[ITW] Daniel Kalinowski: “Participating in bug bounties improves your skills and increase the overall knowledge.”

Let’s meet with Kalin, Bug Hunter from Poland.

What’s your background ?

I’m 25 yo ,I didn’t study, it’s kind of a waste of time in Poland. Well, depends if hacking the school PCs in junior high school counts? xD
I have started my carrier in IT industry as a Data Center Operator, then I got promoted to Junior Dev. They had to do it because I have pwned their application once, and after promotion with the access to source code I was able to find few more critical bugs. Also with the help of Shellshock I was able to download/view the files of the CTO that were stored on one NAS.

3 years ago I have joined a awesome security company, and in my current position I’m responsible for : Mobile apps testing / Web apps testing / Code reviews / General technical advisory on the customer side.

My nickname Kalin comes from my surname KALINowski. I can be also found on the Internet by @llamaonsecurity/@llamasbytes handle.

Why are you interested in bug bounty ?

It started bug bounties as a time-killer in my first job, then I forgot about it and came back to it when I started the carrier in IT security. Participating in bug bounties improves your skills and increase the overall knowledge. Once I had to dig into the PNG file format structure to execute the XSS payload on web servers. It was quite an unique experience. Financially speaking, 1 euro is equal to 4.15 PLN (my local currency) so participating in bug bounties can be profitable.

+ Read More