types of vulnerabilities to look for on specific programs. More features in the pipeline on the way to help you with your hunt!
We have made the decision to remove expiration on memberships and as such any current and new members will have lifetime access. We are looking forward to welcoming new members tomorrow!
We're live: - ready to get involved in bug bounties?
Learn about web application security vulnerabilities, practise on unique challenges, gain insight from guides, and you can even obtain
@zseano
's methodology whilst practising on a unique web app!
"Stored XSS on /manageappointment.php using the message parameter leading to account takeover" - disclosed by
@holybugx
, one of many great reports from our first hackevent!
View all disclosed reports from the event ->
Struggling to understand how to write notes when hunting? We've just added a new guide which is a guest post from bug hunter
@iBruteSec
on writing effective notes for bug bounties.
Our web application BARKER is not your typical CTF. In fact, there are no flags to find at all! Our web application works just like a real world website & contains real findings you’d find on bug bounty programs! Learn how the site works & begin to discover bugs 👀
Thank you so much everyone that recommended us! we actually still consider ourselves in Beta as we have lots more in development to come and we’re still testing our training :) here’s to the future of helping others kick start their career as a bug bounty hunter 🙏🏻😘
Interested to know how one of our top hackers
@J0_mart
approached our web application FirstBlood for our first
#hackevent
? Check out his writeup of his approach here:
So many giveaways :O We've just sent out a bunch of invites and we *think* we've invited everyone, but if we've missed anyone please contact
@zseano
. We also have 5 more to give away kindly donated by
@0xblackbird
- more on that soon though! (Plus lots more news!!). Brb! :)
Anything is possible if you put your mind to it.
@PRIME31
is an example of that as he joined us with no knowledge on webapp security but he's been our
#1
hacker for 2months+ now and he's *also* now earning bounties from bug bounty programs. We're honoured to hack with you! <3
We've updated the UI for the members dashboard and introduced "Missions" to help give you something to work towards when hacking. We've also released a new update for BARKER with new vulnerabilities added, bringing the total to 145 now. Login now to see changes & happy hacking!
*PROMO* - We re-opened membership recently and we're ready to triage your reports! Learn to discover & report vulnerabilities with our realistic web application BARKER
❗Get 30% off when using code LETSHACK on Stripe Checkout (Valid for 100 uses)
We recently added a list of public HackerOne programs
which includes information regarding their activity. Browse how many new reports are being received, new hackers thanked and resolved count. We will work to add more over time & improve things :)
After our promo ends on 4th Jan we will not be accepting any new signups until further notice. Thanks everyone who has joined so far, we will do our best to look after you <3 :)
Well that’s another Hackevent over! We hope you all had fun! Over 500 reports from 40+ hackers to triage, you have all been very busy! Bounties will be paid going forward tomorrow. Lots of you achieved full root access on the firstblood web app 😎 great work all round !!
If you are a Level 3+ member then make sure you have your
@intigriti
account linked to receive a private invite as a new perk!
If you don't already have an account you can signup here ->
If you purchased a hard copy of
@zseano
's methodology then whilst you wait for it to arrive, how's about practising on BARKER and joining our community? :)
Be on the lookout for an email shortly as we are sending you 3months free membership!
From now until 28/11/2022 23:59:59 UTC there is 37.33% off our membership!
Test your knowledge on our realistic web application "BARKER" which currently contains 170 vulnerabilities based on real findings from
@zseano
Lots of our members finding some of the new XSS bugs recently added to BARKER. These bugs use a WAF like filter and they are based on bugs
@zseano
found recently. Some of our members are even already finding similar bugs found on BARKER on bug bounty programs :-)
Happy to say we're finally welcoming new members. We've made a few changes and we're still busy working through our list of to-do's! We have a few things left in the pipeline that we did intend to get released before re-opening.
Read more here:
Hope everyone had a great day! Just a reminder to all level 2 members that instead of hacking today we will be hacking on MONDAY 28th December. If your new you still have time to find 25 bugs to join us!
