A previous career in development equipped Aituglo to fashion his own hacking tools as well as identify where vulnerabilities may be lurking.
Nurtured since he became interested in cybersecurity aged 14, these talents have propelled the twentysomething to a lofty position on our all-time leaderboard.
However, the French hunter’s admission of finding the first few bugs challenging should be hugely reassuring for any newbies who are struggling to find their first bug.
In the interview below, the creator of a cybersecurity and vulnerability search engine also reveals how he chooses his targets, his favourite hacking tool, his top tip for aspiring hunters, details of a “hacker house” experience and his favourite bug find so far.
This interview was conducted during a YesWeHack live hacking event at leHACK 2025 in Paris.
Aituglo on what he finds most challenging about hacking….
The fact that you know that there are a lot of bugs everywhere, but you don't know where to start and where to find bugs. So it can be challenging at first, but when you start finding the first bug, after that you can find a lot of them.
On how he chooses his targets…
I'm primarily looking at targets that I already use on an everyday basis. So mainly apps that I use every day, apps that I love to use. So I know that if I found bugs on them, I can use it or not after that, because if I found a lot of bugs on the target like that, I will not use it again.
On his favourite hacking tools…
My favourite hacking tool is Caido, which is underrated at the moment. And I love using it instead of Burp because it's lightweight and pretty nice.
As I was a developer before that, I love to develop my own tools and be able to find bugs like that. So I'm developing plugins for Caido or maybe some scripts for myself to help me find more bugs.
On whether being a developer helps him succeed as a hunter…
Yeah, a lot, because by being a developer before, I have the mindset of how people create new tools and how people create websites. So I know where I can find bugs and how it can happen.
On what he likes most about YesWeHack…
I love YesWeHack because the triaging is perfect, so it's very fast to get triaged. And I love the platform, the people there are pretty good. And the bugs are pretty good there, and the programs are also pretty good
On his proudest bug discovery…
That was a bug when I was able to reset the password of every account in a big medical company. So that was pretty huge. That was a full chain, so it was different bugs chained together. So that was mainly IDORs and improper access control bugs. And at the end it had the result of resetting every password of everyone.
On his most fun experience as a hacker…
I did a ‘hacker house’ with some friends, mainly on YesWeHack, and it was very fun because we were like a lot of friends just doing Bug Bounty together, having a villa, and that was amazing.
On the three words that best describe his hacker mentality…
I would say persistent, creative and community-driven, mainly because I'm writing a lot of blog posts, so sharing my experience and all the stuff I'm doing on Bug Bounty. So I love doing that.
On his top tip for newbie Bug Bounty hunters…
Being persistent on the target, and taking a lot of time, because on the first time you will not find any bugs, but you can find one maybe a week later or maybe a month later. So just being persistent and still continuing to look at the target.
Interested in emulating Aituglo? Register as a hunter on YesWeHack, sharpen your hacking skills on Dojo, or learn about the latest hacking tools and hacking techniques on our blog.
