I am a web designer, developer, security researcher, and have experience triaging for numerous vulnerability disclosure programs. In my spare time, I like to go swimming, playing the guitar, photography, and cinematography.

In 2017, I published an Internet draft for a proposed standard which allows websites to define security policies called security.txt. A year later, I created Bug Bounty Guide, a launchpad for bug bounty programs and bug bounty hunters.

Publications

security.txt - https://tools.ietf.org/html/draft-foudil-securitytxt

A guide to subdomain takeovers - https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Blog posts

The poor man’s bug bounty monitoring setup - https://edoverflow.com/2018/the-poor-mans-monitoring-setup/

Automating your reconnaissance workflow with ‘meg’ - https://edoverflow.com/2018/meg/

An analysis of logic flaws in web-of-trust services. - https://edoverflow.com/2018/logic-flaws-in-wot-services/

The math behind bug bounties — A formula to calculate bounty amounts. - https://edoverflow.com/2017/the-math-behind-bug-bounties/

Operation FGTNY 🗽 - Solving the H1-212 CTF. - https://edoverflow.com/2017/h1-212-ctf/

Bypassing Server-Side Request Forgery filters by abusing a bug in Ruby’s native resolver. - https://edoverflow.com/2017/ruby-resolv-bug/

A lightweight reconnaissance setup for bug bounty hunters - https://edoverflow.com/2017/lightweight-reconnaissance-setup/

Broken Link Hijacking - How expired links can be exploited. - https://edoverflow.com/2017/broken-link-hijacking/

On-platform GitHub Reconnaissance - https://edoverflow.com/2017/github-recon/

Capture the flag: reversing the passwords (Solutions) - https://edoverflow.com/2017/ctf-reversing-the-passwords/

GitHub for Bug Bounty Hunters - https://edoverflow.com/2017/github-for-bugbountyhunters/

Bug Bounty FAQ - https://edoverflow.com/2017/bugbounty-faq/

Talks

How to get the best out of your bug bounty program (Disobey 2017) - https://youtu.be/PdmWQib1P9w

security.txt (IETF 101 SECDISPATCH) - https://youtu.be/rZifKDBKtMM?t=5m41s

Press appearances

Uber Hack Shows Vulnerability of Software Code-Sharing Services (Bloomberg) - https://www.bloomberg.com/news/articles/2017-11-22/uber-hack-shows-vulnerability-of-software-code-sharing-services

GitLab fixes security issue that let anyone hijack custom domains (ZDNet) - https://www.zdnet.com/article/gitlab-fixes-security-issue-that-could-hijack-custom-domains/

The Telltale Text File: Security Researcher Proposes Standardization for Reporting Vulnerabilities (Security Intelligence (IBM)) - https://securityintelligence.com/news/the-telltale-text-file-security-researcher-proposes-standardization-for-reporting-vulnerabilities/

Bug-finders’ scheme: Tick-tock, this tech’s tested by flaws.. but who the heck do you tell? (The Register) - https://www.theregister.co.uk/2018/01/03/security_notification_scheme/

Microsoft Bounty Program Offers Payouts for Identity Service Bugs (Threatpost) - https://threatpost.com/microsoft-bounty-program-offers-payouts-for-identity-service-bugs/134084/

Navigating an Uncharted Future, Bug Bounty Hunters Seek Safe Harbors (Threatpost) - https://threatpost.com/navigating-an-uncharted-future-bug-bounty-hunters-seek-safe-harbors/133202/

Facebook Now Offers Bounties For Access Token Exposure (Threatpost) - https://threatpost.com/facebook-now-offers-bounties-for-access-token-exposure/137477/

Notable security vulnerabilities

private_address_check bypass due to use of Ruby’s Resolv.getaddresses method (CVE-2017-0904) - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0904

private_address_check bypass due to an incomplete blacklist (CVE-2017-0909) - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-0909

Awards

Finished 3rd once in a swimming race against 2 other swimmers.

Contact

Email - [email protected]

PGP - https://edoverflow.com/key.asc

GitHub - https://github.com/EdOverflow/

Twitter - https://twitter.com/EdOverflow