Curious on how
@J0_mart
learns new things? Check out his contributed article "Mass assignment and learning new things". He has also kindly made a challenge to go with it which is available for members (with plans to make publicly available in future).
Welcome to all new members from
@zseano
's giveaway! We hope you enjoy the content and hacking on BARKER! Find enough bugs, level up and then come join us every two weeks for hacking fridays! :) Merry Christmas everyone! 🎄
.
@zseano
will be hosting a private stream for members at 2pm today to help give you some help, tips and advice when testing on BARKER as well as general mentoring! See our news and update discord channel for more information on how to attend
FirstBlood is now available for all members to practise on (no matter what your level). Click onto the Hackevent tab on your dashboard to view the scope and then start your instance.
Happy hacking!
What a weekend! 2 days of hacking with level 2 members for our new Hackevent format. Training and hacking on a public program resulting in 4 bugs! A huge success in our eyes and we look forward to the next!
We are happy to welcome new members as of right now! Thank you for your patience & understanding as we made platform updates!
BARKER currently has 108 vulnerabilities for you to find ranging from XSS to SSRF & SQL, with new updates regularly.
See our website for full info!
Only a few hours to go until FirstBlood v3 is available to hack on! Who's ready to hack and earn some bounties? :-)
There are 25 bugs to discover in total and a pool of $10,000 up for grabs including swag. Good luck to all participating, we look forward to triaging your reports!
Huge congratulations to
@J0_MART
for absolutely destroying BARKER since day one and being the first to reach level 3! Keep an eye out for a hard copy of
@zseano
's methodology & custom swag heading your way very shortly!
We also have our next Hackevent starting on the 8th December where you can win some bounties and new for this event you can also win swag! See you there?! :-)
You can view past events here:
We have even hidden 3 unique vulnerabilities on FastFoodHackings which if discovered will give you a unique code to obtain free access to including
@zseano
's methodology! Can you find one? Good luck!
Access it here:
There will be a slight delay with triage for bugs found on BARKER as
@zseano
is extremely busy with
@Hacker0x01
's live event. It is tough to focus on hacking and triaging reports. But don't worry, everything will be triaged before our next hackevent! :)
Please make sure if you've purchased
@zseano
's methodology in the past to access your account as you have full access to everything. Come play on BARKER!
Sorry for the delays with triage this week! We’re going to extend members with 3month membership and going forward we don’t anticipate there to be anymore delays and issues to be triaged in a timely manner 😘 we want to make sure your getting the most out of being a member
We have a 🎄Christmas🎄 promotion running from right now until 4th Jan 2021 where you can receive *1 YEAR* access to BARKER as well lifetime access to
@zseano
's methodology! Full info (as well as sneak peak into the platform) can be found here:
If you purchased just
@zseano
's PDF methodology on our new year promo then starting tonight at 23:59pm GMT you will be able to access BARKER as well for the next 3 months. You will be able to login as normal but you will see you have full access to everything. <3
Special shoutout to the super talented Panya. He is getting very close to discovering all current vulnerabilities on BARKER and the talent shown from him is admirable. Looking forward to continuing to work closer with our members this year! :-)
We still have 20% off membership prices, valid for just 4 more days! We've received some amazing feedback from our current members and it's been fascinating watching them learn and grow. We will continue to do our best to help you on your journey!
Our lead 'developer' Patrice has been learning all about XSS recently and he's confident he's patched them all for our next
#Hackevent
- we're looking forward to letting our hackers play next month :-)
Only 6 days until our first Hackevent: FirstBlood! We can't wait to see what our hackers will find! We will be matching all bounties we pay and donating to
@watsi
who helps fund healthcare for people around the world which is needed more than ever in current times. ❤️
Another batch of bounties paid to our amazing members for their hard work on FirstBlood v2. Congratulations to Panya, HolyBugx and iamvictorteh for discovering 19 unique vulnerabilities each. We made some silly mistakes but we'll make up for it next time!
"FirstBlood" is our first hands on hackevent with bounties to be won! Be sure to check out the new Hackevent tab on the members dashboard and let us know if you're attending
Just 2 days left on
#FirstBlood
— Join our host
@zseano
on his YouTube channel this Sunday at 3pm BST as we announce the winners and our hackers findings can be disclosed.
