3 Bugs Thats Pay V1

# 3 Bugs That Pay

**Volume 1 — Real Bug Bounty Cases with Step-by-Step Recon By: Kassem_s94**

## Preface

Welcome to Volume 1 of the “3 Bugs That Pay” series.

This book is written for ethical

hackers—especially beginners and intermediate bug bounty hunters—who want to

understand **how** vulnerabilities are discovered and **why** they're valuable.

Every chapter contains a real vulnerability report, full recon methodology, PoC details,

browser/Burp-based testing, and realistic impact analysis. [40 Pages]

If this book helps you in

your bug bounty journey, consider sharing it and tagging us:

- **Talegram:** @apesOfficial (Contact me to get your personal copy using any other payment method)

- **X (formerly Twitter):** @kassem_s94

- **LinkedIn:** linkedin.com/in/all-inbox-llc

**Volume 2 is coming soon!** Message us to get early access.

For those unfamiliar with my work, I'm proud to share some of my achievements:

HackerOne Profile:

hackerone.com/kassem_s94?type=user

Ranked #30 Globally in Web-App Assets Bug Bounty on HackerOne in 2024.

Ranked #1 in Lebanon for Web-App Assets Bug Bounty in 2022, 2023, and 2024.

Ranked #80 Globally in Critical and High Vulnerabilities on HackerOne in 2023.



Included in the Apple Hall of Fame for security research:

https://support.apple.com/en-us/122162

Recognized in the eBay Hall of Fame for security research:

https://pages.ebay.com/securitycenter/archived-researchers.html [kassem_s94]

Found a DOM XSS bug on Microsoft.