Santiago Lopez, a 19-year-old self-taught ethical hacker, has earned more than a million Dollars from bug bounty programs. The Argentina-based Lopez, who operates under the alias @try_to_hack, is famous for spotting vulnerabilities in popular tech platforms run by top shot companies like Twitter, Automattic, Verizon Media Company and more.
Lopez joined HackerOne, a popular bug bounty crowdfunding platforms, in 2015 and since then he has uncovered more than 1,670 bugs and vulnerabilities. He learned spot high-paying vulnerabilities like Insecure Direct Object Reference (IDOR) and Cross-Site Request Forgery (CSRF) by watching Youtube videos and other sources from Internet.
The hacker won his largest payout of $9,000 for spotting a Server Side Request Forgery (SSRF) in a private program. He is one of the top ranking ethical hackers on HackerOne with 91st percentile for signal and 84th percentile for impact.
Describing his journey as a self-taught ethical hacker earning millions of dollars, Lopez says, “I am incredibly proud to see that my work is recognized and valued. Not just for the money, but because this achievement represents the information of companies and people being more secure than they were before, and that is incredible.”
In addition to Lopez’s case-study, HackerOne also released the 2019 Hacker Report according to which the platform has handed over $42 million to hackers since it was established.
Ethical hacking has turned out to be a lucrative career option if you have a knack for uncovering vulnerabilities in different technologies. We hope that Lopez’s journey would prove to be an inspiration for budding ethical hackers.