Self-taught moral hacker finds 700 bugs for tech giants; Wins over 7 million air miles

In 2011, after graduating from class 12, Ankit Singh (27), a resident of Prayagraj, Uttar Pradesh, enrolled himself in a pc science engineering course. Nonetheless, whereas on trip, he discovered a guide a couple of well-known moral hacker from Pakistan and was shocked by his work.

“The guide was an introduction to completely different courses of malware. Therefore, I made a decision to be taught extra about it,” Ankit stated in an interview higher india,

In the present day, he works as a contract bug bounty hunter, figuring out safety vulnerabilities and flaws for numerous tech giants together with Microsoft, Apple, Amazon.

Most just lately, he participated in a worldwide hacking occasion, through which he was ranked second and acquired a money prize of over $20,000. He additionally received 750,000 air miles from United Airways for reporting his safety vulnerabilities.

Throughout his four-year engineering course, Ankit not solely studied his common syllabus but additionally used to look at movies on the web to grasp moral hacking. They enrolled themselves on web sites like ‘BugCrowd’ or ‘HackerOne’ to realize sensible expertise in figuring out bugs.

“These platforms act as an middleman between their prospects and moral hackers/researchers/bug hunters all over the world. Bug hunters by way of these platforms report crucial confidential bugs to the related consumer group by way of the consumer’s program coverage out there on HackerOne or BugCrowd,” he says.

Ankit created web sites on his personal with many flaws and tried numerous strategies to establish them. “It requires loads of endurance, however as soon as you work it out it’s totally attention-grabbing.”

As soon as they had been satisfied, they might take a look at their strategy on the general public cyber safety pages of varied corporations. These had been created to establish real-time potential threats to public area moral hackers.

“Earlier than engaged on these platforms, I needed to submit my resume with some proofs. I used to be then allowed to sneak by way of their web site and establish safety flaws. These safety flaws might be so simple as permitting hackers to entry firm data or harm mental property,” says Ankit.

In 2016, they recognized their first main bug in a bug bounty occasion organized by Udemy, an ed-tech firm. The next yr, he reported a bug to Microsoft and was awarded a $7,000 prize.

“I used to be excited after Microsoft recognized this bug. The sensation of defending giant corporations from potential safety dangers is like no different,” says Ankit,

He labored for some personal corporations in addition to for the Authorities of India. His function with the federal government included working with the house ministry and conducting safety checks for numerous web sites, making certain that the info wouldn’t be misused.

In 2020, after working for 3 years for different corporations, Ankit stop his 9-5 job and began working as a contract cyber safety analyst. He needed to discover his abilities, enhance himself, and give attention to stopping safety breaches from cybercriminals to varied corporations all over the world.

“I’ll take part in numerous bug bounty packages and in addition go to the general public area of pages like IBM, Microsoft, Apple, Twitter, Yahoo and others. As soon as I’ve recognized the bug, the corporate will acknowledge it and provides me a certification or Money will reward,” says Ankit.

Lately, Ankit was awarded 7,50,000 air miles for touring after figuring out safety vulnerabilities inside their Bug Bounty acquisition for United Airways. He additionally participated in a digital cyber safety competitors, the Okta Bug Bash, and received $20,900. Thus far, they’ve recognized as much as 700 bugs on web sites all over the world.

(Edited by Divya Setu)

Supply hyperlink