[Nouha Ben Brahim] (0:00 - 0:24)

My advice would be something like stay creative if you're doing hacking because most good hackers are really creative minds. I've been trying also to apply that in my work and trying to connect with creative people that really helped me. I would advise people to collaborate with others.

You will learn and you will teach at the same time.

[Kyser Clark] (0:24 - 2:08)

The hacker spirit is like sharing information and teaching the community at large. Definitely don't be afraid to reach out to people and just have a conversation. Hi, I'm Kyser Clark and welcome to The Hacker's Cache, the show that decrypts the secrets of offensive security one bite at a time.

Every week I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer, or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you. Hello, hello, welcome to The Hacker's Cache.

My name is Kyser Clark, the host of the show. I have six years of cybersecurity experience and I currently work as a full-time penetration tester. In today's episode, I have Noha Ben-Rahim who was programming in Python for seven years, then turned into a freelance bug bounty hunter.

She's been doing that for over two years now and then also started and founded No Breach, which was founded last year. For certifications, Noha has the EC Council Digital Forensics Essentials, that's the DFE, and the Cisco Certified Network Associate, that's the CCNA. She is an author and a speaker and she is also the host of the Hacker's Line podcast.

And I'm a little biased here, but I was on episode number two and it was a great episode. Definitely listen to that episode. If you are interested in other hacking podcasts, I highly recommend it.

She's got more episodes on the way and I really enjoyed episode one as well, the one episode I wasn't on. So definitely always on the lookout for more cybersecurity content. So definitely check that out if you are interested in hacking podcasts.

So Noha, thanks for joining in the show. Thanks for doing this with me. Go ahead and unpack some of your experience and introduce yourself to the audience.

[Nouha Ben Brahim] (2:08 - 2:15)

Hello, Kyser. Thank you so much for having me on the show. It's really thrilling to be here as a guest.

[Kyser Clark] (2:15 - 2:24)

Go ahead and explain like, you know, what made you go from just being like a Python programmer into being a bug bounty hunter slash web hacker?

[Nouha Ben Brahim] (2:24 - 4:32)

The transition was kind of unexpected because I was going on a programmer path and I've learned and mastered Python and I spent a lot of time working on it. It took me seven years to fully master programming language. But then I was like, by coincidence, I found a book called Black Hat Python, I guess.

And that book introduced me to hacking using Python. And I started thinking of experimenting more with what I can do with this skill. So after I finished reading that book, I considered trying hacking and learning about how to hack stuff and all that.

But I had a very wrong image about hacking at first. And I thought it's really cool and very easy to do and all that because that's the image we've always seen in movies and on the internet and all that. I started learning the basics of hacking.

Then after like building a strong foundation, I started doing bug bounty hunting because later on I was introduced to bug bounty hunting, which is how to hack on websites or web applications in legal ways. So I started doing bug bounty hunting. And then I thought, why not start a company?

If I'm really doing this and I really love what I do, then I should help others. Then I should solve a problem. So I started NoBreach last year.

We offer services like pen testing. We are all about offensive security. So we offer pen testing services for all business sides, like whoever wants to test their web application or their infrastructure, depending on their needs, we do it for them.

We also offer training for students or people who want to transition into cybersecurity.

[Kyser Clark] (4:33 - 4:39)

Does NoBreach do web application assessments and network pen tests or just like web hacking only?

[Nouha Ben Brahim] (4:40 - 4:44)

We do web application assessments and network scanning and all that.

[Kyser Clark] (4:44 - 4:52)

What are some of the best resources to learn web hacking? If someone wants to become a web hacker, what's the best place to start?

[Nouha Ben Brahim] (4:52 - 6:36)

Well, the best place to start is actually by trying to experiment with everything. Well, now it's really easy to start learning because information is everywhere. It's really easy to find information nowadays.

But the problem is how to use that information because it's really overwhelming. You don't know what to do with what you have. So I wouldn't recommend spending a long time reading books because that's what everybody did before.

Maybe not everybody, but that's what I did. I think that for someone to start hacking, they need to learn the basics. So for me, resources is just googling everything.

