Researcher Interview: Fredrik "Almroot" Almroth

We’re joined by Fredrik “Almroot” Almroth (@phpmyadmin), a Bugcrowd community member and highly skilled security researcher. Fredrik and his team at Detectify have found vulnerabilities in many of the top bug bounties in the world, including Google and Facebook.

When asked how he approaches a bounty, Fredrik said:

“I always have a trick up my sleeve [laughs]. A good example was last year, we were short on cash and were going on a road trip. Me and [my friend, also a researcher] decided we needed cash for the trip and we should go for the highest paying bounties, which at that point it was Facebook and Google, and we went with Google. We found an external entity injection in Google Toolbar and made $10,000. “

Watch Fredrik’s interview to learn more about how he approaches bounties, how he chooses what to work on, what tools he uses, and what are some of his best practices and techniques when bug bounty hunting.

Please comment below with any questions or to discuss the interview. We’ll be doing more of these interviews in the future, so stay tuned for more! :smile:

4 Likes

Nice interview guys, thank you (and cool color!)

I think for noobs is good to start from small companies with no reward because in my opinion it is much easier to find bugs there even though the attack surface is reduced, no?

1 Like

While the attack surface is reduced with small companies that don’t pay, so is the companies response time and their willingness to fix bugs that a bigger company would fix.

1 Like

I think that nobody should work for free.
In my case, I started on December 2013 looking for bugs on Facebook, Google, Yahoo and PayPal. Only companies that offered reward. And it paid off.
To the only company that I reported a bug that offer less than 100 per bug, is one that has a private program on Hackerone. I did that because I like the company, but if they weren’t offering reward I wouldn’t have reported anything.