Resources / Blogs

Sam Curry

Wide-scope industry research (Automotive, Airlines)

Sam Curry logo

Sam Curry’s blog is essential for hunters looking to approach unconventional targets. His work on the automotive industry and global rewards programs demonstrates how to find vulnerabilities in the interconnected systems of the physical world.


Why Follow This Blog

Sam Curry represents a new generation of security researchers who think beyond traditional web applications. His collaborative approach to large-scale research projects, combined with his willingness to tackle industries that few others touch, produces some of the most impactful vulnerability disclosures in the bug bounty space.

Key Topics Covered

Automotive Security

  • Telematics Systems: Exploiting connected car infrastructure
  • Mobile Apps: Vulnerabilities in manufacturer companion apps
  • API Security: Backend systems controlling vehicle functions
  • Fleet Management: Enterprise vehicle management platforms
  • Remote Access: Unauthorized vehicle control and tracking

Travel & Hospitality

  • Airline Systems: Booking, check-in, and loyalty platform vulnerabilities
  • Rewards Programs: Points systems and account takeover vectors
  • Travel Aggregators: Third-party booking platform security
  • Hotel Systems: Property management and guest services

Enterprise Applications

  • SaaS Platforms: Multi-tenant application vulnerabilities
  • API Chains: Complex vulnerability chains across services
  • Authentication Bypass: Creative SSO and OAuth exploitation
  • Data Exposure: Accessing sensitive customer information

Financial Systems

  • Payment Processing: Transaction and billing vulnerabilities
  • Banking APIs: Financial service integration flaws
  • Fintech Platforms: Modern financial application security

Visit website → · RSS feed