We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Taha Smily and a New Generation of Ethical Hackers are Using Their Skills to Keep the Internet Secure

Gail Lobel Rand Technical Editor and Interviewer

I recently sat down with Taha Smily, an independent cybersecurity researcher to talk about the role he and other members of a new generation of ethical hackers play in keeping sites secure.

Please tell me a little bit about yourself and how you got involved in cybersecurity research.

My name is Taha Smily; I’m an independent security researcher and cryptography analyst from Morocco. I’m self-taught in several programming languages (HTML, PHP, JavaScript, CSS, and python), cryptography as well as basic network, steganography, and forensics. I’m also a Capture the Flag player.

I work in the Open Bug Bounty platform where I have uncovered about 3,000 vulnerabilities on various websites which I then report to the sites’ owners. As a result of my work, I am in the Hall of Fame of several major companies and organizations, including Microsoft, Apple, Nokia, Pivotal, and Cert-Europe.

What are some of your recent security projects?

I am currently involved in several security projects including the development of web-server testing tools. Additionally, I have just finished authoring a book “Methodology of Web Application Security” which will be published soon.

You are also a "security vulnerability bounty hunter" - what does that mean?

Security vulnerability bounty hunters are a new generation of ethical hackers who help companies discover and fix their security bugs.

A “Bug Bounty” is the deal offered by companies to ethical hackers like me in exchange for uncovering security bugs. These bug bounty programs pay for these discoveries on a scale proportionate to the severity of the bug.

What is the openbugbounty.org platform and how does it work?

The Open Bug Bounty platform was started by a group of independent security researchers in June 2014. It is a non-profit platform designed to connect security researchers and website owners in a transparent, respectful and mutually valuable manner. Our purpose is to make the web a safer place for everyone.

We hold no monetary or business stake in the project. Furthermore, we bear the costs for hosting and web development out of our own funds, and devote our evening hours to vetting new submissions.

How do you decide which sites to test for security flaws?

I like to test the popular sites and sites that may appear to be strong and secure. Of course, I am especially interested in looking at sites who are concerned about their security and those who offer bounties.

Do you do it for fun or profit?

I do it for fun because I enjoy new challenges, but yes, also for profit!

Do you find most companies appreciative when you report a vulnerability?

Yes. The security and protection of information and personal data has become a great concern for companies these days.

What are the most common vulnerabilities you encounter?

The most common issues I see are Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and subdomain takeovers.

Cross-Site Scripting (XSS) is when malicious scripts are injected into otherwise benign and trusted websites. These attacks are generally in the form of a browser side script and can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. While not actual theft of data, a successful CSRF attack can force the user to perform state-changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

Subdomain Takeover is a type of vulnerability which appears when a DNS entry (subdomain) of an organization points to an external service, but the service is no longer utilized. An attacker could register to the External Service and claim the affected subdomain. As a result, the attacker could host malicious code (ex. for stealing HTTP cookies) on the organization's subdomain and use it to attack legitimate users.

What are some of the most serious vulnerabilities you have seen?

The most serious vulnerabilities I have encountered are SQL injection for dumping databases and remote code execution.

SQL injection is a code injection technique, whereby nefarious SQL statements are inserted into an entry field for execution in order to dump the database contents to the attacker.

Remote code execution is an attacker's ability to execute any command of the attacker's choice on a target machine or in a target process. It is one of the most powerful bugs because it allows an attacker to completely take over the vulnerable process. From there the attacker can potentially take complete control over the machine the process is running on, allowing malware to run on a computer without the owner's consent.

From your experience as a cybersecurity researcher, what advice can you offer to today's software developers?

The most important advice I can give is to keep pace with security gaps and the latest updates in the field of information security. In addition, it is crucial to work with researchers in cybersecurity to detect and fix any security issues before rolling products out to the public.

Where do you see software security heading in the future?

The real problem with software security is even deeper than can be addressed with best practices and specialized languages. A complete redesign of software architecture from the OS level up is likely required to solve the systemic problems with the Internet of Things and beyond.

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

Gail’s first PC was a TRS-80 which required a cassette tape to boot up. In the decades that followed, she created and developed websites, emails, and banners as the perfect way to combine her love for design, technology, and writing.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address