Trying to make researches is really helpful because let's take, for example, if you're trying to learn what a specific vulnerability is, you need to learn a lot about it. If you want to learn what IDOR is, you need to figure out how IDOR works and how people actually deliver attacks and how people actually exploit that vulnerability. So what you need to do is to gather as much information as you can.

Try to search for everything. Try to be open to everything. Don't rely on one source.

Don't rely on just YouTube videos. Don't rely on just reading articles. Do everything.

Read the articles and watch the videos and solve the labs and do all of that. So it's really worth it.

[Kyser Clark] (6:36 - 7:03)

Yeah, I agree with you on the book part. I've read a few hacking books and I feel like I didn't get a lot of value out of them. I feel like you definitely get way more value out of them if you're doing the hands-on activities because some of those books have hands-on activities.

But even then, I felt like the hands-on activities were kind of outdated and I found a lot of success in going out for certifications and doing try-hacking and hack-the-boxes really where I learned my web hacking skills.

[Nouha Ben Brahim] (7:03 - 7:35)

The best way to start learning is by trying. The best way to start learning is to try to apply what you've learned. If you read something or watch a video, try doing some labs, playing some CTF.

It introduces you to the world of hacking even though it's not really so effective because CTF is not like real hacking. It's really different than hacking in real life. It's really complicated but it still introduces you to that.

[Kyser Clark] (7:35 - 8:26)

Yeah, you're absolutely right. CTFs are way different than real world pen testing because the thing with the CTF is you know there's a vulnerability there and you know there's a solution to it. When you're doing real world hacking and you're doing real pen testing, it's like does this have a vulnerability?

You don't know. It may or may not. It might have several vulnerabilities that you can exploit and sometimes you don't always win in the real world and whereas CTFs is like there is a yes there is a way to get in here and in real world pen testing it's like there you know this could be a pretty secure system.

There might not be a way in here or maybe there there is but it's you know above your skill level so yeah it is way different for sure. I still think CTFs are a good training platform. I think they're the best hands-on activities you can do to prepare you for the real world but they definitely don't simulate the real world 100 percent.

[Nouha Ben Brahim] (8:27 - 8:59)

Yes, because using online labs like Hack the Box, TryHacky or Webgo to practice hacking offers the practice of hacking in a safe environment. For someone just starting out learning the basics not skipping the basics like studying about common vulnerabilities and combined with hands-on practice and continuous learning will allow them for a good start to make a great start and great way of breaking in once you're hacking.

[Kyser Clark] (8:59 - 9:13)

Great advice. So let's go ahead and get in our rapid fire discussion before we get too far in the episode here. Noha will have 30 seconds to answer five questions and if she answers all five questions in 30 seconds she'll get a bonus six questions.

Noha are you ready?

[Nouha Ben Brahim] (9:14 - 9:15)

Yes, I'm totally ready.

[Kyser Clark] (9:15 - 9:21)

Your time will start after I stop asking the first question. Here we go. What is the most concerning cyber breach so far?

[Nouha Ben Brahim] (9:22 - 9:27)

I think the latest CrowdStrike incident.

[Kyser Clark] (9:27 - 9:29)

What operating system is your personal computer?

[Nouha Ben Brahim] (9:30 - 9:32)

I use both Linux and Windows.

[Kyser Clark] (9:32 - 9:34)

Best advice for aspiring hackers?

[Nouha Ben Brahim] (9:34 - 9:41)

Start doing it today. If you want to become a hacker, you're already a hacker, just try to think out of the box.

[Kyser Clark] (9:42 - 9:43)

Least favorite part of the job?

[Nouha Ben Brahim] (9:44 - 9:47)

I don't know, maybe dealing with stakeholders.

[Kyser Clark] (9:48 - 9:50)

Most critical security vulnerability today?

[Nouha Ben Brahim] (9:52 - 9:55)

I think authentication issues.

[Kyser Clark] (9:55 - 10:21)

That was about 48 seconds so a little over 30 but great responses. Let's go ahead and talk about the CrowdStrike thing because that was just broke a few days ago for the listeners and watchers of this episode. It's going to be about a month ago because I'm about a month ahead in my recordings but it's still good to talk about regardless.

