this post is not about any of my findings, its about resources for the bug bounties for learners, no matter you are starting or experienced, there is always something to learn from others.
and if you are just starting into bug bounty then surly its going to be helpful post, and some kind of necessary to do as nowadays seen many new guys starting bug bounty by seeing that $$, its good that you want to make $$ from it but before that you should understand the process , quality and report writing which will help you to make more $$, so its better to understand 1st and then go for it.
so here am going to add some links which have lots of info’s, resources, writeups about i was talking before.
so this post is about how I was able to hijack ton’s of domains/subdomains who using Instapage if there service got expired.
What is instapage ?
Instapageis a service that lets you build landing pages for your online marketing and promotion campaigns with ease. It offers features such as A/B Testing, multiple campaign management, easy page building, and a lot more!
it also allows users to map its template on there own domain or subdomains.
How i found it ?
as am one of researchers from HackerOne platform , I was trying to get something on HackerOne itself as I want that Hacking HackersBadge of my profile.
I found hacker.one is inscope domain list which is one of the officail website of HackerOne, and when I vistied it and seen some error which caught in my eye and after figuring it, I come to know it was Instapage error which occurs when service get expired or domain or subdoamin not linked properly and it takes just few mintues to figurte it out that I can publish my own template to any of misconfigured and expired domains/subdomains of instapage and luckly HackerOne is one of there users.