Skip to main content

About

Hi, I'm Jim Green

I'm a security researcher and bug bounty hunter based in the UK. I focus on web application vulnerabilities, spending most of my time hunting on programmes across HackerOne and Bugcrowd.

What I Do

My research tends to concentrate on:

  • Web application security — IDOR, SSRF, XSS, injection, auth flaws
  • API security — broken object-level authorisation, mass assignment, excessive data exposure
  • Bug bounty — active hunter across public and private programmes

This Blog

I write up interesting findings, techniques I've developed, and tools I find useful. My aim is to document the things I wish I'd found when I was getting started — practical, detailed, and honest about the process.

Background

Before moving fully into security research I worked in software development, which means I tend to approach vulnerabilities from both sides: understanding how applications are built helps me understand how they break.

Want to get in touch? Drop me a message.