Our videos have over 5 million views on Youtube! Visit our channel now »
The listings featured on this site are from companies from which this site receives compensation. Read the Advertising Disclosure for more information
Disclosure:
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers, and are based on the reviewers' independent and professional examination of the products/services.

Ownership

vpnMentor is owned by Kape Technologies PLC, which owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that were written by our experts and follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will be based on an independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, which will however not affect the review but might affect the rankings. The latter are determined on the basis of customer satisfaction of previous sales and compensation received.

Reviews Guidelines

The reviews published on vpnMentor are written by experts that examine the products according to our strict reviewing standards. Such standards ensure that each review is based on the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may take into consideration the affiliate commissions we earn for purchases through links on our website.

Taha Smily and a New Generation of Ethical Hackers are Using Their Skills to Keep the Internet Secure

I recently sat down with Taha Smily, an independent cybersecurity researcher to talk about the role he and other members of a new generation of ethical hackers play in keeping sites secure.

Please tell me a little bit about yourself and how you got involved in cybersecurity research.

My name is Taha Smily; I’m an independent security researcher and cryptography analyst from Morocco. I’m self-taught in several programming languages (HTML, PHP, JavaScript, CSS, and python), cryptography as well as basic network, steganography, and forensics. I’m also a Capture the Flag player.

I work in the Open Bug Bounty platform where I have uncovered about 3,000 vulnerabilities on various websites which I then report to the sites’ owners. As a result of my work, I am in the Hall of Fame of several major companies and organizations, including Microsoft, Apple, Nokia, Pivotal, and Cert-Europe.

What are some of your recent security projects?

I am currently involved in several security projects including the development of web-server testing tools. Additionally, I have just finished authoring a book “Methodology of Web Application Security” which will be published soon.

You are also a "security vulnerability bounty hunter" - what does that mean?

Security vulnerability bounty hunters are a new generation of ethical hackers who help companies discover and fix their security bugs.

A “Bug Bounty” is the deal offered by companies to ethical hackers like me in exchange for uncovering security bugs. These bug bounty programs pay for these discoveries on a scale proportionate to the severity of the bug.

What is the openbugbounty.org platform and how does it work?

The Open Bug Bounty platform was started by a group of independent security researchers in June 2014. It is a non-profit platform designed to connect security researchers and website owners in a transparent, respectful and mutually valuable manner. Our purpose is to make the web a safer place for everyone.

We have no financial or commercial interest in the project. Moreover, we pay hosting expenses and web development costs from our pocket and spend our nights verifying new submissions.

How do you decide which sites to test for security flaws?

I like to test the popular sites and sites that may appear to be strong and secure. Of course, I am especially interested in looking at sites who are concerned about their security and those who offer bounties.

Do you do it for fun or profit?

I do it for fun because I enjoy new challenges, but yes, also for profit!

Do you find most companies appreciative when you report a vulnerability?

Yes. The security and protection of information and personal data has become a great concern for companies these days.

What are the most common vulnerabilities you encounter?

The most common issues I see are Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and subdomain takeovers.

Cross-Site Scripting (XSS) is when malicious scripts are injected into otherwise benign and trusted websites. These attacks are generally in the form of a browser side script and can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. While not actual theft of data, a successful CSRF attack can force the user to perform state-changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

Subdomain Takeover is a type of vulnerability which appears when a DNS entry (subdomain) of an organization points to an external service, but the service is no longer utilized. An attacker could register to the External Service and claim the affected subdomain. As a result, the attacker could host malicious code (ex. for stealing HTTP cookies) on the organization's subdomain and use it to attack legitimate users.

What are some of the most serious vulnerabilities you have seen?

The most serious vulnerabilities I have encountered are SQL injection for dumping databases and remote code execution.

SQL injection is a code injection technique, whereby nefarious SQL statements are inserted into an entry field for execution in order to dump the database contents to the attacker.

Remote code execution is an attacker's ability to execute any command of the attacker's choice on a target machine or in a target process. It is one of the most powerful bugs because it allows an attacker to completely take over the vulnerable process. From there the attacker can potentially take complete control over the machine the process is running on, allowing malware to run on a computer without the owner's consent.

From your experience as a cybersecurity researcher, what advice can you offer to today's software developers?

The most important advice I can give is to keep pace with security gaps and the latest updates in the field of information security. In addition, it is crucial to work with researchers in cybersecurity to detect and fix any security issues before rolling products out to the public.

Where do you see software security heading in the future?

The real problem with software security is even deeper than can be addressed with best practices and specialized languages. A complete redesign of software architecture from the OS level up is likely required to solve the systemic problems with the Internet of Things and beyond.

About the Author

Gail’s first PC was a TRS-80 which required a cassette tape to boot up. In the decades that followed, she created and developed websites, emails, and banners as the perfect way to combine her love for design, technology, and writing.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback
Comment Comment must be from 5 to 2500 characters long.