gr3pme

[HackerNotes EP133] Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

In this episode, we’re joined by Harley and Ari from HackerOne to talk some about community management roles within Bug Bounty, as well as discuss the evolution of Bug Bounty Village at DEFCON, and what they’ve got in store this year.

[HackerNotes Ep.131] SL Cyber Writeups, Metastrategy & Orphaned Github Commits

[HackerNotes EP.129] Is this how Bug Bounty Ends

The future of hunting, hackbots and Rez0's blog, 'This Is How They Tell Me Bug Bounty Ends.

[HackerNotes Ep. 127] Drama, PDF as JS Chaos, Bounty Profile Apps, And More

A new bug bounty newsletter, PDF to JS tricks, OBS Websocket RCE, EchoLeak writeup, new tool drops, bug bounty profile apps and a whole lot more. Check it out below.

[HackerNote Ep.125] How to Win Live Hacking Events

We've got some fresh research and Justin's guide on on how to succeed at live hacking events. We cover pre-event preparations, challenges of collaboration, on-site strategies, and the importance of maintaining a healthy mindset throughout the entire process.

[HackerNotes Ep. 123] Vulnus Ex Machina - AI Hacking Part 2

We've got an AI hacking masterclass. We cover mastering Prompt Injection, taxonomy of impact, and both triggering traditional Vulns and exploiting AI-specific features, plus a bunch more below.

[HackerNotes Ep. 121] Slonser's Image Injection 0-day - ATO & New Caido Collab Plugin

A Chrome 0 day allowing IMG injection to query parameter leak, a writeup by Sharon Brizinov that netted 64k in bounties by searching Git repos for secrets, a tool drop featuring Subdomain link launcher & Drop for Caido, MCP Protocol Research, NahamCon and content from Pliny leaking the system Prompt Gemini-2.5-pro With Canvas plus a whole lot more.

[HackerNotes Ep. 118] Hacking Happy Hour: 0days on Tap and SQLi Shots

We've got some extra Next.js Middleware payloads for ya, LLM polyglots, fresh research on React Router & Remix, IOT research, MCP Security and some clientside tips. Check it out below.

[HackerNotes Ep.116] Auth Bypasses and Google VRP Writeups

We've got Portswigger’s SAML Roulette writeup, as well as some Google VRP reports, and a Next.js middleware exploit.

[HackerNotes Ep.114] Single Page Application Hacking Playbook

We're diving into Single Page Applications (SPAs) and how to attack them. We also cover a host of news items, including some bug write-ups, AI updates, and a new tool called Hackadvisor.