RVDP

How I got Acknowledged by the Indian Government For finding a BUG

Hello everyone, This blog is on reporting bugs that we found on Indian Government websites. There is a specific program called RVDP (Responsible Vulnerability Disclosure Program) which is similar to a Bug Bounty Program which is hosted privately on the website itself i.e. it is not hosted on any Bug Bounty Platform. For Indian websites, we have NCIIPC (NATIONAL CRITICAL INFORMATION INFRASTRUCTURE PROGRAM CENTRE) where we can report related to the Indian Government Websites.

If you are a beginner, you can start your Bug Bounty career from here as you don't have any pressure of negative points, duplicates, invalid's, etc. Even if you are already into bug bounty but not getting success on other platforms, you can start hunting here. It will help you to gain confidence and also protect Government websites by reporting Bugs/Vulnerabilities before any Black Hat Hacker takes advantage of it. If you are looking for a job in Cyber Security, what else would be helpful than getting acknowledged by the Indian Government.

Let's dig deeper to look into how I started Bug Hunting on NCIIPC. Firstly, we need a government website on which we can find a bug. It can be any government website whether it belongs to the state or central, you can find bugs and report them in NCIIPC. To find the Government websites I used Google Hacking. 

Google hacking, also named Google Dorking, is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using. Google dorking could also be used for OSINT. 

Ex: in the google search engine, we'll search for site:*.gov.in. This will give us the list of government websites. You can choose any website having a .gov top-level domain. 

After Choosing a website from the search results given by the Google search engine. Firstly, I tried low-hanging fruits. Low hanging fruit is nothing but the easiest and most prevalent technique an attacker can use to gain access to systems and data. In my case, I decided to move forward with Misconfigurations. So I choose to find vulnerabilities related to SPF records and found it on many of the government websites. If you don't know what is SPF, refer to this link.

This is a low-level bug, but if we exploit it correctly we can send phishing emails from the registered domain's email address. So sometimes it is very dangerous for a customer. 

The next Bug I found was related to Components with known vulnerabilities. Considering some security reasons and the high reliability some government websites use Drupal CMS. So, I came across a  vulnerability related to outdated Drupal CMS on a government website and reported it. I not posting any POC for security reasons and I recommend you also, do not post any POC or images of the vulnerability before they fix it as any Hacker can take advantage of it and attack it.

Now let's talk about why I'm hunting Bugs in RVDP, well I'm a beginner in Bug bounty. So, I'm getting myself ready to play on bigger platforms like HackerOne, BugCrowd, etc. It also keeps my confidence high while hunting bugs in Government websites and gives me the experience of how real websites function.

It's time for advantages,

• Well, participating in RVDP, particularly on the Government website won't get you some rewards but they acknowledge you for reporting. Getting Acknowledgement from Government will help in getting a job/promotion in the Cyber Security domain.
• Large Scope to find bugs. There are no limitations here. You can hunt for any kind of bug on a large set of websites.
• Boosts confidence in Bug Bounty Hunting. When you hunt on other platforms there is are possibilities that you get duplicates and you will get demotivated after constant failures as you invest too much effort and time. There is a very negligible possibility to get duplicates here due to less competition.
• Not only in Government websites, but you can also hunt bugs in other company websites who are having their own RVDP programs and also offers rewards, goodies, appreciation, gift hampers, swags, etc for a valid bug.
• Great opportunity to practice your web application pentesting skills in real-world applications. So, that we can keep updated ourselves with the new technologies.

After knowing all the details, well it's time for us to know how to get started in RVDP.

• The First Thing is Google Dorking, We need to have some knowledge of google dorking to find websites with particular top-level Domains.
• Knowledge of OWASP TOP 10 vulnerabilities to find valid bugs.
• Most importantly you should be good in Information Gathering skills to find domain lookups, sub-domains, technologies, firewall status, etc.

It's time for some Tips & Tricks in Bug Bounty.

 

Our mentor suggested a strategy, One website All Vulnerabilities OR One Vulnerability on All Websites. i.e. select one website and hunt for all the vulnerabilities or hunt a particular vulnerability in all the websites.

But, when you are selecting the websites it is necessary to do some information gathering to check if that website is suitable or not. 

Check Whether it is running on any Known CMS. Try to find what version and try to work on that.

Don't use any automated Scripts or any other tools to scan or perform a brute force attack. It will increase the traffic and might you will get blocked by the firewall.

Try to get familiar with tools like BurpSuite, OWASP ZAP, etc as it will help you a lot in finding bugs.

That's it for this blog.

Thank You...

Keep learning and keep Growing...

Capture The Flag

CTF - How and Why to start?

