Suresh Aydi
Security Researcher and Bug Bounty Hunter with 6 years of experience hunting vulnerabilities across web applications.
- HackerOne Top 16 with around 1,000 reported vulnerabilities
- 2nd place finisher at the HackerOne Ambassador World Cup
- Invited participant at the HackerOne live hacking event H1-702 2022, H1-702 2023, H1-4420 2023
My approach is simple do manual testing — go deeper than everyone else, read what others skip, and test what others assume is safe.
You can connect with me on X: @_xploiterr
Session
I have been doing bug bounties for like 6 years now. I have seen most of the people use the scanners to find the issues however those scanners are not that much effective. As someone who has worked as a security expert for six years, I would say that the most interesting exploits are those that cannot be detected through any scanners. The subject of this lecture is manual testing where you go through the application to find the issues in it by yourself that where you find the most interesting stuff which the scanners can't