My name is Justin Gardner (also known as Rhynorater). I am currently a full-time bug bounty hunter living in Richmond, Virginia (prev. Yokohama, Japan). My security interests encompass everything from web applications hacking, to 0-day hunting via source code review/reverse engineering, to hardware/IoT devices, to novel security research.
I’ve been a full-time bounty hunter since March of 2020, and over this time I’ve competed in nearly every HackerOne Live Hacking Event and deep-dived many private/public HackerOne programs. As a result, I’ve found over 450 vulnerabilities and reached the top 35 in the HackerOne All-time leaderboard. I previously worked for SynerComm as a Penetration Tester and Veivos as an IT Architect. Outside of security, my hobbies are language learning (Japanese: Fluent-ish, Italian: Rusty Intermediate), Volleyball, Jiu-Jitsu, and spending time with my lovely wife Mariah.
I am also a Christian and love to talk about Jesus! If you are someone who wants to talk about Jesus or a Christian yourself, please reach out!
I really enjoy mentoring and teaching. If would like assistance getting into the bug bounty or hacking scene, please contact me. I will gladly share with you what knowledge I have if you prove to me that you are willing to work for it and are not just looking to be spoon fed success.
certiciations and awards
- “Most Valuable Hacker” H1-3493 2022
- “2nd Place Winner” H1-303 2022
- “Most Valuable Hacker” H1-2108 2021
- “2nd Place Winner” H1-2108 2021
- “Best Team Collaboration” H1-2102 2021
- “2nd Place Winner” H1-2102 2021
- “Best Team Collaboration” DISTURBANCE H1-2006 2020
- “The Exalted” H1-415 2019
- “Offensive Security Certified Professional (OSCP)” June 27th, 2018
papers and publications
- “Crossing the KASM - a Webapp Pentest Story” - DEFCON 2022 Main Stage - Sam Erb, Justin Gardner (Rhynorater)
- “Graphing Out Internal Networks with CVE-2020-13379” - HacktivityCon 2020
- “CI Knew There Would Be Bugs Here” - EdOverflow, Corben Leo, Justin Gardner (Rhynorater)