This week we’re putting the Spotlight on Jesse Kinser, a Bugcrowd Ambassador in Indiana.
Feel free to follow Jesse on Twitter @securitybites
Jesse has been hacking for over 10 years and doing bug bounties for about 4 years now. Her story begins when she was curious about computers, especially the internet, around 3rd grade. She spent her childhood tinkering with an old Windows 95 computer leading to many long nights of learning to break and build things. While applying for colleges she thought she wanted to focus on graphic design but mistakenly got placed in the informatics program at her university. When decided to just roll with the punches and try it, she quickly discovered her passion for information security.
During the next 4 years, she spent time working with the dean of the security program on various research topics within the security industry. Jesse completed a project focused on Android security and how to inject malware into mobile devices, bypassing app store restrictions at the time. After a few more similar projects, she was recruited by the Department of Defense and accepted a job in Washington D.C. She went on to spend five years working on security projects within the federal government.
While working for the DoD, she received a Master’s in Computer Science with a focus on digital forensics. Since leaving the DoD, she has worked for various Fortune 500 companies and is currently working at a LifeOmic, a precision healthcare startup in Indianapolis.
How did you get into bug bounties?
During my career at Salesforce I helped run their bug bounty program which gave me the opportunity to wear two hats, running a program and hacking against other programs. From there I started hacking in the various on-site security bugbashes hosted by companies around the world.
How do you manage your personal life, work, and bug bounties?
I make sure to take full disconnected breaks every once in awhile. To keep motivated and avoid burnout, I like to travel to new locations and work from coffee shops, etc. Hacking is a lifestyle at this point and it requires focus day and night.
What are a few of your favorite hacking/security tools? Why should others use those?
- Burp Suite Pro is a must-have.
- Aquatone for subdomain enumeration.
- Git-tools – https://github.com/internetwache/GitTools
What is a quick hacking tip or technique that you recommend?
Learn from each other. Read the reports of your fellow hackers and your productivity will greatly increase. Question everything when approaching a target. Things are usually connected in mysterious ways.
What advice would you give to someone who is starting out as a beginner in bug bounties?
Use the target site as a normal user would but think about where the sensitive data is being transmitted and processed as your navigating. Start poking around in that area first when trying to attack the target.
How have bug bounties impacted your life?
I use my bounty money to buy new tech to hack, travel to cons, buy a car, etc. It’s all pretty much reinvested in my career/hobby.
What do you like to do in your free time, when you’re not doing bug bounties or working?
I love to travel to new places and try new things. I am a serial hobbyist.
Thank you so much to Jesse for her time and for her great contributions to the bug bounty community!
Interested in becoming an ambassador? Apply to become a Bugcrowd Ambassador today! If you have any questions, please Twitter direct message @ChloeMessdaghi or @SamHouston