Andrey (azangru) wrote,
Andrey
azangru

A trending link on Hacker News is to a blog post by a guy who checked Github Pages for security vulnerabilities, found some high-risk ones, and received $35,000 in bug bounty money. The guy identifies as a security researcher and a programmer. He was also, at the time of discovering those vulnerabilities, a high-school student, 17 years old or thereabouts.

The github's bug bounty program had been announced on the site called hackerone; so I looked it up. There are some education materials for would-be hackers there, among which I found a charming video about looking for front-end vulnerabilities, which gives an interesting insight into a hacker's mind. The host of that show, a self-identified hacker, admits about himself (at around 9:25) that he is a "non-code person". He also doesn't seem to have ever worked with browser dev tools — instead, he's been using something called burp for hacking.

Subscribe

  • (no subject)

    On the dreadful state of the style of modern Russian communication. "There is no alternative", writes an author, and then immediately outlines an…

  • Via Twitter

    Via a tweet, but I thought I'd get my own copy. A beautiful illustration of how a caption totally misrepresents what's been captured in the photo.…

  • (no subject)

    Here's an extract from Uncle Bob's book Clean Agile. Although he has fallen out of grace with the champions of social justice, the sentiment…

  • Post a new comment

    Error

    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 0 comments