We know lots of you are eager to dive into our members web application BARKER and we’re eager to get you onboard! We’ll be welcoming new members again in a few days with our next update and we’ve added more options rather than just lifetime so it’s more accessible
Only 4 days to go until our next hackevent! Looking forward to letting our members have a play and paying some bounties 😎 we’ve been really quiet lately as development is ongoing and spare time to tweet is rare at the moment, but we’re still here building an army of hackers!
Our lead 'developer' Patrice has been learning all about XSS recently and he's confident he's patched them all for our next
#Hackevent
- we're looking forward to letting our hackers play next month :-)
Update for members: There's a new update for BARKER & Kreative bringing the total of unique vulnerabilities to 166, along with 3 new missions. Check out the new feature 'DoggyDates' and ensure the API is working correctly :-) Check the discord for full information & happy hacking
Our Christmas promotion has now ended and our signup is now closed. We will begin welcoming new members again in the near future, thank you for your patience & understanding. Don't forget our site contains lots of free information to divulge! :)
Not long until our Level 2+ members are tasked with hacking away on FirstBlood v2! Be sure to join the discord where we will be posting announcements & information relating to the event
We've re-added PayPal and we're running a promotion until 17/09/2021 19:00pm BST — Get 20% off all membership costs including upgrades for current members.
Barker intentionally has a lot of vulnerabilities but sometimes unintended ‘bugs’ are reported which turn out to be real. Some don’t have much security impact but goes to show mistakes do happen when developing! the mindset shown from our hackers is fascinating 😍
#proud
500 accepted reports :D Hackers are tearing up BARKER! And it makes us even happier to hear feedback from our members saying our platform has helped them earn a bounty!🥳 This is just the beginning, we have lots planned for 2021 :)
We will soon be releasing an option for "BugBountyHunter Enterprise" which will give companies the ability to control their training in-house, with being able to train both security researchers AND triage. More information on this to come soon!
Second update for BARKER is out which introduces a handful of new features and new vulnerabilities, including a bug recreated from one of
@iamnoooob
's writeups. Real bugs recreated for you to discover.
And we're LIVE! Our hackers are now busy testing our web application
#FirstBlood
for our
#HackEvent
- We will post updates and publish a live leaderboard as things progress throughout the week.
Good luck everyone! Come claim these bounties ;-)
Sorry that signup is currently closed, we know a lot of you are eager to hack on BARKER. We are busy working on introducing some new payment methods as well as new features. We hope to welcome new members ASAP. Thank you for your patience and understanding
Thank you *so* much everyone for voting us as your favourite training platform! We're so happy to see you love our content so far. We've got more to come yet, such as a program directory with more info to help you decide which program to spend time on
With the help of our Twitter community and our favorite hackers, we created this list of the 10 best bug bounty courses and training programs.
Have you tried some of these out? Which ones are your favorites? Share bellow! 👇
Update for members: We've re-added the disclosure option on your reports and you can now view fellow members disclosed reports. Click onto "Your findings & disclosure" to view your accepted submissions and disclosed reports.
Great work from
@martinvoelk
climbing to
#1
! It's been a pleasure triaging his reports and watching him tear BARKER apart. Watch out bug bounty programs :-)
Interested to see what our web application BARKER is all about? Check out
@zseano
tomorrow live with
@OwaspNagpur
doing some live hacking giving you his thoughts as well as tips + advice to help you on your hunts.
With
@PRIME31
currently a bit occupied on
@bugbountyhub
, Panya has snuck into
#1
! Absolutely amazing work from all our current members - wonder how long until someone discovers all current bugs?!
(PS: We're working very hard to onboard new signups. ><)
Thank you for your patience as we're still continuing to work to re-open signup, we are almost ready to welcome new members! Please note that future signups will be *manually verified* to prevent fraudulent transactions. This may take up to 48 hours.
Our 3rd Hackevent starts in 2 days where our Level2+ members can win real bounties (and swag this time!) for their findings on our vulnerable web application "FirstBlood". It's going to be fun!
