Santiago Lopez is just 19 years old and earning over $1 million in his pursuit to find and report vulnerabilities in various software’s and websites. He belongs to Argentina.
He is the young ethical hacker who started his work with $50 for a CSRF(Cross-site request forgery) security flaw. CSRF is also known as one click attack, is mainly malicious exploit of a website where un-authorize command or group of commands are transfer from a user that the web application trusts.
Lopez highest payout of $9,000 for an SSRF (Server Side Request Forgery) vulnerability in a private program.
Though, Santiago Lopez is one of the TOP ethical hacker on the HackerOne leaderboards. He is the role model for millions of people who wants to learn hacking. Lopez is doing excellent job and HackerOne leaderboards shows that his score the 93rd percentile for the signal and 87th percentile for impact. He update this on his twitter account also.
I am feeling proud to see that my work is recognized and valued around the world. I am working not just for the money, but because this achievement represents the information of companies and people being more secure than they were before, and that is incredible,” Lopez informed.
Santiago Lopez career with HackerOne
In 2015, he joined the bug bounty crowdfunding platform HackerOne and operate under moniker @try_to_hack. Since he joined the HackerOne platform, he has reported more than 1,670 unique bugs.
However, top leading companies of the world especially Twitter, Verizon Media Company, Automattic and WordPress impacted with his bug solutions.
One hacker informed that, “Anyone who have discovers bug bounty programs opens up new opportunities for both hackers and companies. Both can take advantage from each others. The ethical hackers help companies to find the vulnerabilities in their program and provide solution for it.
According to a survey, 90 percent of ethical hackers are under 35 years of age while 47 percent ethical hackers are under the age of 18 to 24. And websites are the best option for bug bounty hunters around the world.
Lopez has earned millions by ethical hacking but its doesn’t mean that he will leave hacking. Rather he will continue ethical hacking and help the community more with his services.
Santiago Lopez taught himself how to track and find the bugs. He was interested in ethical hacking since his childhood.
He was able to find some most well-paid vulnerabilities, which helped him to get more $ in the filed of Network Security field.
Few well-paid vulnerabilities discovered by Lopez are IDORS (Insecure Direct Object Reference) and (CSRF) Cross-Site Request Forgery security flaws. He found these loop holes through Internet resources and YouTube videos.
HackerOne’s CEO words for him
The CEO of HackerOne Mr. Marten Mickos inform that they are surprise with Lopez incredible work. Though, he is a self-taught hacker and its difficult someone to reach up to this level with his hard work.
The hacker community with is the most powerful defense we ever have against cyber crime. We are helping companies to find vulnerabilities and fix it by the time so that they don’t become victim on malware or ransomware attack. Lopez is one of the best ethical hackers in the world, Mickos stated.
Santiago is the role model for hundreds of thousands of aspiring ethical hackers around the world. The hacker community is the fantastic milestone for him, big thanks to Santiago’s relentless work.