I am an iOS developer and independent security researcher with a wide range of experience in iOS and security research based in Cookeville, TN. Currently, I do bug bounty hunting as a full-time job. I find enough vulnerabilities every month to pay my bills and then some, and I love the work I do.
On the iOS side, I have published multiple apps to the App Store, and have worked on a wide array of iOS apps, from food delivery apps to ridesharing apps. I focus on writing clean, testable code that is easy to adapt and make changes to. Due to my knowledge of security, I try my best to ensure that the code is secure and that it doesn’t have common security “gotchas” such as sending sensitive information over plaintext.
Diving a bit more into my security work, I am currently in the top 750 researchers on Bugcrowd, and have an end goal of making it to the top 100. I find it a fun and exciting challenge to find vulnerabilities, as I love probing web applications, servers, or source code and finding out exactly what you can make it do. There is nothing better than discovering a vulnerability, figuring out exactly what conditions made it possible, and then writing up a report and getting it fixed. I am happy to help make the internet a more secure place, one vulnerability at a time.
On the other bug bounty platform, HackerOne, I have only one vulnerability (that wasn’t a duplicate), in the PayPal program. I simply do not use HackerOne very often, because I prefer Bugcrowd.
I publish various things I’m working on onto my GitHub page, located at https://github.com/hunterstanton
The projects on my GitHub are a mix of C# and Swift 3/4. While Swift is my most proficient language, I also really like using C#.
Feel free to check it out, but be aware that the code on there is in various states of completion and might not work how you expect. I have a lot more projects that I have yet to upload to GitHub - keep an eye out for those, because they will be coming soon!
CVEs / Vulnerabilities
Here is a list of CVEs and publicly disclosed vulnerabilities that I have discovered.
I am constantly working to expand this list as I enjoy making writeups for the public to see. While I have found many more security vulnerabilities during my research, the majority are in private programs that cannot be discussed!
Halls of Fame
Here are some of the Halls of Fame I’m in for my vulnerability research:
I am currently looking for work, preferably in the Nashville, TN area. While being a full-time bug hunter and breaking stuff is a blast, I still would prefer creating new stuff and contributing to products that people use. If you happen to be a recruiter or a hiring manager in Nashville, TN (or anywhere else, I’m not picky!) who happens to be in the need of a security-focused iOS developer or penetration tester, feel free to reach out to me on at my email listed in the footer of this page (which happens to be firstname.lastname@example.org if you don’t want to scroll down)