Learning a new challenging concept can be daunting, but with the right mindset and approach, you can tackle and master any skill. I’m a learning junkie and in this article, I’ll explore practical steps and strategies that I’ve used over the years to make it easier....
Non-technical
How to Be An Ethical Hacker: 2023 Edition
The Cyber Mentor released a YouTube video “How to Be An Ethical Hacker: 2023 Edition”. He goes over what you should learn to become an ethical hacker from the very basics up to the more advanced stuff. If you are just getting into the industry, that’s a great...
DOs and DON’Ts I would tell my younger self before starting bug bounty
Every journey consists of good and bad things. While it’s impossible to just follow other people, it’s wise to learn from their stories. In this article, I’ll write a few things that would benefit me had I heard them a few years ago. I’m sure you will find here...
How to make notes about a target? +my Notion template
When I was a pentester, I didn’t feel the need to make exhaustive notes about my targets. Usually, projects started on Monday and ended on Friday so everything I needed was either in my head or easily findable in Burp history. However, I could definitely benefit from...
HACKING GOOGLE
HACKING GOOGLE is a video series on YouTube from Google about Google’s security - what teams they have, what are they doing, and what are their responsibilities. It’s really nicely filmed and edited - without a question, by a professional filmmaker. Don’t, however,...
Preparing a resume
Shawn Thomas, Director of Forensics and IR at Yahoo!, created a thread about preparing a resume. Among other tips, he recommends you to put things like labs, side projects, CTFs, and similar if you have no practical experience relevant to the job. I believe that’s one...
The mindset to Improve in Bug Bounty
Gunnar Andrews has a series of Mental hacking where he talks about the mindset in the context of bug bounty. So far, I only watched one episode but I really identify with what Gunnar says. For me, the most important quote from the video is Compare yourself to yourself...
Preparing a technical presentations
Chelsea Troy wrote an interesting article about preparing a technical talk. I think this kind of material is needed because while articles about preparing presentations are all over the Internet, there are very few materials about technical talks. They are vastly...
Mark Dowd – How Do You Actually Find Bugs?
Mark Dowd presented a great keynote at OffensiveCon22 titled “How do you actually find bugs?”. He talked a lot about the mindset and problems that security researchers encounter. I think there are a lot of tips we can learn from it. Here are my notes. The mindset To...
Is hacking legal?
Is hacking legal? Of course, we know that bug bounty is. But what about hacking other websites? I’m sure that, at least once, you saw a numeric identifier somewhere and you changed the URL parameter to another number, even though you weren’t actively hacking there. Or...