In this episode of WE'RE IN, Josh Mason sits down with SRT member Austin, a rising star on the Synack Red Team. Austin shares his hacker origin story and pulls back the curtain on what it takes to break into elite researcher programs. He also deep-dives into his recent "heavy hitter" win: using a JSON Web Token inspection to completely demolish the authorization schema of a U.S. financial services platform, gaining full administrative control.
In this episode of WE'RE IN, Josh Mason sits down with SRT member Austin, a rising star on the Synack Red Team. Austin shares his hacker origin story and pulls back the curtain on what it takes to break into elite researcher programs. He also deep-dives into his recent "heavy hitter" win: using a JSON Web Token inspection to completely demolish the authorization schema of a U.S. financial services platform, gaining full administrative control.
TIMESTAMPS:
00:00 - Introduction
00:39 - A Day in the Life of an SRT Hacker
02:08 - Fast Track to Synack Red Team Level 5
03:12 - Hacker Origin Story
04:40 - Mentorship in Synack Red Team
05:46 - HackerOne vs. Synack: Why Synack is Better for Researchers
07:02 - How Patch Verifications Actually Work
09:16 - Compromising a Financial Platform via JWT
11:10 - Advice to Join the Synack Red Team: Get your OSCP
12:32 - Advice to Cyber Newbies: Always Keep Learning
14:14 - Hunting Authorization and Injection Issues for Synack