So you said it's the most concerning cyber breach so far. I think the reason why you said that is because so there's been reports saying that it's the biggest IT outage in the history of the world.

[Nouha Ben Brahim] (10:21 - 10:21)

Exactly.

[Kyser Clark] (10:22 - 10:37)

I don't know if that's super factual but I think there's a lot of there's a lot of validity there. So is that why you think it's the most concerning cyber breach so far even though technically wasn't a cyber breach it was more of a misconfiguration slash redundancy issue?

[Nouha Ben Brahim] (10:38 - 11:35)

Yes, well technically it's not a breach because no data was exposed or anything like that but what is so concerning is that because of it a lot of services has been disrupted and a lot of services have been down and a lot of areas got affected like in airports I think, offices, a lot of companies got affected by that and that's really serious because I've heard that some hospitals and healthcare industry a lot of things got affected. So it's really concerning because the effect of it was really wide.

So even though there was no data breached or anything like that sometimes if a service is down and no one is able to access it that's horrible that's a very horrible incident.

[Kyser Clark] (11:35 - 12:36)

Right yeah and like it wasn't a cyber breach like you said no data was exfiltrated and there wasn't really an attacker either but it kind of highlights the fact that you know if there was an attacker like a cyber attack could cause that level of outage for the whole world and potentially even worse like it could get worse than that and I made a meme the other day it was basically like saying that this is the biggest IT outage in the history of the world so far because I really do think that it is going to get worse the more we are interconnecting our devices to each other around the world the more prone we are to this type of situation and the more prone we are to this type of situation the more likely we are to experience threat actors you know trying to take down civilization through computer breaches and hacks.

Okay so let's get into what are you finding the most in web hacking today so what's some what's some common vulnerabilities that you're seeing that pop up more often than the other ones?

[Nouha Ben Brahim] (12:36 - 14:16)

Well as for web applications we have GraphQL issues, we have GraphQL flaws, we have authentication issues are really rising and IDORs. Experts are saying that number one vulnerability and most commonly found is IDOR but then there's authentication issues like authentication bypass, authorization issues and then I think GraphQL is not everyone's going to think about it like not everyone is going to think that there might be issues of GraphQL exposing like data and information. Other thing I'd say dentists are really paying attention to is the exposure of information in errors or stack traces by applications so sometimes a misconfigured web application or a web application that is not securely coded might expose a lot of useful information valuable information to an attacker through its error messages.

So personally that's what I've been finding as it really depends on what you're working on sometimes people are doing source code auditing it depends on what they're doing but for me as for web application hacking web application assessment I list them so it's IDOR authentication bypass and then authorization issues and info exposure through stack traces or error messages.

[Kyser Clark] (14:16 - 14:56)

Nice and you mentioned GraphQL and that's a funny story because my first ever web app assessment that I was put on was GraphQL and I'll be honest with you I didn't know anything about GraphQL before I got put on that I'm like I've never learned I never even heard the word or term GraphQL in any like certification exam or any training that I did on try hack me hack the box I'm like man I've you know I've learned a lot of hacking things and then you know I get on my first web app and it's like GraphQL I'm like what what's GraphQL I have no idea what this is can you explain what GraphQL is and like where you could figure out like how to exploit GraphQL like what are the resources to learn how to exploit GraphQL.

[Nouha Ben Brahim] (14:56 - 16:21)

Many applications nowadays uses GraphQL. GraphQL is a pure language for APIs it's a runtime for executing those queries so it allows clients to request only the data they need making it more efficient let's say flexible compared to traditional REST APIs so with GraphQL you can specify exactly what data you need like clients can make requests specific fields making responses more compact and reducing the over fetching of data so GraphQL is generally a strongly typed scheme so GraphQL uses a type system to describe the data which helps in validating queries against the scheme before execution and one cool thing about it it's allows the real-time data with um so GraphQL supports real-time updates through subscriptions so um GraphQL by the way is developed and maintained by Facebook and it has become popular for building efficient and flexible APIs so the reason why I found that GraphQL issue is because I was testing on APIs so if you're paying attention to APIs you can find the GraphQL

