siLLyDaddy
siLLyDaddy
7 min read

Categories


AMA with Paras Arora

Security Analyst at Detox Technologies , Bug Hunter


  • How did you get a post in Detox Technologies i mean which bases and qualifications they hired ..?

    • I was already working as a security engineer in some other org and I applied for detox , profile got shortlisted as i was having experience and also i was active in Bug Bounties. They hired on the basis of interviews they conducted


  • How did you started your carrer..?

    • Started my career from bug bounties


  • Which one you feeling better security Analyst in Detox or Bug Hunter..?

    • Being a part of Detox really feels good as they are very supportive , so my priority is being with Detox and in my free time i would love to be called as bug hunter.


  • Any suggestions for Beginners

    • Suggestions for beginners: Keep learning from different resources and give time to your personal life as well.


  • Your daily tasks as pentester in a company (9am-5pm)?

    • Performing Manual Pentesting on the assets of clients


  • How to learn things fast in bug bounty?

    • Good things take time and there is no shortcut to success. Learning stuff regularly is the only way to find some valid bugs. So do things according to the pace you want ,don’t rush to study about everything in just a day give time at the end quality matters.


  • What advice would you give to the next generation of hackers?

    • To have every concept clear instead of just running behind bounties. Patience, concentration and enjoying real life also instead of sitting in front of the screen for whole day.


  • Which programming lang would you suggest to a beginner?

    • Understanding of Python and bash


  • Day to day jobs of a security analyst?

    • Pentesting assets, and most important reporting at the end.

      • Reporting has to be done everyday? If yes, what if you do not find anything on that day? Or say for next few days? Anyways thanks for the answers! ❤

        • What’s important is your honesty towards project, if you are doing enough smart and hard work and testing honestly and still you are not able to then it means that may be you are not familiar with some attacks or application is secure. So not to worry. Everything teaches us something..If this happens to me then I learn from that and this is what called as experience.
  • Steps you take to take care of your mental health.

    • I just play games, go out for 2hours in the evening.


  • what to do after recon ? i mean what are the bugs i need to find

    • Look for parameters , sensitive directories and stuff.


  • Your Approach for XSS ?

    • My approach for XSS : https://medium.com/bugbountywriteup/automating-xss-identification-with-dalfox-paramspider-e14283bb7916 But if this seems unsuccessful then I try to make payloads to bypass the restrictions of the application.


  • How to Master XSS ?

    • Try making your payloads , learn to make some by trying and trying.


  • How do you approach to web content discovery means where to fuzz from which wordlist ??

    • Tools I use wfuzz ,burpsuite
    • Check seclist and fuzzdb for wordlists


  • What is your favourite bug class? how you go about finding them?

    • IDOR’s , It is really imp to understand the web application and how the id’s , logics are getting validated.I use Autorize & Auto Repeater.


  • Security Layers of a web application for frontend and backend and how to identify them. How to bypass them. Tips and resources for bypassing them

    • Bypassing anything doesn’t have any fix methodology, it depends on the application so you can just dive into the application and more you dive more you’ll get to know about application then you can find reports which can help you bypassing the restrictions.


  • When i try to hunt on a particular target, I can’t stick with that one target 😓! Means I can’t understand why all things happen. I just left the hunting and started learning some other things! Please suggest/guide something!

    • This happens, get some time for yourself.when you are stuck Or frustrated go out refresh your mind then again start with the same target again. Focus on low bugs to keep yourself motivated.


  • How is finding a job in india feels like, what are the qualifications needed.

    • Finding a job in India depends on the skills you have , campus placements won’t help you to get into the InfoSec , at the end game is about skills.


  • Is ceh worth in India as a college graduate or should one go for oscp by taking some time, taking jobs in perspective

    • Yes CEH is worth you’ll get insights of basics if talking about job then CEH will expand your knowledge and will help you get shortlisted for interviews and ultimately job is dependent on interviews.

      • What extra should I do besides ceh to get that first job? What are your thoughts?

        • Focus on your skills that’s it.


  • What will you do after you collect subdomain?

    • Once I am done with subdomain enumeration/ collection Subdomain takeovers , enumerating for the technologies used by the subdomains sometimes it appears to be outdated and can lead to a RCE of some outdated versions. Integrating the subdomain list with nuclei.


  • I have my 12th going, haven’t studied a bit of it and at the same time I’m very much excited and interested to learn about cyber security or especially now all about bug hunting. What should a I choose at this particular time as our boards might come anytime now. 😔

    • Get your boards done properly n ask your excitement to wait for few more days. Bughunting Can be done after boards but once exams are gone they’ll not come back and you’ll not have another chance. Understand the necessity of the situation and get it done.


  • Can you list some companies that take in infosec interns? I mean a real internship where I get to actually be in a team and hack. Whenever I approach companies in my locality, they give me their “internship course curriculum and price of course”!

    • Search for companies that provide pentesting services and ask them about their openings for the internships but companies do not share their real time project with interns coz of their policies and hacking is not what we deal with. Corporates deal with pentesting.


  • How much time it took to get your first bounty when you started?? I am doing bug hunting on A regular basis and even not able to focus on placements.. Still no success.. Only dupes and NA. If something you want to suggest me?

    • Yes Dups are part of every bug hunters life. Don’t get demotivated by them atleast you know that you found a valid one but it’s dup. The thing is about finding a valid one,by doing this you are increasing your knowledge. Try some different bugs and those lie in P1,2,3.

    • I started as a security engineer in 2018 and bug bounty in 2019. First bounty after 3months I started bug bounties after 44dups.


  • How do you pick a prgm to hunt on? Which one you prefer the most, single domain or wildcard. Once you get the recon things Ready, how do you choose the website to hunt on?

  • I prefer wildcards due to the fact that they have a huge scope. Once my recon things are Done I select subdomains which are having keywords like internal, staging, dev as they can be related to internal environment.


  • are you a automation guy or a manual testing person?

    • I am a combination of both automation and manual pentesting though I have not made any tool but always tried to modify already existing tools to get my things done easily.


  • Do you hunt low level bugs ?

    • Yes i do hunt low level bugs if i am not getting the critical ones , it keeps you motivated.


  • What types of notes you keep ? Do you save all your recon data in notes format ?

    • I save my recon data but not notes


  • Do you hunt cve ?

    • yes i do hunt cves sometimes


  • what are the bugs you looks? Favorite bug?

    • **Bugs I look for : XSS , IDOR , CSRF on prior basis **
    • Fav Bug : IDOR


  • How bug bounty can help students to get jobs ?

    • Bug bounties gives you a platform to showcase your skills and at some point you can showcase your findings which can be treated as a plus point to get your portfolio shortlisted for jobs.


  • How students/job person can do bug bounty. ?

    • Every person in bug bounties are working hard by sacrificing their other things and you need to give it a priority to make it happen.


  • What you recommend for bug bounty : Mac/gaming laptop / normal laptop with vps and all ?

    • I Personally use Mac and a vps too.


  • what are the most useful burp extensions according to you?

    1. Autorize - To Test BACs
    2. Burp Bounty - Profile-based Scanner
    3. Active Scan++ - Add more power to Burp’s Active Scanner
    4. AuthMatrix - Authorization/PrivEsc Checks
    5. Broken Link Hijacking - For BLH
    6. Collaborator Everywhere - Pingback/SSRF
    7. Command Injection Attacker


  • How much we can depend on bug bounty ?

    • The answer varies many great personalities are full time bug hunters and many are working in corporates and handling bug bounties in their free time. So its just depends from person to person


  • Random thing you wanna tell ?

    • The game is all about learning and consistency.