Interview with CyberSecurity Talent: Kyaw Min Thein

Cybersecurity/ Ethical Hacking/ Bounty Hunting have captured the hearts of young talents in Myanmar.  This month, YEHG is wholeheartedly proud to feature a young cybersecurity talent, Kyaw Min Thein. 
_______________________________________



_______________________________________


1) A bit about yourself.

My name is Kyaw Min Thein. I'm current a final year student at University of Technology ( Yatanarpon Cyber City), Mandalay.  I hold eLearnSecurity Web application Penetration Tester certification.

2) What made you become obsessed with ethical hacking?

How windows and linux OS were build, how computers were invented and how they connect with each other are so interesting for me.


3) How did you practise ethical hacking?

At the beginning, I took a training from Cretigon. Then, I learned OWASP webgoat series and read webgoat tutorials from yehg. After that, I subscribed eWPT course from Elearn Security and I got eWPT certificate. I like web exploitation, binary exploitation and red teaming, threat hunting and threat intelligence and I have some good experiences on them.

4) What is your ambition for the future?

I want to be part of red or blue team operation. If there is a chance to work under Ko Ye Yint, Ko Kyaw Min Thant, Ko Kaung Htet, I will be very thankful and happy. I want to write some zero day exploits. My future life plan is to work at world-renowned companies like Apple.

5) Tell us how anyone can admire your success and follow your life.

Facebook - https://www.facebook.com/kyawminthein.weev3 
GitHub - https://github.com/weev3 
Twitter - https://twitter.com/kyawminthein99?lang=en

6)  What are the achievements you have been proud of so far?

There are several bugs I feel proud of discovering:

HackerOne Reports:
https://hackerone.com/weev3kyaw

XSS in MS Outlook iOS App:
https://kyawminthein901497298.wordpress.com/2018/02/18/storedblind-xss-in-microsoft-outlook/

XSS in Amazon Drive:
https://kyawminthein901497298.wordpress.com/2018/02/18/storedblind-xss-in-amazion-drive/

XSS in Yahoo mail iOS app:
https://kyawminthein901497298.wordpress.com/2018/07/03/stored-xss-in-yahoo-mail-ios-app3500/

XSS in Drupal Core:
https://www.drupal.org/sa-core-2018-003

Google HOF:
https://bughunter.withgoogle.com/profile/1327b2e5-eaf0-45d7-a832-977b4619f957

Microsoft HOF:
https://technet.microsoft.com/en-us/security/cc308575.aspx

 


Popular posts from this blog

Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability

OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities (CVE-2012-0872)

Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution