Ugur Cihan Koc

ID verified


Since 2012, I have worked as a security specialist in different companies (consulting, telecommunication and banking). I have specialized in web/mobile/infrastructure/desktop application security & penetration testing.

Now, I have been working as a Team Lead / Sr. Penetration Tester at IBTech, a subsidiary of QNB Finansbank in Turkey. My working area is Red-Team Operations, Penetration Testing, Application Security, and Malware Analysis in my current role.

I hold OSWE, OSCE, OSCP, OSWP, GMOB, CEH, and AWS-CCP certifications & more than ten CVEs.

Besides, I am actively attending Bug Bounty & Responsible Disclosure programs. I'm an active member of the HackerOne, Cobalt.io Team & Synack Red Team.

Additionally, I have published some vulnerabilities for products of globally known companies like Oracle, IBM, HP, Kaspersky, Nokia, Alcatel-Lucent, Huawei, ZTE, etc.

I spend 8-10 hours for pentest/BB each day, even on vacation. My job is my hobby.

Profile on Hackrate
Profiles on Social Media

First steps in bug hunting

How did you get into bug bounty hunting?

I heard the term "bug bounty" for the first time from my friends. My first reward was 200$ in a private bug bounty program. It was good to earn something for your findings.

Hacker insight

  • Never stop learning
  • Think like a software developer

About the testing methodology

Do you follow a pre-defined methodology or do you prefer to change your methods regularly?

"Magicians don't tell their methods."

Do you have any favorite tool or favorite wordlist to test with?

Burp Suite, dirsearch, wfuzz, frida, objection.

Favorite bug classes

Do you have any favorite vulnerabilities to focus on during testing?

Authentication bypass, SQL injection, business logic issues.

Certifications and Achievements

Do you have any security certificates? How important do you think certifications are nowadays?

I hold OSWE, OSCE, OSCP, OSWP, GMOB, CEH, and AWS-CCP certifications.

Certifications can be a valuable way to demonstrate your knowledge and skills in a particular area of cybersecurity and can provide a competitive edge in the job market. For example, the Offensive Security Certified Professional (OSCP) certification is widely recognized and respected in the field of penetration testing.

Obtaining an OSCP certification requires passing a rigorous exam that tests your ability to identify vulnerabilities, exploit them, and document your findings. The certification also requires practical experience in conducting real-world penetration tests.

However, it is important to note that certifications alone are not a substitute for practical experience or real-world skills. While certifications can provide a strong foundation of knowledge, they do not guarantee proficiency in performing security assessments or penetration testing.

What would you consider your most impressive achievement? What bounty are you most proud of?

I was able to decrypt the token algorithm. It's a private company, but I was able to access more than 6 million customer details.

Future of bug bounty

Can bug bounty hunting be a full-time job?

Bug bounty hunting has the potential to become a full-time job for skilled and dedicated individuals who are able to make a living from it. However, it is a highly competitive field that requires technical expertise, persistence, and business acumen to succeed.

What is the role of automation in security testing?

Automation has become increasingly important in security testing because it can speed up the testing process, provide comprehensive coverage, ensure consistency and reliability, and easily integrate into existing workflows. Automated tools can scan large and complex applications and systems, monitor them continuously, and scale them up or down as needed. With automation, security teams can test more efficiently and thoroughly, reducing the risk of security breaches and improving an organization's overall security posture.

What are your expectations of bug bounty platforms?
  • Fair and transparent reward programs
  • Prompt and clear communication
  • Strong security measures