6 min read

Categories

AMA with Youssef A. Mohamed


Penetration Tester 🔥 - Bug Bounty Hunter 🐞 - Acquired awesome collection of Certifications 📃 - Founder of BuguardInc



  • Q1) What you prefer in bug bounty Learning or hunting?

  • Q2) Paid services you recommend for bug bounty hunting?

  • Q3) Favourite burp addons?

  • Q4) How much recon you prefer?

  • Q5) Automated tasks or manual hunting. What you prefer & why?

  • Q6) Thick client related stuff?

    1. I do both. but learning is must.

    2. @SpyseHQ, and some other services.

    3. IP Rotate.

    4. Alot.

    5. I do alot of both to be honest.

    6. I have some knowledge on this domain but haven’t conducted a lot of projects on Thick clients.


  • Why you hack?

    • Hacking is my hobby, I don’t play football or other sports so I see it as my own sport..Hack stuff and get paid and to pay the bills.


  • What I can do after finishing sans 542 and sans 642 web pentesting to be able to find job & any recommend how to start as mobile pentest?


  • What to do when a bug hunter loses ambition to hunt and gets boring? Look for new methodologies, programs, learn something new? Or what?

    • Actually, When I had my own burnout time. I started to learn IoT Security and I had my energy again and started to hunt on BB Platforms again. So, I can suggest to learn more and sharp your skills. or set a new goals for yourself!


  • How to convert from ctfs zone to bug bounty?

    • Expand your knowledge by reading more and practice more and check out the resources I posted in my replies here and you will do great!


  • Q1) Do bug hunt now is the same as old? and it deserves to spend time on it or spend this time to improve my skills.

  • Q2) How can I improve my skills in Web Security?

    1. Actually, no I don’t spend the same hours like the old days. I’m busy with my new startup @BuguardInc and Improving my skills in different security domains. Deservers or not, depending on your goals try to learn to how to manage your time well and you will be able to do both.

    2. Practice, Practice and Practice my friend with @PortSwigger Web Academy, @Bugcrowd University, @Hacker0x01 101, @yeswehack Dojo, @PentesterLab too, and read more from @PentesterLand published writeups.


  • Do you prefer bug bounty than security companies or not and why?

    • I do whatever is useful for me to be honest. I did 2-years of bug bounty then I went to security companies for a whole year learnt a lot of stuff which I couldn’t learn in BB and then I quite from the role to learn more and do more researching and establishing my own startup.

    • Currently, sharping my skills and trying to achieve my goals through my new startup @BuguardInc and doing bug bounties in my spare time.


  • What is your hunting methodology? Which is your niche bug (which type of bug you hunt most and focus on)? Any notes you can share?

    • I will write a blog soon about the methodology and you can find about my favorite bugs or notes on my website.


  • How do you deal with imposter syndrome and lack of motivation?

    • Redbull, Gaming, Hanging out, setting a new goals, spend money to earn more money.


  • Do you collaborate with strangers?

    • Usually no, but in special cases I can collaborate yes.


  • I want to work in company to benefit from team work knowledge and experience but what I need for this expect certificate and hofs?

    • You just need to be good in what you’re doing. Not all companies require HoFs or Certs.



  • How I can find or test for SQLi and how I can improve my sqli payloads?

    • There’s a lot of SQL Injection mastering courses out there, go search and you will find what you need buddy.


  • How can I start to study to become a red teamer?

    • Actually, I think you can learn about Red Teaming from @eLearnSecurity (eCPTX) “Materials and Labs” but you need to do an actual Red Teaming to learn it in real-life. and you can’t do it in Freelancing mode, you have to join a cybersec firm which is providing it as a service.


  • What made you chose certificates from elearnsecurity as opposed from offensive security?

    • To achieve my goals, and for their materials reputation. I’m going soon for offsec too.


  • Is it relevant to do bug hunting today?

    • You can join the field anytime and achieve good work! It depends about your skills, knowledge, and your efforts.


  • How do you manage your time between learning and hunting/working?

    • I learnt more about time management and I try to split my days between the college, the formal work and also split my spare time between having fun and doing bug bounties. Sleep less, Work more. (but keep it healthy)!


  • Favorite tool for finding js and also do you read all the js code line by line if it is big how do you hunt for js in general like finding secrets?

    • I love doing it in a manual way but there’s some good extensions and tools for it. I don’t remember names right now.


  • Recommended methodolgy to bug hunting after finish studying on pentesterlab?

    • I don’t know something special but you can see Bugcrowd bug bounty methodology.


  • Can you explain your recon strategy?

    • Regular Recon Strategy mixed with my own knowledge which based on my 3-4 years of Hacking and Rap songs in the background. It’s a long story, Maybe I will write a blog about it later but I don’t do something magically..as I said it’s regular steps.


  • What is difference between penetration testing and bug bounty?

    • Methodologies, Steps, Reporting, Limitations, Target’s nature….etc.


  • How long did it take you from when you started until your first paid report?

    • It took 10 months.


  • Php and JS is very important or just you should to learn them?

    • Yes, you should learn them. They are very important.


  • If you had to use one tool for the rest of your life, what tool would it be?

    • Burp Suite!


  • Do you Think Bugbounty Programs will be vanished in 2030?

    • No, I don’t think so.


  • What is the best crawling method?

    • Build your own crawler.


  • How many months do you spend on one target?

    • One to three months approximately.


  • Do you think that bug hunters should only search for high,critical bugs only?

    • Go find anything valid.


  • Any weird bug you reported proud of?

    • I always find weird behaviors but nothing special to remember now.


  • Any tips for passing eJPT exam?

    • Have a good knowledge about Network, Nmap, Hydra, FTP, and Metasploit.