You can now withdraw any bounties you may of won at our recent
#hackevent
. You have the option to use some of your bounty to gift lifetime membership, donate to our charity partner
@watsi
or withdraw to your $USDT wallet. See the hackevent tab on your dashboard for full info
BARKER is being ripped apart by our hackers, some great findings already! Want to learn more about what subscribing to BugBountyHunter gets you, or have some questions? Join
@zseano
live tommorow on youtube 4pm GMT for a look inside BugBountyHunter -->
📢 Announcement!
We've partnered with
@gobugfree
for their *first ever* live hacking event and all Level2+ members are invited to participate, time to put your learning to action! Make sure to join our discord for up to date info on the event and happy hacking!! :)
There is still an unclaimed flag on FastFoodHackings - if you discover it you will win lifetime membership!
hint: perhaps there's a particular API available? You'll know when you've found, but what to do from there? Ask the internet & see what info it holds.... :-)
We’ve added a few new vulnerabilities to FastFoodHackings as well as some flags which if discovered will grant you access to our members section.
One hint: pay attention to the features and potentially some hacker names attending something 👀
Happy hacking!
We don't send any platform updates via emails so make sure your discord is connected and you're in our server to stay up to date with the latest updates. Plus our community is awesome, so why not stick around? ;)
We're proud to be a Gold sponsor for
#NahamCon2021
- Find the full schedule at . It's going to be an amazing day!
Be on the look out for some giveaways on the day ;)
We love pressing this button, over $5,000 paid already :-)
We're so proud of everyone who attended our latest Hackevent and the amount of hard work you've all put in! It really does show! Hope you've all enjoyed it, lots of reports to still triage & bounties to pay :-)
We have just added 3 new free challenges to our training section:
There's a leak somewhere! (recon)
Can you access our private tool, XSS Destroyer? (misc)
Can you steal the SSO token? (open url redirect)
The reward bucket has been recharged by
@zseano
and we’re going to be announcing our next hackevent schedule tomorrow! We will also be offering 20% off membership (including upgrades for current members) starting tomorrow at 7pm BST lasting for 14 days.
We're conducting some maintenance tomorrow and we do not anticipate this to cause any issues however you may experience some disruption on our website with logging in & submitting new reports for a brief period of time.
👕 We're resuming swag rewards for Level3+ members but first we owe some of you some swag! If you reached level 3 from 01/03/2021 - 31/05/2021 and you haven't received an email from us with more information, please let us know and we'll get it sorted!
A few hiccups on launch but our next Hackevent is under way and there's already been 200+ reports in the first 10 hours! Our hackers are amazing and there's already some great findings waiting for triage. We'll share the progress as it unfolds!
We still have 10 pending users from last month who purchased
@zseano
's PDF methodology but haven't activated their accounts. Make sure to check your junk/email spam box. Any problems please email us or tweet us and we will do our best to help!
We've added information regarding our next Hackevent schedule for Level 2+ members. The FirstBlood developers are looking forward to receiving your help in securing their web application!
Members: Be sure to check out the "Bounty Training" tab on your dashboard for our latest video, and for level 2 member make sure you have checked out our Hackevent happening on 9th May and let us know if you're attending! :-)
We know lots of you are eager to hack on Barker and we’re just as eager to get you on board! We’re busy working on new updates for barker & improving the platform overall. We hope to welcome new members shortly 🙏🏻
Our co-operation with
@bugbountyhub
is still relatively new but we’ve already begun connecting some of our talented hackers with programs, and so far the feedback has been great! Smiles all round.
@PRIME31
@J0_mart
So proud of the progress members are making on BARKER! Makes me so happy to see the product I created working and people learning not just about bug types but the mindset to discovering them 🙏🏻 creating new hackers who can then follow in my footsteps & crush some bb programs:)
We’re sorry swag has not been sent yet to some of you, we are actually still waiting for some swag to arrive which is sadly taking a lot longer than we expected to arrive. Importing goods into the UK has changed since brexit :( but we’re working on it and you’ll get your swag :)