Ask a hacker: A conversation with ahacker1

1 week ago 7
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

At GitLab we have a tradition: Every year, we invite a bug bounty hunter to join us for an AMA. This year, we met with Alexander Siyou Tan, also known as ahacker1, and did a deep dive into all aspects of bug bounty hunting.

About Alexander (ahacker1)

Alexander is passionate about hacking complex SaaS applications, with a particular interest in authorization-based vulnerabilities. Currently, he's focusing on SAML and SSO research. His hacking journey began during the Covid-19 pandemic, when he transitioned from gaming to exploring game hacks and easter eggs.

Highlights from the AMA

Here are some of the questions AMA attendees asked Alexander, and his responses.

What are the tools you use in your research?

I use RubyMine as my IDE, as I find it helps with analyzing code. You can jump to different parts of the code, and that helps with efficiency and allows you to search quickly and determine interesting behavior. I used to just use BurpSuite, but not so much anymore. I mainly focus on using JetBrains to review repositories on GitLab.

Have you explored using AI to assist in finding and/or exploiting vulnerabilities?

Yes! When I learn about a new feature or subject, I may ask ChatGPT how it works. It may give some insights or leads – when I do SAML research I use it.

Tell us about moving into SAML and the experience of finding the awesome bugs in that area.

SAML is like a SaaS application within a SaaS application. There's a 100-page document on how SAML works, offering infinite possibilities. I focus on code analysis, reviewing the approximately 20 libraries available. While hacking SAML can be time-consuming due to setup and configuration, the payoff can be significant.

What’s next after SAML? Will you keep digging?

I will fix SAML. I want to fix libraries. Not sure what’s next - maybe SSO stuff!

Alexander's tips for the GitLab Bug Bounty Program

Alexander offered the following advice for those interested in GitLab's Bug Bounty Program:

  1. Leverage GitLab's open source nature for code analysis.
  2. Study patch releases to learn reverse-engineering techniques.
  3. Review GitLab's public issues and disclosed reports for insights.

Getting to know our hacker

What do you do when you don't hack?

I play games, I also go out on walks and explore nature/hike. It’s a nice break from sitting at the computer.

How long do you think you would survive in a zombie apocalypse?

Not long. Without the internet, I don’t think I'd be able to adapt.

Is cereal a type of soup?

It most definitely is. It has both liquid and food in it.

Watch the replay

For those interested in the full AMA, check out the YouTube live playback.

We extend our gratitude to all participants and, of course, to Alexander for sharing his insights. Keep up with Alexander's latest activities on his HackerOne profile.

More "Ask a Hacker" AMAs

About the GitLab Bug Bounty Program

The GitLab Bug Bounty Program aims to enhance the security of our products and services. Managed by our Application Security team, the program has achieved significant milestones since its public launch in December 2018, including:

  • Resolved 1,684 reports
  • Awarded over $4.7 million in bounties
  • Thanked 655 hackers for their findings

Learn more about the GitLab Bug Bounty Program.

Read Entire Article