[Kyser Clark] (16:21 - 16:49)

vulnerabilities okay yeah that's good to know I was glad you unpacked that a little bit because my next question was going to be uh you know why would someone pick GraphQL over a traditional API so thanks for answering that so I'm going to switch topics a little bit on you here so you speak at events and I'm curious on how does one become a speaker at an event and more importantly how does someone how could someone come up with a topic to speak about if they want to speak

[Nouha Ben Brahim] (16:49 - 19:16)

at an event but they have no idea what what to talk about so it depends on the theme of the event so if the event is a hacking conference and there's going to be some hackers or it's a like I've been always present in hack songs I've been speaking in conferences on conducting workshops to train the hackathon participants so it depends on what you are doing and it depends on the message that you want to deliver for me um coming up with a topic is more like coming up with a story that you want to tell so um for example last time I was speaking at hack for iot event which is a hackathon but designed to hack on iot devices and in my workshop I I was thinking about what kind of information I would like to present what kind of message I want to deliver so I started talking about hacking incidents what happened before and how vehicles and appliances and wearable devices got affected by iot vulnerabilities so if you are going to come up with a topic you need to gather a lot of information do your homework and and tell a story so I told the story of the famous jeep hack that happened um in 2013 I guess and and that was really compelling because people did not know about it people did not know that happened so if you want to keep them interested to keep the audience interested and to teach them something you need to tell a story tell them a story they did not hear before and that will make everything later on easier for you as a speaker because you have this story to tell and what we learn from it so that's my go-to method I keep my presentations really short because I want to tell the story and I don't want them to be so focused on the slides and the data and numbers on the slides so I just use more visual elements and do the speaking more than just cluttering the presentation behind you that can be a little overwhelming for new speakers or the audience

[Kyser Clark] (19:16 - 19:31)

yeah I can definitely relate to that like I've seen presentations and you'll see the slide and there's like a bar chart a pie chart you know all these numbers and bullet points and you're trying to read those while simultaneously listening to the speaker and it's hard

[Nouha Ben Brahim] (19:31 - 19:56)

it's most people don't even read it yeah so most people don't even read that they they just stare at it they they can like turn on their cameras and take a photo of it but they're not even interested in data they're not going to do the analyzing thing for you they they just want to hear like what is your point what is the point of all of this so they wouldn't really be so

[Kyser Clark] (19:56 - 20:13)

interested in numbers that's great advice yeah maybe uh you know maybe you just put a picture up of uh you know a beautiful sunset and then just talk away what advice would you give to someone who is considering starting their own cyber security company or wanting to become a freelancer

[Nouha Ben Brahim] (20:13 - 21:52)

well for someone to start a company in cyber security it's a lot of hard work so um if you are coming from a technical background like me um so you have that foundation to start from if you are or not then you need to do like market research and try to understand what kind of solution you're going to provide what kind of services um you're going to provide what is happening right now like you have to at least if you're not a technical person you need to stay so up-to-date you need to learn about what happened recently read the news read articles and build a good connection like network with people who are in the industry people who are already doing um the technical stuff and if you are coming from a technical background that's gonna make things a little easier for you because you're going to understand how things are working and and of course that would naturally make you so active and up-to-date and well for technical people i would advise them to work on their soft skills and for non-technical people i would advise them to work um on their technical skills a little to at least have the required knowledge but generally starting a company today in cyber security is really scary really daunting but totally worth it so what makes it really scary really daunting is it

[Kyser Clark] (21:52 - 22:00)

like trying to find work to do like trying to find customers trying to find clients is that what makes it harder is there other is it is it deeper than that well what makes it really scary

