One of our latest Detectify Crowdsource hackers is Yasin Soliman, a bug bounty hunter from UK, who has been passionate about IT security since a young age. He was our most active researcher in September, so we decided to learn more about the guy behind the 23 submissions (!). We asked Yasin about his interest in security, the first bug he ever reported, and his role models in the security community.
Tell us a little about yourself; who are you, what do you work with and when did you start hacking?
My name is Yasin “ysx” Soliman, and I’m from the UK. Since a young age I’ve had a passion for information security, but I first became familiar with security research and bug bounty programs back in late 2015.
Driven by the pervasiveness of online technologies, I soon gravitated towards web application security, and six months later filed my first bug report.
Tell us about the first bug you reported.
The first bug I reported was in a HackerOne public program. After thoroughly reviewing the target’s client-side code, I happened across a set of interesting directories intended for the organisation’s customer support team. Further inference led to the discovery of several ‘homemade’ endpoints for support tickets, which led to the disclosure of user submission data. The issue was promptly triaged and remediated in under six hours.
What are your experiences with Bug bounty programs?
I signed up for a profile on HackerOne and Bugcrowd back in December 2015, but struggled to land my first submission for several months.
Over time, I developed awareness of different vulnerability classes and how to compose effective reports, in addition to researching on the Google VRP and other non-platform targets. On that note, I’d strongly recommend having a read of the HackerOne guide on this topic if you’re getting started.
During the course of May this year, I entered the Synack Red Team screening process for web application researchers and proceeded to pass the assessment phases. It wasn’t possible to proceed at that time due to a personal situation, but I look forward to commencing work with Synack in the months ahead.
What motivates you in your bug bounty hunting?
The bug bounty community motivates me hugely. To be part of such a supportive and inclusive network of researchers has a profound effect on my research outcomes. The challenge and thrill of bug bounty hunting, ability to develop income, and opportunities for skill development are definitely motivating factors too.
Do you have any role models in the bug bounty community?
Every day I come across incredible case studies, findings, and writeups. It’s hard to name a few! I frequently follow the research of Frans Rosén, Masato Kinugawa, Ruby Nealon, Jack Cable, Inti De Ceukelaire, Sean (zseano), Ben Sadeghipour, and James Kettle.
Your favorite source for the latest security research?
Nowadays I come across a large portion of research over Twitter, reading researchers’ blog posts (like those above) and the latest news from bug bounty platforms. In addition, the Full Disclosure mailing list often contains informative content.
You have been a very valuable researcher on Detectify Crowdsource and submitted many modules of high quality, how come?
After being accepted into the Crowdsource program, I came to strongly value the innovative platform model and emphasis on creativity. Having the opportunity to build proof-of-concept modules for well-known systems – such as WordPress and Joomla – means that customers can benefit from continuously automated discovery. I enjoy working with the Crowdsource team to investigate new apps, plugins, and tools – especially focusing around bypasses, XSSes of various classes and other logic issues.
What makes Crowdsource different from other bug bounty programs from your perspective?
In my view, Crowdsource helps you conduct research with a wider-reaching approach. After finding a vulnerability in a commonly used system, the Crowdsource team help develop your proof-of-concept into a scanner module. For every detection picked up by the continuous Detectify scanner, you receive a reward based on the severity and impact of the bug, and can compete with the Crowdsource community on the Leaderboard.
Find out more about Yasin
Twitter: https://twitter.com/SecurityYasin
Personal site: https://ysx.me.uk
Are you interested in joining Yasin and other security researchers on Detectify Crowdsource? Drop us an email: hello [at] detectify.com and we’ll tell you more, or check out this blog post where we have explained what we look for in a Detectify Crowdsource hacker.