Sukhmeet Singh is one of the brilliant mind who helps big organizations to strengthen their security. This punjabi hacker have legally hacked multiple websites and won bug bounties.
In this blog post, we will talk about how a professional hacker does his work. We will try to learn as much as we can from a brief conversation with a hacker.
Before starting, lets have some introduction about the legal and professional hacking world.
Could hacking be legal?
Hacking could be absolutely legal when hackers are invited by the organizations to hack into their projects and websites. How it could be possible to invite a hacker to hack oneself? Answer to this is the bug bounty programs.
What is a bug bounty?
A bug bounty program is kind of open challenge and invitation by organization to hacker for breaching their security. Organizations do this on purpose, to improve their existing security by knowing the vulnerabilities found by hackers in the bug bounty programs.
A hacker could be a professional too?
Many organizations hire a dedicated hacker to perform their security and vulnerability checks. This is how a hacker could be a profession being, these professional hacker are also called ethical hackers and white hat hackers.
Meet Our Hacker
Name: Sukhmeet Singh
Year spent hacking: 10 years
Pro Hacks: UrbanClap and Oyo Rooms
How Sukhmeet starts his Bug Bounty Journey from a $5 Offer
In the early days, Sukhmeet Singh found a bug bounty listed on the BlackHatWorld website. It was a proxy post, a third person posted an offer of $5 to hack into a website. After the website owner found that post, he commented on it to offer $20 for finding a bug in his website. Sukhmeet was following this post and fortunately start working on it, he found 3 XSS bugs in that website. As per the promise, the website owner paid him $20 for each bug. Sukhmeet made $60 from that $5 offer that day. He was definitely feeling a victory and seeing a future for bug bounty for him.
A short conversation with Sukhmeet Singh
ME: What is a great hack, according to you? Sukhmeet: Full access of admin panel ME: What is hacking a website to you , stress or fun? Sukhmeet: Fun ME: What was your first hack? Sukhmeet: XSS in chatroom on a social networking website ME: What did you hack in UrbanClap and Oyo Rooms website? Sukhmeet: Full admin panel access ME: If I need to learn hacking, where should I start? Sukhmeet: YouTube is the best place for beginners. ME: A tip for beginners in ethical hacking? Sukhmeet: Get knowledge about as many programming languages as you can. ME: What is your favourite programming language? Sukhmeet: PHP is my favourite language. ME: A Security tip for our readers? Sukhmeet: Check links authentication before you open them. Don’t fall for phishing attacks. ME: A Security tip for companies? Sukhmeet: Investing in cybersecurity is worth it.
What I learnt from our hacker
There’s always something to learn when we talk with professionals. I had curiosity that how it all would be done, how a hacker could find a loophole into the program developed by a bunch of developer. A person to do this kind of job must be smart and updated enough to get the job done and no doubt I saw this in Sukhmeet. His consistency of ten years in this career made him what he is today. He is enjoying his career while walking the professionals pathway.