-
I am choosing target like and sticking with it for a week manually testing and lastly using tools just to see if my payloads worked. I am not jumping around like i used to Chris i am just focusing on 3 bug classes and those are of course: SQL Injection, OS Command Injection and lastly Cross-Site Scripting. I know there are 100s more but i can’t focus on more than that, when i dedicate a solid week to each target whether i find something or not it gives me times to work with a site and see what makes it tick and further investigate the tech that makes this website work behind the scenes.
So in the end each week is a new target, but it’s only sites i am interested in i stick to the same websites i know and have interest in ones i work with on a daily basis. No reason to jump around and waste time and learn everything about a new site. I am more focused and patient than i was before when i started and through your guidance and training striking gold is inevitable because NO WEBSITE is 100% secure no matter how large or advance there is always a way to break in and find bugs.
Thank you as always, Chris, your work is pure gold to me and will continue to use and reference to you have boosted my confidence like no other compared to me earlier being lost.