[Nouha Ben Brahim] (22:00 - 23:46)

is building that trust building a brand that people will trust so if you are going to provide pen testing services why would someone ever buy from you why would they agree to you are you really caring about the quality of your solutions did you think a lot about what they need like are you meeting the requirements of clients so the scary part is trying to meet the requirements ensure that your solutions are high quality you know like you need to build trust you need to show what you're capable of as a company you need to stand out you need to do something different and at the same time you have to it's it's a big risk to take but there there is a solution for everything so if you are a creative person you're thinking creatively you can find solutions and people would definitely go for you because you are providing them with what they need so the scary part for most entrepreneurs or people who are starting a company in cyber security is they're still lost they're thinking what to provide what solution will they design what do they need to provide if you've already figured out what you want to provide that's a good start because from there you would develop you will evolve and you will improve your services if they're already existing you would improve those ideas and great advice thanks for thanks for

[Kyser Clark] (23:46 - 23:58)

sharing that and uh so the next topic i want to get into is your podcast so you started the hacker's line can you talk about that for a little bit yeah the hacker's line the hacker's line is

[Nouha Ben Brahim] (23:58 - 25:32)

actually the quickest podcast chance because it happened really unexpectedly like um i was just i was just working i i was um i don't know what i was doing actually but i was just doing some boring stuff and then i i i thought of you know why not add some fun to my life why not start a podcast and then i was thinking um what kind of podcast would it be i would just do what i love so it's about hacking and then i and then i saw that i've learned with from great people in the industry hackers um like frederick alexanderson or robovenry those big names in bug bounty hunting that i was a really big fan of and and then and then i've been like imagining the final results how it would be if i invited them and and it happened really quick happens i i still i still don't know how it happened actually but yeah it was um a really cool a really cool story because it happens really quick and actually i'm very new to broadcasting things but i think it takes a lot of courage to do something like that but yeah uh yeah i really enjoy i really enjoy um being a podcaster and the hackers line is a is a really great experience for me yeah i i agree i mean i'm

[Kyser Clark] (25:32 - 26:02)

i'm a new podcaster too this is the 11th episode definitely you know not in my comfort zone to to do these recordings and it's um kind of stressful sometimes yeah do you feel less stressful when you're the guest and not the host because that's because when i was on your podcast it was like easy for me i was like all i have to do is just answer the questions and that's it and then when in this seat is the host it's like i gotta come up with the questions and you know carry the conversation so do you feel the same way or how do you feel about being a guest compared to the host

[Nouha Ben Brahim] (26:02 - 26:54)

well i think being a guest is much easier than hosting because when you're hosting you're so worried about how things will go so you're worried about how things will go wrong and for me personally i've i've been in those situations where where i was just recording and then i don't know my pc like completely got automatic automatically turned off and i don't know why and and that was not just some ill luck uh besides it's a technical issue but it was oh god i was really embarrassed because i was already having my guest in and he was like waiting and i was like hold on i'm just trying to reboot my pc so so being the host is big responsibility i guess yeah it definitely

[Kyser Clark] (26:54 - 27:20)

is it's it's definitely hard to do but um it's fun to do so i definitely encourage people to you know make content and uh yeah i appreciate you inviting me onto your show and i had a good time and uh i think i was a i was a better speaker in your podcast than i was my own podcast because like you said it's a lot more stressful being the host in my opinion so i'm glad we could talk about that uh especially getting that on my podcast because um yeah not a lot of podcasts out there

[Nouha Ben Brahim] (27:20 - 28:28)

so it's nice to have that in common with you yes i i totally enjoyed um having you as a guest and i am now really enjoying being a guest in your podcast it's really fun and i i like um talking about web hacking and hacking in general so it was really a great topic and your entire idea of making um as a hacker's case is it the hacker's case the entire idea of making a podcast is really great because you're sharing knowledge and um you're connecting with experts who are willing to share knowledge which is really great we need we need hacking podcasts i i would love to drive and just listen to my hacking news and all that that's that feels so relevant to me and i'm sure that a lot of people are are are relating to this i am sure a lot of people are enjoying the idea of listening to hacking podcast so yeah congratulations on your launch it's um an amazing idea thank you

[Kyser Clark] (28:28 - 28:56)

yeah and that's the that's the goal i literally just made the podcast that i wanted to listen to and uh hopefully other people you know find value in it i know there is a lot of people that started to reach out so they've liked these episodes so at this point i just gotta keep at it keep providing value and for me like i'm learning i feel like the my guests know about hacking more than i do so i'm learning from the guests too and recording the conversations and having the world learn the same thing i'm learning is very powerful it makes the world more secure in my opinion

