I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).
May 22, 2018 • 15 tweets • 3 min read
Hackers, here's a brain dump to help you understand my general (post-recon) application security testing methodology and how I find high / critical vulnerabilities. This is how I demonstrate the value as a hacker. 💰 Ask me anything. #TogetherWeHitHarder
0x00: I visit the product and marketing pages and read up what the products do. I identify how the product it exposed to the end user. This will give me an idea what the initial attack surface looks like, what data they're protecting, how users interact with each other, ...