Andrey (azangru) wrote,

A trending link on Hacker News is to a blog post by a guy who checked Github Pages for security vulnerabilities, found some high-risk ones, and received $35,000 in bug bounty money. The guy identifies as a security researcher and a programmer. He was also, at the time of discovering those vulnerabilities, a high-school student, 17 years old or thereabouts.

The github's bug bounty program had been announced on the site called hackerone; so I looked it up. There are some education materials for would-be hackers there, among which I found a charming video about looking for front-end vulnerabilities, which gives an interesting insight into a hacker's mind. The host of that show, a self-identified hacker, admits about himself (at around 9:25) that he is a "non-code person". He also doesn't seem to have ever worked with browser dev tools — instead, he's been using something called burp for hacking.


  • (no subject)

    A beautiful cartoon on the front page of The Week:

  • (no subject)

    This is just as bad as a brief exchange with a belligerent guest on a regular news show: Six minutes! Six minutes, during which Rand Paul is…

  • (no subject)

    The war on repetitions:

  • Post a new comment


    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.