Replying to @coderbyheart
No special tools required to hack web applications, start with your browser's
developer tools and use a proxy like https://www.telerik.com/fiddler for
easier manipulate and replay requests.
1 reply
Replying to @coderbyheart
If a security researcher contacts you, they don't have an agenda, they want to
help you. If they had bad intentions they would not disclose a security issue
but exploit it without you knowing.