skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

Researcher Spotlight: Nizam Abdallah

Researcher Spotlight: Nizam Abdallah

Do you need your routers and access points secure? Nizam Abdallah is your guy! 

Nizam is a freelance contractor, bug bounty hunter, avid gamer and family man based in Australia. He runs his own business, Binary Technology Labs, focusing on security, performance, and resilience testing. With a 20-year career in software development and testing, his passion for Information Security finally led him to Bug Bounty in 2017. Since then, he’s hunted on a number of program types including NGPT, VDP, and Bug Bounty. 

As a hunter, Nizam focuses on hardware and mobile application-centered programs. Some of his more recent successes include a number of Security Advisories with Netgear and CVE-2020-6765; A vulnerability that permits administrative users logged into the command-line interface to craft requests that will permit the execution of arbitrary commands. 

Check out a list of his Netgear related advisories and acknowledgments below. 

Netgear Security Advisory List:

Authentication Bypass on RAX40, PSV-2019-0266
Sensitive Information Disclosure on RAX40, PSV-2019-0247
Admin Credential Disclosure on RAX40, PSV-2019-0237
Sensitive Information Disclosure on WAC505 and WAC510, PSV-2019-0060
Security Misconfiguration on WAC505 and WAC510, PSV-2019-0084
Denial of Service on RAX40, PSV-2019-0210

Netgear Firmware Release List:

WAC505 / WAC510 Firmware Version 8.2.1.16, PSV-2019-0086
GS808E Firmware Version 1.7.0.7, PSV-2018-0612
WAC505 / WAC510 Firmware Version 8.0.6.4. PSV-2019-0061
WAC505 / WAC510 Firmware Version 8.0.6.4, PSV-2019-0083


How have bug bounties impacted your life? Do you hunt full time?

Bug bounties have impacted my life by allowing me to improve my security skills and applying these skills to real products, especially in the area of embedded security. I continually use the rewards from bounties to purchase tools and equipment to further improve these skills.

Almost full-time! Still adjusting to the bug bounty workflow.

How much time do you spend hunting bugs?

I have gradually increased the amount of time I spend on bug bounties over the last 3 years. Initially I used to spend about 4 hours per week, last year it was 10-15 hours and now 20-30 hours per week. My approach has been to focus on specific programs that interest me rather than any program I have access to. In the last 3 years I have only worked on a small number of programs mostly focusing on network hardware (routers, switches, access points) and mobile applications.

When you aren’t hunting bugs, what do you do for hobbies/fun?

Spend time with my family and I’m also an avid gamer.

Favourite game: MicroProse Sword of the Samurai (it’s an old game from 1989)

Playing at the moment: Ghost Recon Breakpoint on the Xbox One and Everspace on the Nintendo

Do you have any favorite tools or resources to learn? 

Books, blogs and videos are great resources to learn from, however the skills gained from these need to put into practice. The best way to practice is by setting up your own test lab.

Favourite tools: Wireshark, BurpSuite, NMAP, Radare2, Binwalk.

Do you have any simple tips that you use when you are hunting?

Spend time learning the target application from the perspective of different users (e.g. an end user, a developer (if an API/SDK is available), an administrator etc). Read the user and developer documentation. This will give you an idea of where the vulnerabilities may be located.

Do you have any advice for new hackers or people transitioning into bug bounty?

Be patient and persistent, do not be put off by duplicates. Remember, a duplicate is a valid submission, it’s just that someone else found it first. As annoying as it is when you have a duplicate, be persistent and don’t give up. The best way to find vulnerabilities is to have a solid understanding of not only the application, but the layers it’s built upon including frameworks, programming languages, operating system and hardware. This will allow you to focus on areas others may have ignored.

Why do you hunt with Bugcrowd?

Bugcrowd has a solid team who support the researchers on their platform. This combined with the continuous improvements to their researcher portal, along with a great variety of programs has made the researcher experience much better than what I expected when I first joined the platform.


Stay tuned for more Researcher Spotlights. Want to join Nizam and be part of the Crowd? Join our Discord and sign up for a Researcher Account!

Tags:
Topics:

Michael Hamel

Researcher Enablement and Success at Bugcrowd

Back To Top