Ed is a web designer, developer, security researcher, and has experience triaging for numerous security programs. In his spare time he likes swimming, playing the guitar, photography, and cinematography. Ed is currently studying computer science at the ETH Zürich.
- Twitter: https://twitter.com/EdOverflow
- GitHub: https://github.com/EdOverflow
- HackerOne: https://hackerone.com/edoverflow
- Liberapay: https://liberapay.com/EdOverflow
$ curl https://edoverflow.com/key.asc | gpg --import
When security risks in web services are discovered by independent security researchers who understand the severity of the risk, they often lack the channels to properly disclose them. As a result, security issues may be left unreported. Security.txt defines a standard to help organizations define the process for security researchers to securely disclose security vulnerabilities.
A list of interesting payloads, tips and tricks for bug bounty hunters.
Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters. A great place to learn about the various aspects of bug bounties, and how you can improve your skills in this area. This service also provides you with a versatile set of tools that can assist you during the launching process of your program or help you find valid security issues on bug bounty programs.
An OSINT tool to find contacts in order to report security vulnerabilities.
VulnHive is a crowd-funding bug bounty platform for non-profit and open-source projects where security researchers can submit their write-ups after having reported the security issue to the organisation, and then the public can reward the hacker for their findings.
At Cryptojourney you will learn the basics of cryptography throughout history. We strive to be teacher, student and parent friendly. The content can be used in the classroom either on or offline, by students for reference and self-study, and by parents for home-schooling. Cryptography is the art of hiding, encrypting and protecting secrets or things that should be kept secrets. Cryptography began thousands of years ago with what is now known as classic cryptography. The earliest encryption methods were not as sophisticated as today’s. Classic cryptography is done with pen and paper or really basic mechanical aids.
SecurityTemplate is a static website template for security pages, powered by Jekyll.
Notable Open Source Contributions
- TTS Bug Bounty internal documentation
- Bug-finders’ scheme: Tick-tock, this tech’s tested by flaws.. but who the heck do you tell? (Jan 03)
- Hacker Q&A With EdOverflow (Dec 28)
- Uber Hack Shows Vulnerability of Software Code-Sharing Services (Nov 22)
- The Telltale Text File: Security Researcher Proposes Standardization for Reporting Vulnerabilities (Sep 19)
- News in brief: Linux advice for Equifax; fired over phish; Security.txt standard proposed (Sep 19)
- Security.txt Standard Proposed, Similar to Robots.txt (Sep 15)