My Journey in Cybersecurity, in chronological order
@ 11
At the age of 11, I began to grow fascinated by how computers work, and even more intrigued by how hackers hack these intrinsically designed machines. I was introduced to the world of ethical hacking by my close friend then, who he himself was quite well versed in the topic. However, he was not an ethical hacker himself, rather he wanted to be a black hat hacker. Yet, I supposed he was not willing to take the rest, as he never attempted to break into systems illegally, which was best for him as the world of hacking is not forgiving. Black hat hacking can cause one to be arrested, and result in fines and/or even up to years in prison.
@ 12
At the age of 12, I created my first Metasploit Payload, which I was attempting to use to hack the webcam on my brother's computer. However, perhaps something went wrong within the payload itself, or my brother's firewall blocked the payload, and consequently I was unable to successfully hack his webcam. I suppose my brother had already known this before hand, because he seemed confident in allowing me to try install the payload. After this incident, I spent several days trying to fix the payload, without realizing that there were other possibilities like the firewall or antivirus blocking the payload. At this point of time, I also did not know what was a port, hence I also failed to realize that the port my payload was using could have been closed.
As a result of lacking ports and computing knowledge, I also tried to connect to my brother's computer via RDP(Remote Desktop Protocol), without knowing that port 3389 used for RDP was closed by his firewall, and RDP being disabled by default on his computer. It was only after trying for several hours(and failing), did I finally attempted to look up the internet for a solution to my problem. Voila! I had found the solution, which was to open the port on the firewall and enable RDP! However, it was too late because my computer usage time for the week was used up. Consequently, I forgot about this short term goal of mine, until today.
@ 13-14
During ages 13-14, I was mainly scouring hacking forums to see how hackers think and act, and learning about the various ways they exploited systems and vulnerabilities. What shocked me was how easy it was to exploit these vulnerabilities, owing to the rise of automated hacking tools in the contemporary digital era. I fondly remember one of these tools being SQLiDumper - Which was made by AngelSecurityTeam. The tool enabled users to perform operations like Dork Searching , Vulnerability Scanning ,SQL Injection , XSS , LFI and RFI. Furthermore, it was in a GUI(Graphic User Interface), which allowed beginner 'hackers' to utilise the tool and exploit vulnerable databases, without even knowing how to do it the manual way in Linux by using the shell. Although I believe the tool was made for penetration testing by ethical hackers, many malicious users used this tool to perform data-breaches on various websites. I also noticed the uprise of hacking tools being sold by programmers, like account checkers and database dumpers/dorking tools. Unlike SQLiDumper, these tools were made by malicious creators, for malicious users, who could access these tools without prior knowledge to hacking at all. Of course, this was highly worrying, but I could not do much to stop these malicious users nor creators. Dare not I dabble in such vices, because I know the legal consequences of doing so.
@ 15
I did not dabble much into cybersecurity when I was 15, as I was busy preparing and studying for my upcoming important exams. It was difficult to balance between studying and leisure during this period of time, hence I made the difficult choice to put cybersecurity aside temporarily for a while, to focus more on my studies. However, the time came during around November that year, when my mother's bank account was hacked by malicious actors. This rekindled the spirit in me for cybersecurity, as I realised how vulnerable we were, even with the utmost security protocols being put in place. 2FA and OTP are no challenge for black hat hackers in our era, hence I hopped back onto the bandwagon of cybersecurity during the End-Of-Year holidays.
@ 16
Currently at 16, I aim to pursue a degree in Cybersecurity, to achieve my aim of safeguarding the collective data of innocent people, and ultimately building a more secure and safe digital haven for everyone. I have tried using HacktheBox and PicoCTF to refresh my knowledge about cybersecurity, and free courses online from Coursera, for example, do really help a lot in this aspect. I have also recently participated in a CTF competition and workshop held by YCEP(Youth Cyber Exploration Program) held in conjunction with Ngee Ann Polytechnic, and am looking forward to attend my next CTF held by CISCO this coming weekend. Although the prospect of winning is nice, it's not my ultimate goal, as I solely wish to gain knowledge and become more well versed in the field.
Conclusion
My journey throughout cybersecurity thus far has been quite eventful, with there being many ups, but also many downs. What I have learnt from my journey is the importance of self-reflection, and how it is important to recognise our own mistakes and correct them. In fact, this is one of the reasons why I am writing this post; to reconcile with my past and reflect on what has built me up as a person so far. Perseverance, Empathy, and Teamwork are core values that are not only important in cybersecurity, but also in all aspects of life. Ultimately, my goal is to become a Penetration Tester in the future, as I enjoy being in the red team of cybersecurity. I may not be the best in what I do, but I am always aiming for greater heights, and not just settling for the status quo, because challenging ourselves is the only way to achieve growth.
A Journey of a thousand miles, begins with a single step" -Lao Tzu
Top comments (3)
At the age of 12 I did… like watched cartoons, played wooden toys, read Mark Twain… when I see something like this post I feel myself a totally lost twat…
HAHA nah I'm pretty sure that payload of mine was broken as heck too xD
Well said.