[Nouha Ben Brahim] (28:56 - 29:55)

exactly that's what that's how i feel too when i when i interviewed you we talked about certifications that day and you have no idea how much it helped me understand more things about certifications so so i think um being a host and inviting people and talking about topics they they would definitely help you and help listeners because that's where the exchange of information happens we oh we're continuously learning i've never so we're experts but we shouldn't call ourselves experts because oh man we're learning every day like my last guest said we're experts in getting stuck so we're stuck the entire time and we need we need help ourselves so yeah i think um it's really beneficial for us to host both guests yeah and uh for the listeners and viewers of this

[Kyser Clark] (29:55 - 30:36)

episode you don't actually have to start a podcast and record you can get the same value by just reaching out to people and asking you know questions on like hey what do you do how do i get in the field or whatever you want to know cybersecurity professionals are more than willing to share information and i think if you just reach out and ask people questions they're gonna answer you know more times than not because our field is really good about sharing information sharing that's really like the hacker spirit the hacker spirit is like sharing information and teaching the community at large so definitely don't be afraid to reach out to people and just have a conversation because it's actually kind of easy to reach out to people and get information

[Nouha Ben Brahim] (30:36 - 30:42)

out of them exactly i agree i totally agree with you so i'm going to go to our final question which

[Kyser Clark] (30:42 - 30:47)

is uh do you have any additional cybersecurity hot takes or hidden wisdom you would like to share

[Nouha Ben Brahim] (30:47 - 33:16)

well for me personally i don't think i have a lot to add up but i would say i have like this this motto which i have learned recently and it is um hacking or starting starting hacking is not just about being extremely perfect at hacking so it requires creativity a lot of creativity so being creative in hacking is essential because hacking is a mindset and it's not just like finding vulnerabilities and all that that that's the technical part but trying to change your mindset if you're new um everything will seem really complicated to you once you're done with try hackney you'll face the real world which is really complicated so don't be scared we've we've all been at that point where we felt like we're not going anywhere but you're actually allowing yourself to grow so when you feel stuck you're really growing there my advice would be something like stay stay creative stay creative if you're doing hacking because most good hackers are really creative minds they are they're so perfect at thinking out of the box and and all that so yeah i've i've been trying also to apply that in my work trying to be more creative and and trying to connect with creative people that really helped with me i would advise people to collaborate with others if they are ready to collaborate which is really really great when you're just starting out you will learn and you will teach at the same time and that's totally going to pay off later on great advice thanks for sharing where can the audience get a hold of you if they want to connect with you well you can find me on linkedin you can message me anytime you can ask me any questions you can read my articles on medium i am i am writing like sometimes i write about technology sometimes i write about other topics but i'm pretty active on medium um you can find me on spotify on my podcast that's it you can find me

[Kyser Clark] (33:16 - 33:31)

on twitter too but i'm mostly active on linkedin great yeah that's that's me too i'm i have accounts on pretty much everything but i'm i'm on linkedin all the time like there's people that send me discord messages and i just don't see them until like two weeks later but yeah so audience if you

[Nouha Ben Brahim] (33:31 - 33:50)

want to get a hold of me best place for me is linkedin as always thank you for inviting me it is really great collaborating and working with you and i'm looking forward in meeting you in person like maybe at some conference or if you ever thought of coming to tunisia so that would

[Kyser Clark] (33:50 - 34:26)

be nice yeah the feelings mutual likewise so yeah thanks for joining the show and thanks for sharing your experience and uh yeah i think the audience got a lot of value out of this i got a lot of ideas so thanks for coming and thanks for sharing your insights uh no thank you for inviting me it was um really fun talking to you all right audience thank you so much for hanging out thanks for watching if you haven't reviewed the podcast already give it a five star review that's the best way to support the podcast right now so if you want to support the podcast just leave a review and that's uh what helped the most so thanks for watching thanks for listening and this is kaiser signing off