I’m starting this post with adoration for the Critical Thinking Podcast. The podcast launched around the time I began hacking full-time, and I consider it my companion. It is required listening for bug bounty hunters, but I recommend it to anyone involved in cyber security—especially if you care about the offensive perspective (and you should)….
The story begins with HackerOne, one of the leading bug bounty platforms. For those that don’t know, many companies accept vulnerabilities as part of public vulnerability disclosure programs, or they invite established hackers to private programs. The good ones even offer rewards. This is a big change from hacking twenty years ago, when a company…
Introduction At the time of this writing, I’ve worked in cybersecurity for two+ years as a penetration testing consultant (aka an ethical hacker). Each week, I target a new company’s systems, identifying and reporting vulnerabilities that I find. The fast-paced and varied nature of this work has provided me experience with a wide range of…