The Journey Begins
I’ve dedicated nearly a decade to IT and cybersecurity, steering the digital helm as a director at an accounting firm. Yet, it was only two and a half years ago that I ventured into the realm of bug bounty hunting — a journey that didn’t exactly start on the high note I had anticipated. The early days were riddled with self-doubt and endless tutorials; actual hacking seemed just out of reach. I was mired in a quagmire of impostor syndrome, feeling perpetually on the brink of giving up, convinced I wasn’t cut out for success in this new field.
Then, a pivotal moment arrived. While listening to an episode of the Critical Thinking Bug Bounty podcast, I heard Justin discuss a transformative approach: embrace hacking and the inevitability of failure. Though it was a familiar refrain, something about the way he framed it that day resonated deeply with me. To truly excel in bug bounty hunting, I realized, one must not only confront applications directly but also learn from each unsuccessful attempt. This insight was a game-changer.
With renewed determination, I set a new course in March 2024: no more delays, no more doubts. It was time to tackle the challenges head-on, ready to fail — and fail I did, spectacularly so. Yet, with each setback, my resolve grew stronger. Embracing failure as a stepping stone rather than a stumbling block, I persevered, driven by the motto “fail forward.”
This shift in perspective wasn’t just about overcoming barriers; it was about transforming them into stepping stones. The failures that once seemed like insurmountable obstacles became valuable lessons that enriched my understanding and skills. And it’s precisely this journey through trial and error that has brought me here, ready to share not just a story of challenges, but one of meaningful progress and persistent resilience.
The Breakthrough and Earning My CVE
There’s an indescribable thrill in watching an alert box pop up — there really is nothing like it. That moment marked the culmination of countless hours of effort, symbolizing not just a successful exploit but a significant personal breakthrough. My first taste of victory came from a seemingly straightforward vulnerability: a hidden parameter on a login page that reflected input back to the user. Simple, yes, but its discovery was a pivotal moment that affirmed my capabilities and fueled my enthusiasm. The excitement of seeing my finding triaged — knowing it was acknowledged and validated by others in the field — was profoundly satisfying.
Soon after, I notched a more notable achievement — securing a CVE identification for a vulnerability I discovered in a WordPress plugin. This bug was also straightforward but impactful: a routine code review of the plugin exposed the absence of a nonce check. In WordPress plugins, such an omission often points to a potential Cross-Site Request Forgery (CSRF) vulnerability. I set up a test WordPress site with the vulnerable plugin, conducted tests, and confirmed the flaw. A few weeks later, I received the CVE assignment, a recognition that instilled a deep sense of pride and accomplishment.
These successes have been incredibly empowering. Each breakthrough boosted my confidence, refining my skills and sharpening my focus. As I share these experiences, I hope to convey not just the challenges and victories of my journey, but also the profound joy and fulfillment that come from pursuing one’s passion in cybersecurity.
Sustaining Success and Setting New Horizons
In the spirit of continuous improvement and self-assessment, I’ve begun meticulously tracking my hacking statistics. This practice has not only provided clarity on my progress as a hacker but also illuminated the path forward. Reflecting on the recent achievements and challenges of the past couple of months, and observing my trajectory in May, has been enlightening:
2 Cross-Site Scripting (XSS) Bugs: Each one sharpening my skills in identifying and exploiting client-side vulnerabilities.
3 Cross-Site Request Forgery (CSRF) Bugs: Although 2 were duplicates, each instance reinforced my understanding of state-changing operations and the importance of proper token use.
1 Complex Chain: XSS to Content Security Policy (CSP) bypass, leading to CSRF and ultimately a tenant takeover. This complex vulnerability chain, still under resolution, promises to be a compelling case study for an upcoming blog post.
Approximately 80–90 Hours of Dedicated Hacking: This time investment reflects not only my commitment but also the depth of engagement required to uncover and understand sophisticated security flaws.
5 Near Misses: These instances, where I nearly identified significant vulnerabilities but missed a crucial element, remind me of the importance of persistence and the incremental nature of learning in cybersecurity.
The insights gained from these experiences are invaluable. The primary driver of my recent success has been a straightforward yet profound strategy: dive in, hack, and learn from every failure and success. This approach has taught me which strategies are effective, which pitfalls to avoid, and how to efficiently allocate my time between promising leads and dead ends.
As I continue on this journey, the lessons learned from both my triumphs and setbacks form a foundation that not only enhances my skills but also deepens my passion for the field of cybersecurity. The path ahead is filled with endless opportunities for growth and I am more determined than ever to advance my expertise and contribute to the security community. This blog is just one chapter in an ongoing saga of discovery, challenge, and achievement. Thank you for joining me on this exciting journey. Let’s see what lies ahead!
Comments