Back in France, Recon and Teaching cybersecurity
• public
Table of contents
I'm finally back to France after two awesome weeks in NYC. And it's not the time to chill out as I have plenty of work to do in different fields, so I'm quite happy to be back.
I'm also giving courses next week, and I'll tell more about that here.
Back in France
I met so many people there and it was very nice. It gave me more confidence in a lot of skills. I was able to talk to anybody, even in the street, and I think that this is an amazing skill that can be very useful in life.
So I need to keep doing it here in France, even if people are less open here than in America.
Metting Tess and Mashoud also gave me new ideas about how to skill up my bug bounty journey. So I now have plenty of stuff to do.
I came back on some programs as well, and I found an interesting sink for a blind xss, waiting for it to pop on their side, but I'm pretty confident it will.
Looking at travelling, I will not be traveling for a few weeks, staying here in France. I have a lot of events, like a Hacker House with friends here in a few weeks, and also some conferences.
Recon
Having seen how Tess works gave me to idea of doing a little more recon. He gave me some tips and how he uses it to help find more attack surface.
And I agree, it's always the main goal to find more attack surface. By finding more subdomains and apps, or paying for subscriptions, or having a special account. That's the fun part of it, being the only one on this scope.
I mainly try to get special perks on the website by paying or trying to get a special account. I never search for new subdomains, but it can be a nice idea, as I already have the whole setup to do it. I will try focusing a little bit more on that in the next few weeks.
Thanks to Nahamsec, I discovered new ways to find more attack surface, by looking more into Github dorks and also Postman doc as a lot of api have a documentation on it, which is amazing for us, even better than reading the real documentation.
Teaching IT Security
I will give a 30-hour course in an engineering school here in Paris next week and in June. Students are in a Master degree and it's an introduction to cybersecurity. They are mostly into data management and AI. So I will try to do my best to give them the best overview of what we do, in a fun way, and not the usual boring way the school is doing it.
I'm currently doing the slides and preparing some exercises. It's hard work as I was a student 2 years ago and I know how this kind of course can be boring, so trying to make it funny and useful for them.
Also, I got an opportunity to write an article about Hacking and Bug Bounty on a famous platform. I accepted, and I will give it a try. I will talk about it more in another post when it is confirmed. I'm very glad to get a lot of opportunities like that. Just by writing these articles and how I manage my life, I'm getting a lot for that, and it's great.
