Department of Defense Researcher of the Month (Year)

I was recently awarded the DoD Researcher of the Month for July, 2023. Between moving across the country and other hacking duties, I still had time to hammer away at a particular subdomain and found a bunch of stuff including a null byte truncated file extension file upload RCE that was present in multiple locations. Along with that I had some XSS, SQLi, and auth bypass, I think. I'm gonna try and repeat for August, since I'm on a roll, despite it only being VDP and not a Bug Bounty program. I have some good reports in, and a couple in the works, but I don't know if they'll be enough to win, lol. Hopefully I'll get back to some bounty programs after August. Actually was researcher of the year, eventually. [2023 Department of Defense Researcher of the Year](https://www.dc3.mil/Portals/100/Documents/DC3/About%20DC3/Annual_Report/DC3-Annual-Report-2023--FINAL--DIGITAL.pdf){:target="_blank"}