I call myself "The Lamest Hacker You Know". I don 't use Kali, 0days, Burp Suite or any tools besides Curl, A browser, and clients for existing software, combined with (semi) open data sources. Probably 90% of my findings are for companies that don't have a CISO an never even heard the term "Bug Bounty Program", In this talk I will give some tips on how to reach out to a company out-of-the-blue and not have them hate you.