Introductions - Meet your fellow Bugcrowd members


#1

Are you new to the Bugcrowd forum? Introduce yourself to others in the community. Tell us a bit about yourself, your experience in security and with bug bounties. Special points to those that share what they hope to learn more about or want to become better at with respect to security.


#3

Hi everyone!

My name is Sam Houston, I’m the Community Coordinator at Bugcrowd. I joined the company in November and posted an introductory blog post on the Bugcrowd Blog in December. The post alluded to this Forum project, so I’m super stoked to finally be launching it. :smile:

I’ve been doing community management stuff for the past 7 years, mostly in video games (gamerDNA and EA, 2008-2011 and a bit of 2012 at EA/Origin) and then in consumer technology (BandPage, Couchsurfing & Secret 2011-2014). I joined the security industry last summer in 2014, when I worked for Synack. In October I left Synack and came over to Bugcrowd, and I’m super happy to be here!

I’m continuing to learn more about security, the security community, bug bounties and how we can best serve the researcher community and our customers. I’m hoping that this forum will be a great way for us to all meet one another, as well as a great way for Bugcrowd to learn more from the community about how we can improve and become even better.

Let me know if you have any questions about me or my background. I’m happy to chat!


#4

Hey all,

My name is Shubham, but please call me Shubs. I work as a security analyst at Bishop Fox. I was an active bug bounty hunter from the period of 2009-2014, participating in mainly PayPal’s and Facebook’s bug bounty. Even though I no longer participate heavily in bug bounties, I’ve made a number of friends through them and support the ideology of bug bounties.

Nowadays, I spend time researching ways to attack broader systems (i.e. transport systems, telecommunication systems) however still pay close attention to the bug bounty community, its ups and downs. I feel that those most successful people in bounties are always up to date and have a good idea of the latest disclosures, methods and tricks. Hence earlier this year I introduced Websecweekly.

I look forward to using these forums as a way of communicating with other hunters, without being barred by the 140 character limit on Twitter :blush:


#5

My name is Mazin Ahmed. A security researcher and a penetration tester for various companies. I have started bug bounties in Q4 2013, and since then, my idea toward information security has changed. I have improved a lot by participating in bug bounties, and being able to test top-profile companies such as Google and Facebook.

You can read of my blog posts on: http://mazinahmed1.blogspot.com
Feel free to message me using Bugcrowd forum, Twitter DM @mazen160, and on IRC #bugcrowd.

Best Regards,
Mazin Ahmed


#6

My name is Evan Ricafort. A security researcher and EDM Producer from the Philippines. :smile: started pwning year 2006 :smile:

You can check some of my write ups here : www.evanricafort.com/blog

Twitter : @evanricafort


#7

Hello!

My name is Nicodemo Gawronski. I am pentester for Sec-1 in England. I started working on bug bounties last summer in my free time to improve my skills, learn new tricks, meet new people (at least on twitter! Does it count?) and get some extra cash. I really like the community (it is very dynamic) and love the challenge when a new bounty is up, “Am I going to be the first this time or is it going to be a dupe?”. I see it as a fun learning game.

I am on Twitter as well if you want to add me @nijagaw

:smile:


#8

Hey there. I’m Fredrik, but I often go by the name of @almroot on Twitter, IRC and what not. I’m one of the founders of Detectify, a SaaS-based vulnerability scanner from Stockholm, Sweden. I code stuff that finds flaws in stuff.

I’ve been active in the bounty scene since 2010 when I stumbled upon my first flaw in Google adwords, …and an even longer member of the infosec scene. :blush:

I really enjoy seeing a forum like this take place, there’s way too many forums without the focus on the community and with little or no details about infosec. Looking forward to have some interesting discussions with you all!

Cheers & hack the planet!

almroot


#9

Hi all,
My name is Behrouz Sadeghipour, but you can call me Ben. My online handle on IRC, Twitter, and etc is Nahamsec. I enjoy participating in Bug Bounties and breaking things. I have been publicly active since February of 2014. I am also an Analyst on the Bugcrowd team. Bug bounties have allowed me to learn more and more everyday and I have also met some cool people throughout the year.

I look forward to seeing everyone else’s posts on the Bugcrowd forum!


#10

Great to have you all here! Thanks for joining in @Nahamsec, @phpmyadmin (your username always cracks me up) , @nijagaw, @evanricafort, @mazen160, @infosec_au :smile:


#11

Hi
My name is Rakesh.I’m a computer engineering student.
I like finding bugs in web apps and developing tools to make my work easy.
I hope this forum will help me to learn many things :smiley:


#12

I’m Martijn (also known as StM on IRC) and a master student from the Netherlands. I have mostly a development background (worked already a couple of years), but breaking stuff is actually more fun than creating it. And what’s a better way than to get paid to do it.

I have still no clue in which direction I want to go after my graduation this summer. Most likely something infosec related, but we will see :slight_smile:


#13

Welcome @InnoxentRakesh and @Martijn! Thanks for joining us :smile:


#14

Hey all :smile:
This is Pranav (have great passion towards infosec)
about me: nothing great to say( yet to achieve things )
@pranavvenkats


#15

Hi Everyone:

My name is Norwin Boniao. From Philippines I am a learner of this field and i hope that i will continue to learn and contribute good things to this community.


#16

Hello!

I am Anshuman (@anshuman_bh on Twitter). I am currently working with EMC in their Cloud Services group as a security engineer based out of Boston, MA. I have a varied skill set and I have had the wonderful opportunity in my career to be involved in a lot of things such as system administration, cloud security, vulnerability management, incident response, network & application security, etc. I love bug bounties because I believe it is a growing industry with tons of opportunities as companies start to mature and care more about their security from the startup. I have already made a ton of friends via bug bounties and looking forward to continue to do so.

Cheers,
Anshuman


#17

Hello,

I am Ch Muhammad Osama (Twitter : @ChMuhammadOsama) :smile: . I am Penetration Tester and love to do Penetration Testing . I’ve been got acknowledgement from many of the Firms like as Microsoft, Barracuda, Blackberry and so many giant firms, :wink: I like to think out of the box. so when i Pentest something i always
focused on Logical bugs because these are more exploitable. :blush:

Thanks,
Ch Muhammad Osama
Website : https://www.chmosama.com


#18

Hi this is Abhishek Dashora, a security researcher, penetration tester and security learner from India, currently associated with KPMG India in their ethical hacking team.
I started bug bounty in the month of July 2014 and i am loving it. I made so many great friends from the community and i appreciate that each one of them helped me in certain ways. Looking forward for a strong relationship with everyone.
Rgds,


#19

Hay all I m yasir from Indian occupied kashmir. I m a writer as well as security analyst.
its great to be here with all security geeks.
can be reached @zargaryasir


#20

Hey all, I’m a software developer at XDA-Developers and security researcher.

Find some of my research here: http://randywestergren.com/
Twitter: https://twitter.com/RandyWestergren


#21

Hi all! My name is Mariano, I work as security researcher at an Argentinian security company called InfoByte. Recently I moved to miami for Company relocation. I had the pleasure of meeting the founders of Bugcrowd last year @ defcon.

May be if someone is going to be at RSA security conference at SF, please tell me, may be we can meet in person.

Hope everyone have a good day!