Topic: Security consulant/code reviewer (Read 1625 times)

Reply to THIS post I made instead of avoiding it like the lamer ass coward that you are!

You want me to point out where you got TORN APART.  Just one example?  Here is 5!


ha ha, WTF?  NOOOO You will NOT get 20%, and people will NOT give you their CC simply because you have a website.  Are you for real?  "Deepweb" GTFO nobody calls it that anymore.  20%, 5%, you just invent percentages out of thin air.  Please stop.  $5k is barely a normal salary?  Are you fucking kidding?  $5k is way more than the average person makes.  $5k?  Let us pretend that was monthly, that equals $60k a year.  That is very high.  All of your numbers are wrong.  But I appreciate that you are not claiming to be a hacker.
Please give me the contact info for a firm that is willing to pay 10k per month for some idiot that can open a website as described above.  Or for whatever. 
Bullshit security?  Isn't that what you are offering on this post?
When did $120k per year become so small it "only makes sense for individuals with a low financial intelligence."?
Are you turning your nose up at $120k?  I would kill for a $5k a month job!,, $10k?  I would let people shoot at me!  ha

Nothing in what you just said had anything to do with working for or against bitcoin.
I realize you cannot change your avatar, that is unfortunate that it has become a symbol for noob protestors.
As for you, everything you said is so full of fail and face palm that I regretfully have nothing else to say to you.

You are that schmuck yes?  Or are you just selling bogus insurance?
 If your system is secure, sometimes you want to ensure that your assessment is correct.  Banks do this, I would not insult someone for ensuring that they have worthy security.
Hacking is not brute forcing.
Programming has nothing to do with a green screen.  This is not 1986.
Humans do not type 1s and 0s.
I must question your credentials for any sort of code work that you advertise at this point.
Sorry but everything you said just completely undermines your credibility as a programmer, coder, or anything to do with computers for that matter.  Deepweb?  lol.. deep web.. that was funny.  And those stats!
Please stop.

Thank you
Please take this advice to heart madmadmax.
Everything you wrote was a complete 100% fail.
You forgot to talk about port :139 vulnerabilities with all that green screen, 1s and 0s deep web knowledge.

I am sorry, I normally contain my rage.
FAIL

You are that schmuck yes?  Or are you just selling bogus insurance?
 If your system is secure, sometimes you want to ensure that your assessment is correct.  Banks do this, I would not insult someone for ensuring that they have worthy security.
Hacking is not brute forcing.
Programming has nothing to do with a green screen.  This is not 1986.
Humans do not type 1s and 0s.
I must question your credentials for any sort of code work that you advertise at this point.
Sorry but everything you said just completely undermines your credibility as a programmer, coder, or anything to do with computers for that matter.  Deepweb?  lol.. deep web.. that was funny.  And those stats!
Please stop.

ha ha, WTF?  NOOOO You will NOT get 20%, and people will NOT give you their CC simply because you have a website.  Are you for real?  "Deepweb" GTFO nobody calls it that anymore.  20%, 5%, you just invent percentages out of thin air.  Please stop.  $5k is barely a normal salary?  Are you fucking kidding?  $5k is way more than the average person makes.  $5k?  Let us pretend that was monthly, that equals $60k a year.  That is very high.  All of your numbers are wrong.  But I appreciate that you are not claiming to be a hacker.

I do not really see why the public portrays hackers as intriguing individuals, when hacking is about as tasteless as vandalism, anyone can setup an anonymous server with a domain asking for credit card numbers in exchange for Emma Watsons nudes if you have 100k targeted views there will be at least 20% credit cards submitted, average of 1k per credit card is 20k if you sell them on the deepweb for 5% then you've got 5k which barely makes a normal salary.

The problem is if you're that good why not work for a european firm and make 10k per month doing some bullshit security job plus have all the perks and avoid the risk of getting locked up, only makes sense for individuals with a low financial intelligence. The average human is so dumb he would trade his credit card info for a chocolate bar, playing our monkey brains large scale is about as impressive as stealing candy from a kid, imagine if you get locked up for 5 years after 5 years of work your monthly salary gets inflated to 2.5 versus the 10 that you could have been making.

This is why Bitcoin works as a monetary system so well, it pays significantly more to work for the system than against it. The avatar was set back in 2011 when they still allowed avatars, no ill intent in mind. I still like to keep it because it reminds me of how infinitely not noob I am vs most of the forum.

No such thing as a white hat hacker either, if your system is secure there is no need to order some schmuck to try to bruteforce the password or type in zeros and ones against a green screen to attempt and gain access.

you call yourself a "hacker" yet this obviously will not work in real life
sit down and think about why

I am checking the code, not doing pentesting, if nobody derped up while writing it and the implementation is correct then there is no reason to pentest it. Automatic pentesting software is only applicable when looking for flaws in a large number of websites seeking one to exploit (or one to secure if you come knocking on the door offering your services), it has absolutely no use when securing a single business.

I don't slack and work fast, 40$ per hour is really nothing when it doesn't take that long to review a whole website.

From what I read, you're just making stuff up on the spot with no actual experience of evidence to back it up. $40/hour is an absolute joke unless you can actually prove you know what you're doing. I know a lot of pentesters that are good and will work for less than that. Secondly, you're an idiot because you start flaming everyone on your sales thread. This is business 101, you're not going to get any clients and you might as well start a new thread and get a new mind set.

Your reading comprehension amazes me, we should dissect you and study your dumb brain.

Overall I am still willing to examine businesses for either a stake in the company or monetary compensation, call it giving back to the community.

