Hacking styles
I’ve been thinking a lot lately about the different types of thinking, approach, and general mentality that different hackers bring to the table.
fun thought: i coarsely break #bugbounty hunter maturity into three categories:
— caseyjohnellis (@caseyjohnellis) August 27, 2018
1. symptom-focussed (e.g. qa-style with a security focus)
2. causality-focussed (e.g. builders who've learned how to hack)
3. impact-focussed (e.g. folks that think evil but do good)
Broadly, there are two things that come into play when it comes to the style a person applies to hacking: The level of experience, and the overall wiring of the hacker.
It’s an interesting subject in the bug bounty space because of the model… The first to find each vulnerability gets rewarded, and the reward is bigger for issues with more impact.
This little spurt of tweets lead to the inevitable question from @0ctac0der — Someone who has been in bounty hunting for a long time and who I consider to be a particularly thoughtful person:
And which one are the best acc to you?
— Abhinav Mishra (@0ctac0der) August 27, 2018
The question of “best” is a fascinating one… The more QA focused testers often find a larger volume of lower criticality vulnerabilities that the Impact focused don’t have time to go and find because they’re occupied with the more complex exploitation that’s often involved in higher impact vulnerabilities.