Ideas

In the security industry, we are lucky to have many hunters sharing their write-ups in public. To learn deeper from these write-ups, we should have some methodologies to extract knowledge from these experts.

Applied Cognitive Task Analysis (ACTA) is a methodology used by researchers to elicit knowledge from different domain experts. I think it is an interesting methodology to experiment with to see if we can extract knowledge in a structured way from the bug hunting experts.

Note: I will be experimenting with a few techniques from ACTA and adjusting it to secondary texts like bug write-ups, blogs, youtube videos, news, Github commits etc. instead of the interviews with experts.

The goal is to see the contrast between Novice bug hunters like me and Experts bug hunters and then use the learned knowledge to improve my own hunting methodology.