$10,000 for a vulnerability that doesn’t exist
A couple of months ago, an interesting story happened to me. At that time I was working in a field not strongly connected with application security. And every month it became more and more obvious that something had to change. During the COVID-19 period, it was not very smart to change jobs. But the stars aligned and I was hired as an application security engineer for a very cool company. In between contracts, I was forced to take accrued vacation days. That’s how I arranged my vacation for three weeks. But I didn’t want to be idle, so I decided to do bug bounty hunting.