Interview with CyberSecurity Talent: Kyaw Thiha

Cybersecurity/ Ethical Hacking/ Bounty Hunting have captured the hearts of young talents in Myanmar.  This month, YEHG is wholeheartedly proud to feature a young cybersecurity talent, Kyaw Thiha. 


1) A bit about yourself
I am Kyaw Thiha , currently working as Cyber Security Consultant in BDO Advisory Singpore and ex-team member of Kernellix and mmCERT.

 2) What made you become obsessed with pentesting/redteaming?

I am kind of technical passionate. By learning the cyber security stuffs , I feel like I am good at this and have confidence in myself.

 3) Please share how you achieved eLearn PTX certification.

PTX is a challenging exam for me. Though I don't have much experience in Red Team , I learned a lot by taking PTX. It is 48 hours exam and you will get another 48 hours for report which doesn't need to be too fancy unless you want it to be. It is a lot similar to real world red team exercise. You will need all the red team skills to pass the exam. The goal of the exam is to get fully compromised total domain tree. Hence it is Active Directory environment , the knowledge in windows Active Directory is a must and need to familiar with the attacks in AD and the exam is more focus on post exploitation. The blogs of adsecurity , blackhillinfosec , specterops helped me a lot. Mimikitz of course would be a very helpful tool as well as Bloodhound. Last but not least , It took me 3 times to pass the exam though , I enjoyed a lot.

4) How do you foresee yourself in next couple years?

I hoped I could expend my knowledge and skill more than now. And I hope I could do more research in exploit development.

5) How anyone can admire your success and follow your ife.

Some of my certification is written at facebook as a note in my native language.

I wrote my experience of OSCP in medium.

Here is my blog , bare with my writing , I wrote as notes.

And here is my github link. Mostly I do forked than creating mine .

Popular posts from this blog

CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities

Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability