The information security space is ever changing. With all the news of various hacks to ransomwares and cyber-weapons, it’s bound to turn the heads in its direction. This was around the time I was introduced to PHP in school and I made a website. But one of my friend who had a little bit of knowledge about injections pwned my web app. This motivated me to learn more about how he did it, and thus make more secure applications.
My first hands-on hacking experience
My first real hands-on hacking experience was when I hacked my roommate. From isolating him from our network to get higher bandwidth for downloads to compromising his system through a pendrive and email. My roommate was my guinea pig!
Ever since I got into the security and started reading up all the open-source material available online I used to practice it on my home network or virtual machines. So this was around the time when I learnt about ARP poisoning. I used ettercap tool to perform this attack. I performed an nmap scan with OS detection to detect all the systems in the network. That gave me my roommate’s local IP. I fired my terminal and opened ettercap. I set up the ARP poisoning attack and ended up with a few of his credentials and his session.
Climbing up the ladder to be an Ethical Hacker
A career in cybersecurity is not for the faint of heart, it requires person who is interested in continuous learning. I was interested in cybersecurity from the beginning but most of what I learnt over the years is self-taught. I started out with reading about various network based attacks as they could be performed on home network itself. I read a few good books available online. Then I moved on to the material that is recommed for CEH. That introduced me to a number of tools like nmap, wireshark, metasploit and various other tools. I went on to learn further about them. Fun fact, try using a smartly crafted metasploit payload to hack your friend’s android phones. Eventually my interest shifted from network security to application security. Trying to learn how to hack websites I landed on OWASP and SANS website. I practiced everything I learnt on sites like root-me.org, downloading various VMs from vulnhub and participating in a lot of CTFs. Various blogs and proof of concepts available online further helped me to understand various sophisticated attacks happening all around the world.
How TCS HackQuest helped me achieve my career goals
I was aware of TCS’ gamified hiring and was already an active member of TCS’ Campus Commune. That is how I came to know about #TCSHackQuest and I was all game for it as I could see my dreams coming true to work as a cyber security professional in a prestigious organization. Exciting prizes like XBOX and Playstation PS4 just added to my thrill and motivated me further.
#TCSHackQuest is aimed for students who want to make a career in cybersecurity by proving their mettle at a national level hacking contest and also provides an opportunity for students to land a job in cybersecurity with them. I worked really hard to prepare for the same and yes all said and done, #TCSHackquest helped me immensely to achieve my career goals based solely on my technical prowess.
About the writer: Siddharth Ojha is a passionate Cyber Security Analyst with TCS’ Cyber Security Practice, who made it to TCS through TCS HackQuest 2017. He is a B Tech in Electronics and Tele-communication from Bharati Vidyapeeth University College of Engineering, Pune and has also done his Full-time Diploma in Network Security.
Click HERE to know more about #TCSHackQuest and register for it.