Cyber Security, a domain which involves lots of learning and practicing. Whether you are an expert or a beginner in cyber security. Basically, The platform where every individual practice and improve their skills and learn new strategies in Cyber Security. The platform is CTF (Capture The Flag).

CTF :

As it is mentioned in the image. Capture the Flag is a game. Where you will be given some challenges. These challenges are based on Real Time vulnerabilities that are actually present in the real world web applications. After Solving these challenges, we'll be given some points for each challenge. These challenges difficulty levels are based on Player's experience and knowledge about vulnerabilities.

Concept of  Vulnerability:

Vulnerability is a weakness or flaw in the code or we can say a weak point in the code where attacker can take advantage to get the unauthorized access to the system or credentials which is a sensitive data. So, This term vulnerability is more often used by the security professionals to point out a weak code. So, CTF platforms are the best resource to learn about finding the weak points in the code.

Why CTF? 

Now, we've understood about CTF. Let's talk about why we need to play CTF. Well, If you are an expert ,probably you'll know why to play CTF. But, If you are a beginner, then, you should know why you need to play the CTF.

When i came into Cyber Security, I was illiterate. After sometime i came across some CTF platform named Hackthissite. Then i started completing challenges by reading write-ups and watching walkthrough videos in youtube. But today i can solve the challenges on my own and even i published my own write-ups on another platform challenges named CTFlearn. Well, why i'm telling this is just to understand how a CTF will help for beginners.

If you are a beginner who is reading this blog ,have to understand what a CTF can do in your career. 

So, let's talk about some points here:

• Vulnerability: We already Know what a vulnerability is. But we need to  learn how to find a vulnerability or we can say weak code in the application .Without knowing what kind of vulnerability. We can't hack into the system. For example, In web Application, we have OWASP TOP 10 vulnerabilities. First we need to know what they are and How they will present in the web Application. 

• Way of approach: After we know what kind of vulnerability it might be. Then we need to find a way to Exploit the vulnerability. This is the most important part. By solving as CTF challenges you can, the more knowledge you get How to exploit a vulnerability. By Playing CTF's, You can experience different Vulnerabilities with different ways to exploit.  

• New Strategies: Once you get started with the CTF and get familiar with it. You can observe the way your strategies will get improved. The way you look for vulnerabilities, the way you observe the working and behaviour of the application. These strategies will be improved only by practicing. So, CTF is the best platform to give such valuable things. Even these strategies can be used in real time penetration testing. 

• Improves Practical Knowledge: When we study about some theoretical stuff, maybe we can't understand it in a  detailed manner. But in CTF, While we are solving a challenge actually we'll go through the entire working and behaviour of each and every component. Starting from the code, networking, protocols, firewalls, etc. By playing these CTF, an individual can gain Practical Knowledge which we'll be helpful in career growth.  

• Improves Confidence in CyberSecurity: When we solve a challenge. we'll get confidence that we can solve any challenge related to a particular concept. Exactly what we can gain here. When we solve some challenges in CTF, we'll get confident that we can conduct penetration testing in real time environments and can  perform even better. So such confidence can be built by Playing CTF's. 

• Simulated Realistic Environment for Hacking: Basically, as we discussed above. CTF includes real time vulnerabilities which are actually present in the live websites. So, This can also help in BUG Bounty. If you practice your skills and polish them, You can actually participate in Bug Bounty programs to get paid by reporting vulnerabilities. HackerOne provides invitations for private Bug Bounty programs if you solve their CTF challenges and submit the flags.

• Can help to clear interviews: Even CTF's can help you to get your interviews cleared.After getting familiar with CTF's you'll know how to find a vulnerability, how to exploit it, your own strategy and practical knowledge that you've gained while solving the CTF challenges can help to clear technical interviews in Cyber Security domain.

Career in Cyber Security by playing CTF:

Many companies like Google, TCS, etc.conduct CTF as their Recruitment process. By Solving those CTF's can get you a job in a company which can pay a decent wage. So, without any delay start your Cyber Security career by solving some CTF challenges

Some CTF Platforms For Beginners:

• TryHackme    
• CTFLearn  
• PortSwigger
• defendTheWeb 
• Hackthissite 
• HellBoundHackers 
• Owasp Juice Shop 

That's it. If you got familiar once. Don't forget to try HackTheBox, root0x0 Sql Injection challenges and XSS challenges. 

Thank you....

Keep Learning And Keep Growing...

Career In Cyber Security

Career in Cyber Security

Well, we all knew about Cyber Security and we wanted to get into Cyber Security. But, do you know What are the possibilities to get into Cyber Security and how the life will be in Cyber Security. You are going to find out the answers for all of your questions in this blog. This blog is for the people who are looking to start their career in Cyber Security or wanting to switch to other domain.

