garrettkohlrusch
I break other people's software on purpose, then write the email no one wants to receive.
politely. with PoCs. and a remediation path. it's called responsible disclosure and it's the entire job. the rest is patience and curl.
currently
hunting on private bugcrowd programs, shipping small tools,
writing methodology notes, and drinking coffee
drinking too much coffee.
100+
validated findings
10+
halls of fame
5y
hands on keyboard
~$35k
cumulative bounties & counting
→
recognition & reports
/ hall of fame
Apple
NASA
Comcast
State Farm
The Trade Desk
/ confirmed reports
Microsoft
Meta
private program activity not listed — disclosure terms come first.
→where to find me