Sam Curry

Sam Curry
Sam Curry
Born	October 17, 1999 (age 24); Omaha, U.S.
Nationality	American
Occupation(s)	Security researcher, Student

Sam Curry (born October 17, 1999) is an American computer security researcher, bug bounty hunter, and student. He is best known for his contributions to web application security through participation in bug bounty programs, most notably finding a security vulnerability in Tesla after cracking his windshield^[1]. Curry began working as a security consultant through his company 17security^[2] in 2018, and is currently a student at the University of Nebraska Omaha^[3].

Curry has spoken on ethical hacking, web application security, and vulnerability disclosure at conferences including DEF CON^[4], Black Hat Briefings^[5], and Kernelcon^[6]. In 2019, Curry identified a critical security vulnerability affecting various Jira products^[7].

Biography

Curry grew up in Omaha, Nebraska and attended Elkhorn High School. He began hacking at the age of 12^[8], ethically disclosing vulnerabilities to various vendors over email^[9]. At University of Nebraska Omaha, Curry works with students through the cyber security club NULLify^[10].

Publications and articles

"Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty". samcurry.net. Retrieved November 3, 2019.^[11]

References

^ Tung, Liam. "Huge rock, cracked windshield helps hacker land a $10k Tesla security bug". CSO Online. Retrieved 24 March 2020.
^ Ganz, Amy. "Teen makes six figures hacking Google, Facebook legally". Fox Business. Retrieved 24 March 2020.
^ Drake, Diana. "The World of the White Hat Hacker". The Wharton School. Retrieved 24 March 2020.
^ "THE TALKS THAT DEFINE DEF CON 27". Bugcrowd. Retrieved 24 March 2020.
^ Murphy, Margi. "Inside Black Hat, the world's biggest ethical hacker conference in Las Vegas". Telegraph. Retrieved 24 March 2020.
^ Vidas, Tim. "Kernelcon Speakers". Kernelcon. Retrieved 24 March 2020.
^ Dunn, John. "Jira development and ticketing software hit by critical flaws". CSO Online. Retrieved 24 March 2020.
^ Haworth, Jessica. "School's out: Meet the teen hackers swapping books for bugs". Portswigger. Retrieved 24 March 2020.
^ Paul, Kari. "This 18-year-old's hacking side hustle has earned him $100,000—and it's totally legal". MarketWatch. Retrieved 24 March 2020.
^ Denney, Vanessa. "NULLify Capture The Flag". Universitty of Nebraska Omaha. Retrieved 24 March 2020.
^ Curry, Samuel. "Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty". samcurry.net. Retrieved 3 November 2019.

[1] Tung, Liam. "Huge rock, cracked windshield helps hacker land a $10k Tesla security bug". CSO Online. Retrieved 24 March 2020.

[2] Ganz, Amy. "Teen makes six figures hacking Google, Facebook legally". Fox Business. Retrieved 24 March 2020.

[3] Drake, Diana. "The World of the White Hat Hacker". The Wharton School. Retrieved 24 March 2020.

[4] "THE TALKS THAT DEFINE DEF CON 27". Bugcrowd. Retrieved 24 March 2020.

[5] Murphy, Margi. "Inside Black Hat, the world's biggest ethical hacker conference in Las Vegas". Telegraph. Retrieved 24 March 2020.

[6] Vidas, Tim. "Kernelcon Speakers". Kernelcon. Retrieved 24 March 2020.

[7] Dunn, John. "Jira development and ticketing software hit by critical flaws". CSO Online. Retrieved 24 March 2020.

[8] Haworth, Jessica. "School's out: Meet the teen hackers swapping books for bugs". Portswigger. Retrieved 24 March 2020.

[9] Paul, Kari. "This 18-year-old's hacking side hustle has earned him $100,000—and it's totally legal". MarketWatch. Retrieved 24 March 2020.

[10] Denney, Vanessa. "NULLify Capture The Flag". Universitty of Nebraska Omaha. Retrieved 24 March 2020.

[11] Curry, Samuel. "Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty". samcurry.net. Retrieved 3 November 2019.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]