Hacking on Bug Bounties for Four Years

I've got to respect the transparency and spirit of this post. Major props. What I really love is seeing all the partnerships that have gone into some of his work over the years. Didn't realize how mammoth of a task some of these reports must have been that were only made possible via collaboration.

Very informative and admirably transparent article.<p>From the other side (bounty program manager -this was linked to in another article on the assetnote blog):<p><a href="https:&#x2F;&#x2F;medium.com&#x2F;@collingreene&#x2F;bug-bounty-5-years-in-c95cda604365" rel="nofollow">https:&#x2F;&#x2F;medium.com&#x2F;@collingreene&#x2F;bug-bounty-5-years-in-c95cd...</a>

A friend of mine looked at the feasibility of getting into bug bounty as a professional career. He mentioned that if you&#x27;re not specialized on a specific attack, you have no chance.<p>I think it&#x27;s quite refreshing to see that Shubham Shah is a strong counter example.

Hey Shubham, nice report and write up.<p>Do you see much demand on the mobile security side, either as a specialist or focussing on mobile bounties?