Hacker Story - Ashish

Growing up as a kid in the early 2000s, I had a connection with computers. I remember going to school and spending my time on the computers at the lab. I also remember my dad getting me my first laptop, which I only used to play games with my brother.

When it all started

Back then, my dad used to buy the newspaper, and I enjoyed reading it every day. One day, on the front page, was news about a hack on our town’s municipality website, so I quickly googled the website to look into it. When I opened it,  I was intrigued to see how someone can hack a website and spread their agenda with defacement. I decided that since I had a laptop, it was time for me to put it to use for something other than just gaming. 

A whole new world opened for me

I started to spend my time researching how to hack the games I play, how to crack my favorite software and whatnot. Although in my parent’s eyes I was just wasting my time,  I was confident I would make something out of it. And slowly, it started to happen.

As days passed, I spent more and more time googling about hacking and reading about how you can hack WIFI and Bluetooth with kali Linux (backtrack then). The more I researched, the more I found.

One time I grabbed a copy of backtrack, even though I had no idea what I was doing as I had no clue and had never even used Linux before. So I read tutorials, explored documentation, watched videos, and eventually was able to learn Linux and get myself familiarized with its commands.

Then, it happened

One day scrolling through Facebook, I saw someone posted their achievement about bounty and swags that they got from some company they hacked legally (“Ethically). I was like -  If I can make a few bucks, then I can change my parents' minds about this being a waste of time. So I started a deep search into vulnerabilities, vulnerability scanners, etc.

At first, I had no clue what I was doing. But it all started to make sense as I spent more and more time sticking to my laptop and my Symbian phone.  I found information about platforms like Bugcrowd and HackerOne, where you can submit bugs and get money for them.

So I registered and looked into the scope and blindly ran them in automated scanners i.e., Acunetix. I copied and pasted the findings and surprisingly some of them even got accepted. And then I was like - wow! Besides that lucky discovery, I was able to learn a lot in the process as I got to look into those vulnerabilities and try to understand them. And then…  It happened.

I got my first $100 bounty from Malwarebytes. My parents were so happy when I told them. They assured me that I would take care of myself and make a good life. I think they were right because computers are, were, and will be my thing, and I wanted to pursue my passion.

Then I needed a break

I started spending all of my time hacking random companies with bug bounty programs and compiledf hundreds of reports for hundreds of companies. Of course,  that was impacting my studies at school, but hacking companies was thrilling to me. Finally, I understood I needed a balance, so I corrected myself and passed through school with fine grades.

Once I graduated, I started hacking full-time again, but this time I was losing interest as some companies did not respond to my reports, or my reports got closed and not accepted, or got marked as duplicates a lot.

Lesson learned: I needed a mental break. So, I took one.

By the time I came back, a lot more people had gotten into the bug bounty game and things got even harder. So, I decided to level up my game and spent hours learning to code so I could run automation for the recon process. It improved the way I do recon and was a total game-changer.

Involvement and collaboration with Hackers

I got in touch with a guy on Discord (Wabaf3t), he DM-’d me and we discussed some things regarding the vulnerability he found and wanted to leverage. We started getting along and working closely together. One day, he introduced me to Sick codes and that´s when we started doing magic, we did some great hacks together with another famous Hacking Group.

At this stage, I got more and more into Vulnerability Research, analyzing, and understanding the vulnerabilities exploited in wild, and then proxy shell vulnerability came into the limelight so Wabaf3t and I spent time trying to replicate that 0day. And eventually, we did it, before it was even publicly known.

Turning Point

I was in touch with some awesome Chinese security researchers and got a lot of intel from them about this vulnerability that I shared on Twitter. I think that caught some attention and that is how I landed a job.

And here I am now, trying to save the world.

My Takeaways

  • Do not put too much pressure on yourself, as mental peace is really necessary.
  • Have a Hacker mindset. If you cannot think like a hacker, you cannot hack like one.
  • Prove yourself when it's time.
  • Believe in yourself.
  • Learn a Programming Language that would give you a lot of advantages and make your life easy
  • Have patience and keep yourself focused.
  • With great power comes great responsibility.

Ending Note

A lot of things happened in my life and taught me that you need to have confidence in what you are good at, have self-esteem, and be proud of yourself for what you have achieved.

Learn how AI and Machine Learning are changing Pentesting.

Alex Thomas
CTO, Founder
Alex started his career as an ethical hacker, eventually working as a penetration tester, hacking into fortune 500 companies all day long. Alex invented the Red Sentry software platform, a tool that could help people take action before they were victim to a hack. Pairing this software with a team of seasoned pentesters, Red Sentry has created a hybrid approach that allows businesses to get a thorough manual pentest quickly, while also utilizing the Red Sentry software, to ensure year around security.

What Results You Can Expect

Below are just some of the reasons why you should choose Red Sentry.

No Lead Times

We make the process smooth. We have no lead times (for those ASAP pentests).

Dedicated Project Manager

Your PM will communicate with your team throughout the pentest process.

No Hidden Fees

There are no hidden fees or overage fees. The price you see, is what you get.

Retest

We offer a retest once you patch up any vulnerabilities.

Affordable Pentests

We make pentesting affordable by cutting out any fluff hourage.

Actionable Reporting

We report all criticals and highs to your team immediately during testing.

You're in Good Hands

Save time, avoid false positives, truly operationalize security, and manage costs.

Schedule a Pentest
Stars Review

Rated 4.8 on G2 & Capterra

"The Healthcare sector has been heavily affected by cyber attacks this past year. As we have so much sensitive data in our business, security is one of my main concerns. Since we’ve been using Red Sentry, I feel more confident because my team knows which patches need to be applied first and how to test them afterwards.”
Dana White
CTO, American Cosmetic Surgery Network
"We hold most of our data inside our Cloud infrastructure, which not many cybersecurity companies are focused on. Being able to have a thorough look at our Cloud security allows us to report our status to our clients and assure them we are taking a proactive approach to cybersecurity.”
Gabe Killian
VP Software Security, Procella Health
"Great enterprise tools for risk assessments. We were up and running on the software in just one day. Very easy team to work with and extremely affordable for the amount of visibility and features you get.”
David Lewandowski
CTO, United Networks of America
"We are pleased to have a strategic partnership with Red Sentry that offers our joint customers a leading integrated security solution that reduces risk and helps to keep threats out of the environment. Together, we are delivering highly accurate network assessments and intelligent automation of workflow processes and policies for a diverse customer base."
David Cartwright
Head of Commercial Cyber Security for Osi Vision

See how we compare

We strive to bring the best pentest solution, for the cheapest price. And did we mention that we are fast?

Other Pentest Solutions

Red Sentry

Time to Launch: Weeks to Months
Time to Launch: < 7 days
Price: High (excessive fluff hours charged)
Price: Most Affordable (Ask about Price Matching)
Support: Medium
Support: High with dedicated PMs and Team Leads
False Positive Rate: Medium
False Positive Rate: Low
Customer Satisfaction: Medium
Customer Satisfaction: High

Discover your vulnerabilities

Schedule a Pentest
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.