Louis Nyffenegger is a founder of PentesterLab. Even though I don’t know him personally, I have big respect for him as a hacker, teacher and as a person. He just decided to offer public office hours where you can chat about careers, learning or even startups. I...
Non-technical
Whose Input Is It Anyways? by Rael Sasiak-Rushby
Rael Sasiak-Rushby presented a talk titled “Whose Input Is It Anyways?” on BSides Leeds. The talk was interesting to me because he focused on the aspect of working with developers and understanding their struggles. It will be especially useful for those of you who...
Applying a growth mindset in bug bounty
One of the main things that differentiate pentesting and bug bounty is the importance of the mindset. What you are looking for is the so-called growth mindset. Without it, you will not succeed in bug bounty for the long term with a healthy mind. Recently, Andrew...
How to choose a security research topic?
Incredibly, James Kettle produces novel web security research every single year. I have a huge respect for him! And I, probably like you, sometimes have thoughts about spending some time off my targets to instead invest some time into developing new techniques. But...
Learning a new challenging concept
Learning a new challenging concept can be daunting, but with the right mindset and approach, you can tackle and master any skill. I’m a learning junkie and in this article, I’ll explore practical steps and strategies that I’ve used over the years to make it easier....
How to Be An Ethical Hacker: 2023 Edition
The Cyber Mentor released a YouTube video “How to Be An Ethical Hacker: 2023 Edition”. He goes over what you should learn to become an ethical hacker from the very basics up to the more advanced stuff. If you are just getting into the industry, that’s a great...
DOs and DON’Ts I would tell my younger self before starting bug bounty
Every journey consists of good and bad things. While it’s impossible to just follow other people, it’s wise to learn from their stories. In this article, I’ll write a few things that would benefit me had I heard them a few years ago. I’m sure you will find here...
How to make notes about a target? +my Notion template
When I was a pentester, I didn’t feel the need to make exhaustive notes about my targets. Usually, projects started on Monday and ended on Friday so everything I needed was either in my head or easily findable in Burp history. However, I could definitely benefit from...
HACKING GOOGLE
HACKING GOOGLE is a video series on YouTube from Google about Google’s security - what teams they have, what are they doing, and what are their responsibilities. It’s really nicely filmed and edited - without a question, by a professional filmmaker. Don’t, however,...
Preparing a resume
Shawn Thomas, Director of Forensics and IR at Yahoo!, created a thread about preparing a resume. Among other tips, he recommends you to put things like labs, side projects, CTFs, and similar if you have no practical experience relevant to the job. I believe that’s one...