What do I do when I'm bored? A few words about Bug Bounty!

How can you satisfy your curiosity in your free time? How can you combine your free time with learning and deepening your technical knowledge? How do you feed that curiosity that keeps growing as you dive deeper into the unknown? There are certainly many ways to do that. Today I’ll describe one of them, a method known only to those who currently work with me or have worked with me in the past. These people know that I often break things, but occasionally I manage to fix something too 😀!
It’s all part of the process.
Without breaking and learning, there’s no knowledge or experience. But today’s story isn’t about that. Today is about fixing things and how I contribute to building a better and safer internet, a safer cyberspace. Not long ago, I slightly updated my LinkedIn profile. Some people might have noticed, others probably saw it while scouting for team members or networking.
Because I’m a naturally curious person, I’ve been searching for a way to channel that curiosity into something that sparks creativity and never lets me get bored. And I FOUND IT 😀!

What’s it all about?

For the past two years, I’ve been spending my free time hunting for infrastructure misconfigurations, vulnerabilities, and potential security or data breaches. Some might call it bug bounty hunting, especially when it involves programs that reward vulnerability disclosure, though sometimes it’s just my independent security research.

During this time I’ve reported around 30 various issues, from minor bugs to more serious security flaws and misconfigurations across different services, platforms, and bits of code. I do all of this outside of work hours, in the little free time I have between learning new skills and studying for certifications. I’m not sure if that’s a good or bad number. I’m proud of it. I’ve found a creative, engaging way to deepen my technical knowledge while contributing to a safer digital world!

While I can’t share too many details, I’ve reported issues to government institutions and companies in Poland, Brazil, Singapore, India, the Czech Republic, and the USA. It’s incredible to see where curiosity and the right ethical mindset can take you. A few times I even got into official bug bounty programs and received rewards for my findings. That feeling is amazing. Maybe someday I’ll take this even further and become a full-time Bug Bounty Hunter - it’s a tempting idea!

For now, I do it on the side, but I’ve already given myself that nickname, Bug Bounty Hunter because I’m genuinely proud of what I’ve achieved so far. Each discovery, no matter how small, brings me joy. I report vulnerabilities as quickly as I can because if I find them, there’s always a big chance someone with bad intentions might find and exploit them too.

Yes, it’s time-consuming and often tedious, but it pays off both when I discover a vulnerability and when I simply learn about a new tool or technology. Even when I don’t find anything, I walk away with knowledge of some tool, framework, or programming language I hadn’t heard of before 😅!

Exploration

I don’t remember all of my findings, but some of them I’ll never forget. Since I enjoy working with SQL, I often start there. Other times I begin somewhere completely different, like reading about a specific technology, network ports, interesting networking quirks, proper configuration, best practices, or OWASP. There are no rules, I just follow my curiosity. I believe that alongside patience, curiosity is the most important trait. Besides SQL, I also enjoy frontend development, so Vue.js, React.js, and Vanilla JS are not foreign to me. I’ve discovered XSS vulnerabilities before, and even in plain HTML and CSS, there are often overlooked implementations that can lead to interesting and unexpected situations. Since I’m diving deeper into cloud security, I also look for misconfigurations there, exposed management panels, and much more…

One of the findings

Some time ago, while exploring the depths of the internet, I came across a publicly exposed application orchestrator panel. This panel was accessible without any authentication, which allowed anyone, literally anyone, to view and modify task configurations, inspect logs, containers, user data including emails and passwords, API credentials, and application code, and even execute tasks with root privileges. Within one of the task definitions, I found login credentials for an external email service (which at least had two-factor authentication enabled). The cluster connected to this panel consisted of hundreds of clients, thousands of allocations, and massive computing resources.
Discoveries like this serve as a strong reminder of how critical it is to properly secure management panels, especially in production environments.

The report

After discovering the vulnerability, I followed best practices and first reported it to the national CERT. Unfortunately, to this day I haven’t received any response, not even a confirmation of receipt or any kind of feedback. So I decided to reach out directly to the company responsible for the application and infrastructure. To my surprise, they replied within 30 minutes, and the entire vulnerability was patched less than 2 hours after my report.
That kind of response deserves great recognition and shows that responsible behaviour and quick action can go hand in hand 😃! If you're reading it - Regards once again!

Just do your thing

You won't always get a response. You won't always get a thank you. You won't always get a reward. But that doesn't mean it's not worth it. Every action that brings us closer to safer internet matters. For me, it's a combination of passion, science, and a real impact on the world. It's also a great form of technical development that never gets boring. If you find something – report it.
If you can improve something – improve it.
Because even if no one notices it, you'll know you did something good.

And that's where it all starts…