Before Writing this blog. I met some professionals asking How? Why? When? they came into Cyber Security. So, the answers will be based on their experience and suggestions.

Let's begin with this basic question.

Who can get into Cyber Security?

There is no gender inequality or any other discrimination's in Cyber Security. Even if you are from any other technical or non technical background other than Computers/IT .Background doesn't matter here. Through Proper Training and Mentoring anybody can get a job in Cyber Security But Building a successful career and professionalism in Cyber Security is in our hands.

Many of the professionals, who are from Mechanical Engineering, Civil Engineering, Metallurgy and other Non Technical fields, successfully built their career in Cyber Security. Even I'm from Mechanical Background But my passion led me to get into Cyber Security.

So ,if you are Passionate about it. Nothing can stop you from being what you like and what you want to be.

Now let's move on to your second Question...

How to Get Into Cyber Security?

First we'll talk about our perspective.

Many of us think, Getting into Cyber Security is an easy part. But it's not. A lot of skills are required both technically and logically. Not only our technical skills but also our logical skills also matter in Cyber Security.

I wanted to bust some of the myths That believe that they can get us a job.

Myth-1:  CTF's

CTF's (Capture The Flag) are best practices to improve our skills in Cyber Security. The main concept of CTF's are to introduce the concept of a vulnerability and where we can find such vulnerabilities. This also highlights the way of approach to find that vulnerability. But sadly these CTF's can't get you a job. Including major platforms like tryhackme & Hackthebox.

Myth-2:  Certifications

We have plenty of certifications in Cyber Security such as oscp, ceh, cissp, ccna, oswe, osed, etc .May be they can get interviews but clearing those interviews will be in our hands. To clear those certifications, we need to get training. We can also clear them without training but definitely we'll miss some of the important concepts.

Myth-3:  Bug Bounty

This one is the most popular trending hot topic everyone is trying to be. But being a bug hunter is really a bad idea. Most of the people choose bug bounty as their career. But in my opinion Being a bug Hunter is a toughest job. It is fine Only as a habit. But Full time bug bounty is not a decent one. As we mentioned in above myth, It can get you interviews but clearing those interviews is in our hands. And for a successful bug hunter, A mentor is necessary.

I hope I covered all the myths. If anything is missing Let me know in the comments section.

Now let's speak reality.

After talking to many of the professionals. There journey began with these two-

Through Practical Training:

Many of the professionals said, They are mentored by some institution or a private company to get into Cyber Security. Having Proper Training and Clearing all the concepts and understanding every concept in a practical manner might be a way to get a job with decent pay scale. They also mentioned "Having a good understanding in the concepts can help you to clear the interview and also help you to grow in your professional life."

Campus placement: 

Some of them cleared the campus interview and started their career as a fresher in Cyber Security.But at the beginning it was tough. But Later it was like an interesting game.

Up to Now, I hope everyone reading this, is clear about Getting into Cyber Security.

Now let's dig deeper....

How will be the workload and tremble in Cyber Security?

After I asked about this Question, The way they answered made me wonder.

Apart from their job role. They said "it was fun. Everyday is new Day in Cyber Security And it helped us to learn New Things Everyday."

So,When we are in Cyber Security, we have to learn New Technologies and have to understand them, the way they behave and the way they communicate. By Doing these things we can find a way to exploit them before they get into the market.

Now, The Workload Will be moderate,But Even at Heavy workloads we can Enjoy the work in Cyber Security. It is like a game. But sometimes it can make us frustrated but it is enjoyable when we do our work.

When the attack Happened, Being an Incident Response Team We have to work late nights. But We are doing what we love.

All these answers are based on the real answers given by the professionals.

OK, we know how to get into Cyber Security, We know how is the work life

Choosing Career in Cyber Security

Now we'll talk about What to choose if you are into cybersecurity. 

Well, Cyber Security has different sub-domains mainly focused on different concepts. If you are good at something Then you can easily build a career.

• If you are good in networking, you can choose Network Security. Basically Network Security requires keen Understanding of every networking  concept starting from routers, switches, layers to firewalls, antivirus etc. But This sub-domain mainly focuses on security aspects only.
• For Network Security,Having a CCNA certification will be an advantage. But it won't get you  a job. It just give you a detailed understanding of networking concepts.

If you are good at Development, Application Security is better for you.

In Application security, we have different areas.

• If You are good at Web Application. You can choose web Application security.It Helps you get more understanding of what is going on.
• If you are good at Android/IoS development. Then Mobile Application Security is the better choice.

• If you are good at Coding. We'll Application development is also a coding department. But, If you love to code. Then cryptography is your choice. The best Department for coding lovers.

• If you are good at assembly language and C++, Then Reverse Engineering and Malware analysis will be good for you.