HackerTrans
TopNewTrendsCommentsPastAskShowJobs

equatorium

no profile record

Submissions

Ask HN: Need Career Recommendations

32 points·by equatorium·vor 4 Jahren·51 comments

[untitled]

1 points·by equatorium·vor 4 Jahren·0 comments

comments

equatorium
·vor 4 Jahren·discuss
Starting coding in a young age is quite normal nowadays? If you check my H1 account, you can see that I made my first report 3 years ago. Do you now want proof that I am 17? Makes no sense to me.
equatorium
·vor 4 Jahren·discuss
If you have discord nitro, you can choose the 4 numbers by yourself. I got it gifted, so I set it to be #0001.
equatorium
·vor 4 Jahren·discuss
Hmm, what do you mean exactly? The #<4_numbers> is part of the username that is required to add someone on discord. So, yea, the full thing to add me is xor#0001
equatorium
·vor 4 Jahren·discuss
You can either contact me on discord, my tag is xor#0001 or you can shoot me a DM on twitter at https://twitter.com/equat0rium
equatorium
·vor 4 Jahren·discuss
Thank you really much, great advice.

> 2. Try joining big security groups/org - You have a lot of knowledge, especially in RE/PWN fields so maybe try joining organizations that do security research full-time example Google Project Zero or there are loads of other organizations that does that kind of work. This will make life easier in sense of what you wanna do. By joining such groups/organizations you can choose to work on game engine/cheat-anti-cheat hacking or browser/OS security basically choose what you wanna hack.

Already got my foot in some cool groups, not really a work-together thing, but still filled with some very skilled people like pmnh (https://hackerone.com/pmnh?type=user) and zi (the guy from dayzerosec https://www.youtube.com/channel/UCXFC76FDHZRVes6_lZqwLBA). Joining big organizations like Google Project Zero seems very hard for me in my eyes haha. Would have no idea on how to get into them.

> 3. I saw someone mentions that you should think of getting certifications. Believe me, when I say it, certificates do nothing. I got my OSCP because people said it would help me get a job, but it didn't. Certificates are only for people who don't really have anything else to show or beginners in the fields trying to get their foot in the door. You already have an amazing profile showing that you are capable of doing RE/PWN stuff. Go for certifications only if you actually want to have fun and take on the challenge. Don't expect much change in your professional life from those certifications.

I'd say that's very much true, but certifications is still a nice-to-have on the side, but surely not a big change.

> If you just want big money, yes smart-contract seems to be the big hot thing. If you are looking to make a big name in the security field along with a decent(sometimes really good) amount of money then browser/OS security is definitely a good thing. In the just try them for 1 week/month and stick with something that you enjoy :)

Yea, especially now, smart-contract research pays big. I'm probably gonna look into both and decide on later on what to focus.

Thanks again man, much appreciated.
equatorium
·vor 4 Jahren·discuss
Thanks, much appreciated.

"You could contract (needs networking and business), you could FAANG (needs patience and soft skills), you could government (needs patience and more patience)" That sounds like a insanely hard approach. I don't really have anything to show, only really got my HackerOne profile to show. Most projects I do is related to it, which I don't really publish or just not allowed to publish.
equatorium
·vor 4 Jahren·discuss
Thanks for your message.

"and will easily land a job when the time will come." Well, that's the thing. I don't want to leave out any opportunities, just because I was lazy in my young years. There are many insanely good people out there and I heard companies more look at years of experience and certifications, instead of public "achievements" like HackerOne, etc.
equatorium
·vor 4 Jahren·discuss
No. I've started coding by my own at the age of 9, were playing the old gems of games, saw people developing cool stuff in games like Minecraft.

Got a java book for christmas, started learning and got into Minecraft development. At the age of 14, I started learning cpp, reverse engineering and a bit of ASM. Found a vulnerability in Epic Games by messing around with stuff, managed to report it and was rewarded, then I simply kept going and made security research to my hobby.

My family is not familiar with software, but with hardware, so I got my hands on a PC very early. No pressure tho.
equatorium
·vor 4 Jahren·discuss
Thanks, much appreciated.
equatorium
·vor 4 Jahren·discuss
Hey, thanks for your message.

I wanted to start a technical blog, but Epic Games never (and still don't) gave me permission to publish my research about Unreal Engine 0days or remote code execution in their games.

Will definitely work on certifications in the future.
equatorium
·vor 4 Jahren·discuss
Hey. Thanks for your message, I've already thought about working on my math skills, also wanted to take some time and read into cryptography.

Much appreciated, thinking about it.
equatorium
·vor 4 Jahren·discuss
Hi. I've edited my profile description for proof, https://hackerone.com/f9cd8782?type=user