Hacker Stories

Hacker Story - AOXSIN

My name is Aoxin, and though I’ve been in this field for 3 years, I haven’t always been able to say I enjoyed being an ethical hacker.

Learning the basics:

Like most people, my main hobbies when I got my first computer in 2009 consisted of computer games like poker, Grand Theft Auto, and Assassin’s Creed. It wasn’t until I had learned about hacking at school that my curious mind couldn’t stop thinking about it.

Mind you, at the time I knew nothing about hacking at the time, so the learning process was painfully slow. I had to Google every technical term I heard, explore Facebook groups and blogs, and do my own extensive research, but eventually, I finally learned the basics.

What I loved:

With solid foundations covered, I could deepen my learnings and start to get into the real hacking world. I learned some phishing and how to crack paid software, and I did that for a few months until I moved onto my next adventure. I’ve always loved technology and hacking, but those weren’t my only interests. 

I also loved business and traveling too, but I wasn’t sure how to get on the right path to do them. For 2 years, I took web and graphic design courses leading me to some web-building projects and even starting my own start-up. 

Overcoming frustration:

But none of them succeeded the way I wanted them to. I wasn’t feeling fulfilled and with the freelance market being so unstable, my start-up was greatly affected and unfortunately, I was unable to recover. 

By the time I got admitted to college, I found myself in a place where all I saw was frustration, procrastination, problems, boredom and I felt unwilling to do anything. I got used to attending classes and traveling back home in a monotonous routine. But I didn’t want that. I wanted to do things my own way and I was afraid of being stuck with a 9 to 5 job with no freedom.

I finished high school with little hope in the traditional study system. I realized that college doesn't always teach us the knowledge needed to survive in today’s society. So, although I was accepted into Varsity University, I decided not to attend, and instead, dedicate myself to doing something more practical. 

Bug Bounties?

One day, I heard about bug bounties from a friend who had previous experience in hacking and being a bug bounty hunter. He showed me all of the bugs he found and how the process of finding them worked. I was immediately hooked and apart from reading the material and watching the YouTube channels he suggested, I started doing my own research to learn more about how I could get involved. 

Bug bounties are rewards offered by companies or different organizations for finding and reporting security vulnerabilities in their systems or products. People who look for these are called bug bounty hunters, and white-hat hackers (meaning ethical hackers that play by the rules).

I was thrilled by the idea of working with bug bounties as a freelancer on my own schedule and at my own pace. The flexibility to choose which programs to participate in and when to work on them was appealing to a busy student like me.

Getting started in the bug bounty world wasn't easy, but it was definitely worth it. In addition to my own independent research of the field, I also tapped into many resources out there for bug bounty hunters, including online tutorials, forums, and communities where I could learn from more experienced hunters and even share my own experiences.

There were certain times when I felt it was too hard and everything was going over my head, but I was determined to learn and improve, and with each bug I found and each report I submitted, I gained more confidence in myself to do more.

My first reward:

I remember getting my first $50 bounty reward from a self-hosted program by submitting a low-severity bug known as Click-Jacking. This episode occurred sooner than expected and it encouraged me to practice and learn more about bug bounties. It wasn’t long before this became my biggest passion. 

Looking back, I’m proud of having submitted several successful bug bounties and receiving recognition from many well-known companies like Sony, Asana, Airbnb, Brave, and more. It’s been an incredibly rewarding journey, and I’m grateful for having the opportunity to use my skills to make a positive impact in the tech world. And the great thing is, the best is yet to come!

Tips For you:

For those interested in getting into bug bounties, start learning and getting as much hands-on experience as you can. It may be intimidating at first, but with determination and perseverance, you can be on your way to making a difference in the cybersecurity space, too.

The list:

  • Stay up-to-date with industry news and developments: It's important to keep track of what's happening in the world of bug bounties so that you always have updated information on vulnerabilities and cybersecurity trends.
  • Be persistent and resilient: It takes time and effort to find vulnerabilities, and you may not have success right away. Don't get discouraged, and keep trying!
  • Be responsible: It's important to remember that you are working to improve. Starting a bug bounty journey can be both exciting and intimidating, especially if you're new to the infosec field. But with a little bit of perseverance and some helpful tips, anyone can jump into the world of bug bounty hunting and start making a difference in the online security landscape. Don't be afraid to ask for help or guidance from more experienced bug bounty hunters or online communities. There are many resources available to support your learning and growth.
  • Stay ethical: When starting your hacking journey, remember to be ethical and responsible for your actions. Finding and reporting CVEs is important, but it is crucial to avoid harming the systems or users you’re testing. Follow the platforms or programs’ terms of service and guidelines, and be aware of potentially damaging impacts you may have.  
  • Be patient, never stop learning & be helpful to others, never forge!

Andres Pena
Security engineer, developer and economist

What Results You Can Expect

Below are just some of the reasons why you should choose Red Sentry.

No Lead Times

We make the process smooth. We have no lead times (for those ASAP pentests).

Dedicated Project Manager

Your PM will communicate with your team throughout the pentest process.

No Hidden Fees

There are no hidden fees or overage fees. The price you see, is what you get.

Retest

We offer a retest once you patch up any vulnerabilities.

Affordable Pentests

We make pentesting affordable by cutting out any fluff hourage.

Actionable Reporting

We report all criticals and highs to your team immediately during testing.

You're in Good Hands

Save time, avoid false positives, truly operationalize security, and manage costs.

Schedule a Pentest
Stars Review

Rated 4.8 on G2 & Capterra

"The Healthcare sector has been heavily affected by cyber attacks this past year. As we have so much sensitive data in our business, security is one of my main concerns. Since we’ve been using Red Sentry, I feel more confident because my team knows which patches need to be applied first and how to test them afterwards.”
Dana White
CTO, American Cosmetic Surgery Network
"We hold most of our data inside our Cloud infrastructure, which not many cybersecurity companies are focused on. Being able to have a thorough look at our Cloud security allows us to report our status to our clients and assure them we are taking a proactive approach to cybersecurity.”
Gabe Killian
VP Software Security, Procella Health
"Great enterprise tools for risk assessments. We were up and running on the software in just one day. Very easy team to work with and extremely affordable for the amount of visibility and features you get.”
David Lewandowski
CTO, United Networks of America
"We are pleased to have a strategic partnership with Red Sentry that offers our joint customers a leading integrated security solution that reduces risk and helps to keep threats out of the environment. Together, we are delivering highly accurate network assessments and intelligent automation of workflow processes and policies for a diverse customer base."
David Cartwright
Head of Commercial Cyber Security for Osi Vision

See how we compare

We strive to bring the best pentest solution, for the cheapest price. And did we mention that we are fast?

Other Pentest Solutions

Red Sentry

Time to Launch: Weeks to Months
Time to Launch: < 7 days
Price: High (excessive fluff hours charged)
Price: Most Affordable (Ask about Price Matching)
Support: Medium
Support: High with dedicated PMs and Team Leads
False Positive Rate: Medium
False Positive Rate: Low
Customer Satisfaction: 
Medium
Customer Satisfaction: High

Discover your vulnerabilities

Schedule a Pentest
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.