07 September 2018

Leveling up on the Synack Red Team and Giving Back to the Community

Andre Gerard

Justin is a freshly-minted college grad and a well-respected ethical hacker amongst our Synack Red Team (SRT) community. He got an early introduction to hacking, started hacking for bug bounties started as an interesting intellectual challenge, and now uses bounty payments for fun, as well as a lift off from life as a student – he’s paid off thousands of dollars of his college loans within just a few months of graduating.

He’s an advocate for ethical hacking and passionate about helping others learn the tricks of the trade. Justin is currently working with a couple of departments at his alma mater VCU to develop programs and curriculum specifically devoted to cyber. He also just joined us at the r00tz village at DEFCON 26 to represent the Synack Red Team and help teach kids cybersecurity basics.

r00tz is an initiative to teach kids how to love white-hat hacking through hands-on workshops where they learn skills like reverse engineering, soldering, cryptography, and responsible bug disclosure. This year at r00tz, Justin helped a group of kids work through Synack and US Army’s hands-on hacking lab: Hack The Pentagon Cyber Heroes Return. Our participants learned red and blue team concepts, how to use analytics to detect malicious cyber activity, and how to conduct attacks with actual penetration testing tools and real-world “hacks” on a live system.

“My favorite part of r00tz was finishing the full exploit and talking with the SRT member because he helped me through the whole thing and he was really cool. He explained certain things that weren’t clicking, as well as stayed with me while everyone was packing up so that I could finish the exploit,” said 16-year-old Ethan who participated in the workstation.

Hands-on Workshops for Kids
with First Lieutenant Dan Lim, US Army Cyber Command
Second Lieutenant Kenneth McGaffey, Defense Digital Service












We’ve included our Q&A with Justin – so read on to get a glimpse of his journey from his early days to where is his now…

Q&A with Justin Gardner



Q: What did you take away from your experience with us at r00tz? Do you have a memorable moment you can share with us?

A: r00tz was an awesome experience for me. I love working with kids, and facilitating my favorite hobby, hacking, with these kids was absolutely amazing. One of my takeaways from this experience is to never underestimate the learning ability of children. They are capable of so much, and it was amazing to see how quickly they caught on to both basic and rather complex hacking techniques. One of the most memorable moments of the event was when one of the kids read ahead on the instructions and got a shell ahead of the group. He was so excited and pulled me over to see. At the end of the event he asked me about a crypto challenge and we worked together to come up with possible solutions.

Q: When did you become a researcher and what motivates you to be one?

A: I would consider myself really becoming a researcher when I started college. But I’ve been interested in how computers worked, developing, and hacking since I was about 12. One day when I was a kid, a guy came to our house to fix our computer. He started typing command lines, and I remembered thinking, “Wow, how do I learn how to do that?”. I focused on learning how to program from when I was 13 to when I was about 18.

When I went to college, I decided to pursue a Computer Science degree with an emphasis in CyberSecurity at Virginia Commonwealth University (I also got a minor in Italian). I wanted to have really good experience and skills to put on a resume to help me get a job. In college, the more I learned about programming and building stuff, the more I became interested the security of the stuff I built. I started paying attention to the world of cyber security, reading blogs and following the space. I started hacking and eventually started a CyberSecurity club at VCU where I taught workshops on everything from web assessments to reverse engineering.

Q: What motivates you as a security researcher?

A: There are a lot of things! First, the money is great. And as I’m a recent college grad with school loans to pay off, that’s a huge motivator for me right now. It’s also a great feeling to be acknowledged by companies who appreciate my help as a security expert; I know I’m contributing to a good cause. There’s the intellectual challenge; each new environment I explore always presents new problems that I have to figure out how to solve. And lastly, it’s fun to be a part of the hacker community. There are a lot of parties, events, and hacking challenges that allow me to meet and learn from some pretty accomplished people in the industry. For example, Synack’s upcoming Hack4Levels hacking challenge: I’m pretty excited about that.

Q: Are there types of targets you prefer over others? Why?

A: I prefer web targets, just because I think those are my strongest skills at the moment. I was a web developer for a few years, so I’m more familiar with how to build websites and I understand full stack implementation. But, I’m getting more into mobile and I’m getting a taste for host assessments. I’ve actually loved looking into Host, and I think it’s helped me in balancing out my skills.

Q: Are you a full or part-time researcher? How many hours/week do you spend hacking?

A: I do it as a part-time gig. I work for a company as a full-time penetration tester, and I probably spend up to 15-20 hours a week on top of that hacking for Synack.

Q: Do you ever team with other researchers to work on targets?

A: Yes, I do team up and work with colleagues and friends. I like working with other people to both collaborate and to get mentorship; it’s nice to be able to ask someone for help when you get stuck. Top Synack Red Team members I’ve worked with include @thedawgyg , @MrTuxracer, @yaworsk . The hacker community likes to help each other out; we split bounties sometimes when someone helps out on a vuln submission.

Q: What’s your all-time favorite vuln you’ve found, and your approach to finding it?

A: It’s hard to pick, but I think my favorite vuln I found was early on It was a blind SQL injection pivoted to blind injection. I had to exfiltrate the data via DNS. In 2 to 3 days, I was able to compromise the whole system and got domain admin.

Q: How do you sharpen your skills? What recommendations do you have for others just getting into ethical hacking?

A: Read EVERYTHING. There are a lot of great hackers that create amazing content and often post it on twitter and/or their blogs. Find some people who are smarter than you and dive deep into understanding everything they write.

Q: How did you first hear about Synack and the Synack Red Team?

A: SRT member, Tommy, came to our cybersecurity club at VCU and gave a talk about ethical hacking, crowdsourced security, and how you can get paid to hack companies through platforms like Synack. I didn’t think I’d be good enough for the Synack Red Team starting out, so I signed up on some other platforms to build my skills and get more experience. I was really excited to get into the SRT and find out that I could become a member.
I credit a lot of my success to Tommy — he was the one who first inspired me to get into this. I like to promote and evangelize ethical hacking and hope that I can inspire others to do it too. It’s just really hype to be able to hack companies and get paid for it.

Q: What do you like most about Synack and the Synack platform?
A: I love the responsiveness from Synack. The payments are great and we get bounties quickly. The platform feels cool, and I like the high security nature of it. For example, the SRT doesn’t see the company names, we see code names. And the companies don’t see the hackers’ names either, which I think is pretty cool.

Researchers on the Synack platform are presented with opportunities to work on unique targets and challenges, the fastest payouts and highest level of support in the industry. Synack’s innovative technology optimizes the Synack Red Team’s (SRT) efficiency in vulnerability discovery.

Synack provides initiatives to help foster the researcher community and to recruit top talent. SRT Levels is a program that rewards SRT members for their increasing contributions to the Synack platform, and incorporates hacking competitions and specialized challenges.

If you’re up for the challenge, apply today, and use code “SRTBLOGS” in your application.


Related News:

Synack and the US Army Draft A New Generation of Cyber Warriors

Accelerating Pathways for Young Ethical Hackers in Cybersecurity

H4CK3R H3RO3Z: A Young Brigade of Cyber Talent