Rapid automation will define the evolution of Bug Bounty hunting in the coming years.
GoDiego (real name: Diego Bernal Adelantado) is the inaugural interviewee in a series of Bug Bounty hunter Q&As we’re publishing on our blog, in text and video form (some videos are already available on YouTube). The Q&As, which ask YesWeHack hunters about their backstory, finest discoveries so far and advice for newbies, should at once be inspirational and educational for their peers.
GODIEGO ON GETTING INTO HACKING AND BUG BOUNTY…
I’ve been hacking for like four years now, I think, more or less. It’s been a wild ride!
My story is a bit random because I first started when I was like 15. I was bored in my room, and I said: “Oh, I don’t know anything about computers – let’s teach myself how to code.”
Then a couple of years later I found out about Bug Bounty. I didn’t know what it was at the time, so I didn’t pay much attention, so I just kept learning stuff.
And then I just got drawn into it, and started doing Bug Bounty – and here I am!
THE THREE WORDS THAT BEST DESCRIBE HIS DEFINING QUALITIES AS A HACKER…
I would say: persistent, creative and curious.
ON HIS MOST CREATIVE VULNERABILITY DISCOVERY SO FAR…
I would say that my most creative and special bug was my first one, because I was testing one of the major news companies. They have a ‘limited’ program. So I was testing it. At this point I was a noob: I didn’t know what I was doing.
There was this feature for careers applications. I tried a couple of payloads – nothing worked. Then, one day, I noticed that they had this “submit a Word document” feature so I tried that, and nothing happened. I put some XXE payloads inside, then saved Word again – it didn’t work.
But they had this button: “Extract data and fill in application from Word”. So I took that then got the pingback.
At first I couldn’t believe it. And then it turned out, yeah – it was accepted!
ON WHAT IMPRESSES HIM MOST ABOUT YESWEHACK…
From my point of view, the thing that makes YesWeHack different is that the triagers are very fast. I sometimes put in a bug and then a couple of minutes later it’s on triage. That’s quite nice!
Also, there are some very good programs, and I’ve had very good interactions with them.
HIS PREDICTIONS FOR THE EVOLUTION OF BUG BOUNTY…
The Bug Bounty world is moving into an automated era, where most people are just relying on tools. So in the future, from my point of view, everything will be based on post-authentication bugs, rather than just finding, I don’t know, an exposed Git repo or something like that.
The level of automation that is going on right now is crazy.
HIS ADVICE FOR ETHICAL HACKING BEGINNERS…
I would say: experiment. Most of the times I found a bug while trying random theories, or saying: “well, what would happen if I tried this or tried that?”
Just don’t rely on other people’s tools; be creative and do your own thing. Because in the end that’s what’s gonna make you stand out and be different!