🏁 Start Here
🚀 Projects

Sign in Subscribe

social-blog

These are a collection of the atomic essays published on my twitter account: twitter.com/joranhonig

3 Ways to Write a Proof of Concept

3 Ways to Write a Proof of Concept

Finding bugs is just one part of the bug hunting process. Once you've found a bug, you write a report, and more importantly, you must write a proof of concept. It helps you ensure your finding is valid, makes triage faster, and creates less room for ambiguity & interpretation in the

Joran Honig Jun 14, 2022

3 Mistakes I Made When I Started Bounty Hunting

3 Mistakes I Made When I Started Bounty Hunting

Like anyone starting with something new, I made some mistakes when I just started bug bounty hunting. Here are some of my mistakes so that you might avoid them: 1 - I Had No Confidence At first, I only went for the new & small bounty programs. I thought programmes offering

Joran Honig Jun 11, 2022

You Should Look for Game Theory Bugs

You Should Look for Game Theory Bugs

Many auditors and bounty hunters don't look for game-theoretic and economic flaws. Instead, they focus on the more tangible and well-known types of attacks. This is unfortunate as a game-theoretic design flaw can cause as much damage as regular attacks. Here is why you should be on the lookout for

Joran Honig Jun 5, 2022

3 Reasons Why You Should Publish Your Security Research

3 Reasons Why You Should Publish Your Security Research

A bunch of security researchers that I know do the most exciting work. Unfortunately, they don't show it to the world. They might share their cool projects with colleagues and friends, but it stops there. Overall, nobody gets to enjoy and benefit from their awesome findings. Here is why they

Joran Honig Jun 4, 2022

Don't Ignore Oracle Extractable Value!

Don't Ignore Oracle Extractable Value!

Not enough people care about Oracle Extractable Value! Over the recent years, we've all become aware of MEV. However, just like miners can extract value from their sequencing power, oracles can extract value from their position. If exploited, they can use this to extract significant value and drain entire protocols.

Joran Honig Jun 3, 2022

A Perfect Balance Between Practice and Execution.

A Perfect Balance Between Practice and Execution.

Security is a fast-moving field, and you have to research and practice to stay on top of your game. However, there is so much to learn that you can easily get stuck just researching all the time! On the other hand, you want to avoid falling behind because you spend

Joran Honig Jun 2, 2022

3 Activities to Make You a Better Bug Hunter

3 Activities to Make You a Better Bug Hunter

That are not actually about hunting for bugs.

Joran Honig Jun 1, 2022

Subscribe to Joran Honig

Don't miss out on the latest news. Sign up now to get access to the library of members-only articles.

Joran Honig © 2023. Powered by Ghost