IWCon2022: Biologist to Security consultant

Biol
Biologist to Security
ogist to Security
consultant
consultant
My Infosec Journey

View Slide

Motivation Learning
Journey Community
Agenda
Topics Covered
Getting my first internship and job

View Slide

Security Consultant @The SecOps Group
Synack Red Team member
Passive bugbounty Hunter
Twitter: @cyph3r_asr
LinkedIn: anugrah-sr
Web: anugrahsr.in
Blog: p1boom.com

View Slide

How did I got into cybersecurity
after graduating masters in biology?
I am from a non-tech
background. I want to do get
into cybersec, can you help me?
What are things I need to learn?

View Slide

Motivation

View Slide

My Journey
2015
Joined IISER Bhopal Life Science as major
Computational Biology
Evolutionary Genomics

View Slide

Age of Defacers

View Slide

Googled it!
How do they
do it?
SQL Injection!
Cross Site Scripting(XSS)
File Upload: RCE

View Slide

COVID-19 Change in plans

View Slide

Thesis
online
Placement
Cancelled
What's Next
No Idea!

View Slide

Plan of Action
Apply for PhD
Because a Dr Infront of
name would look cool
Data Scientist
Because it was the
hottest job of the century
Hacker
But where to start? Is it
possible
Asst. Professor
I had my NET exam cleared

View Slide

#100daystolearnandimprove
Hacking, Sharing resource and many
more.
Intern at OpenVirus
aggregation of scholarly publications
and extracted knowledge on viruses
and epidemics.
Into the
Infosec
twitter-
verse

View Slide

My First Report SPF!

View Slide

100days of
hacking!
Read a blog/writeup daily
Hack on Bugbounty programs
Solve a lab/room/box

View Slide

Resources
Infosec Twitter
Bugbounty Tips
Direct access to experts
Giveaways
Youtube
Stok
Nahamsec
InsiderPhD
...
Labs
Tryhackme
Hackthebox
WebSec Acadamy
Pentesterlab
hacker101 ctf
Blogs
Medium! Special shoutout to
Infosec Write-ups
Pentesterland
Hackerone disclosed Reports

View Slide

What I learnt
after 100days?
Learn to google
Learn to ask the right question.
Don't expect someone will spoon feed
you, You have to do your work.
Engage with the community, gather
people around you having the same
mindset.
Network as much as you can.
Give back to the community.
Persistence is the key.
There is no overnight success.
I got my first bounty after 3months
Become part of top1000 rank in bugcrowd
Became Confident with WAPT

View Slide

"To follow the path:
Look to the master.
Follow the master.
Walk with the master.
See through the master.
Become the master."
- Zen Proverb

View Slide

Started Applying for Internships.
I don't have CEH/OSCP or any cert or relevant Degree.
What's Next?

View Slide

Securing my
first Infosec
Internship!
Solve the CTF to get hired!
Application testing, client
meetings, report writing and more.

View Slide

Internship/Job Hunting?
Skills
Up skill yourself
Portfolio
Make a strong portfolio for
yourself. Be a contributor,
curator or a builder.
Apply
Raw Application or
Referral
Good Resume/CV
The ultimate aim in this
competitive field is that you
need to stand out in the crowd
https://www.p1boom.com/2022/01/how-to-find-your-first-cyber-security-internship.html.html

View Slide

Cyber Security Analyst
ISMS-VAPT
Full Time
Job
Security Consultant
Penetration Tests on Web
Applications, APIs, Mobile
Applications and Internal & External
Networks

View Slide

"There is no way to know if this is the right
decision or not, but it's better than living a life
asking what if I had taken that decision."

View Slide

You lose nothing by
sending a “Hi”, but can
gain much more.

YES NO
Twitter: @cyph3r_asr
LinkedIn: anugrah-sr
Web: www.anugrahsr.in

View Slide

IWCon2022: Biologist to Security consultant

IWCon2022: Biologist to Security consultant

Anugrah SR

More Decks by Anugrah SR

Other Decks in Research

Featured

Transcript