Please give me one point when I got "torn apart", just one.

ha ha, WTF?  NOOOO You will NOT get 20%, and people will NOT give you their CC simply because you have a website.  Are you for real?  "Deepweb" GTFO nobody calls it that anymore.  20%, 5%, you just invent percentages out of thin air.  Please stop.  $5k is barely a normal salary?  Are you fucking kidding?  $5k is way more than the average person makes.  $5k?  Let us pretend that was monthly, that equals $60k a year.  That is very high.  All of your numbers are wrong.  But I appreciate that you are not claiming to be a hacker.
Please give me the contact info for a firm that is willing to pay 10k per month for some idiot that can open a website as described above.  Or for whatever. 
Bullshit security?  Isn't that what you are offering on this post?
When did $120k per year become so small it "only makes sense for individuals with a low financial intelligence."?
Are you turning your nose up at $120k?  I would kill for a $5k a month job!,, $10k?  I would let people shoot at me!  ha

Nothing in what you just said had anything to do with working for or against bitcoin.
I realize you cannot change your avatar, that is unfortunate that it has become a symbol for noob protestors.
As for you, everything you said is so full of fail and face palm that I regretfully have nothing else to say to you.

You are that schmuck yes?  Or are you just selling bogus insurance?
 If your system is secure, sometimes you want to ensure that your assessment is correct.  Banks do this, I would not insult someone for ensuring that they have worthy security.
Hacking is not brute forcing.
Programming has nothing to do with a green screen.  This is not 1986.
Humans do not type 1s and 0s.
I must question your credentials for any sort of code work that you advertise at this point.
Sorry but everything you said just completely undermines your credibility as a programmer, coder, or anything to do with computers for that matter.  Deepweb?  lol.. deep web.. that was funny.  And those stats!
Please stop.

Thank you
Please take this advice to heart madmadmax.
Everything you wrote was a complete 100% fail.
You forgot to talk about port :139 vulnerabilities with all that green screen, 1s and 0s deep web knowledge.

I am sorry, I normally contain my rage.
FAIL

A lot of the time, it's not the code that is vulnerable. I'll be honest in saying that when I used to do 'illegitimate testing' against websites, the code was normally not the issue. You'll find now that people are using frameworks more and more that get rid of the issues such as the owasp top 10 and so on. It also comes down to the issue that if they're using a lot of classes and a large system (PHP), it would take a long time to go through multiple PHP files just for one single function (hence the per hour thing being a bit ridiculous here).

Thank you for your feedback but pentesting is exactly what I am against if you bother to read the thread, there is no point in pentesting or in white hat hackers, if your system isn't faulty to begin with there is no reason to ask a white hat hacker to attempt to exploit it.

I've had plenty of business experience as I've run a business for many years. Customers generally don't flock towards you if you're volatile to other people that try to put you down. You're in a market where there is plenty of pentesters and almost no demand at all for them. You're not going to get someone giving you $40 an hour with no examples of what you can do and absolutely no idea what you're going to achieve in an hour.

Join programs such as:
-> Hackerone.com
-> Bugcrowd.com

Gain a bit of a profile and get on some bug bounty lists and then come back and try sell your services as you can prove that you at least know something .

I am not flaming anyone, sure I am young and passionate about my work and like to call idiots by their rightful name, idiots.

Throwing blank statements just appeals to the ignorant public, provide an argument I will provide a counter argument.

$40 an hour on a full time job could indeed be relatively high, on a part time job I have seen offers worse than mine run up to 120 euro per hour.

Business 101 is people who matter don't care and people who care don't matter, don't know how much business experience you have but I assure you nobody cares who and what I called someone in the free market. Those who care don't have the money to employ me for 15 minutes anyway.

From what I read, you're just making stuff up on the spot with no actual experience of evidence to back it up. $40/hour is an absolute joke unless you can actually prove you know what you're doing. I know a lot of pentesters that are good and will work for less than that. Secondly, you're an idiot because you start flaming everyone on your sales thread. This is business 101, you're not going to get any clients and you might as well start a new thread and get a new mind set.

Your reading comprehension amazes me, we should dissect you and study your dumb brain.

Overall I am still willing to examine businesses for either a stake in the company or monetary compensation, call it giving back to the community.

Please give me one point when I got "torn apart", just one.

You just got torn appart.
You failed at EVERYTHING you said.
Now you wish to claim you were making nostalgic references to historical crap as a joke.
You were completely NOT funny, and you were completely serious in the bullshit you wrote.

That is why you did not DARE respond to the individual points everyone makes ripping apart you fake intelligence.

When I joke about port 139 nukes, it was clearly a joke.
When you write about 1s and 0s, you were completely serious.

You are an idiot for claiming that someone making 120k a year lacks financial intelligence.
Now you want to pretend that I was focused on 60k per year, and pretend that you make that when you are posting bullshit security consultant ads on a thread that you yourself say would make anyone an idiot for employing you.

You fail in every way.

ha ha, WTF?  NOOOO You will NOT get 20%, and people will NOT give you their CC simply because you have a website.  Are you for real?  "Deepweb" GTFO nobody calls it that anymore.  20%, 5%, you just invent percentages out of thin air.  Please stop.  $5k is barely a normal salary?  Are you fucking kidding?  $5k is way more than the average person makes.  $5k?  Let us pretend that was monthly, that equals $60k a year.  That is very high.  All of your numbers are wrong.  But I appreciate that you are not claiming to be a hacker.
Please give me the contact info for a firm that is willing to pay 10k per month for some idiot that can open a website as described above.  Or for whatever.  
Bullshit security?  Isn't that what you are offering on this post?
When did $120k per year become so small it "only makes sense for individuals with a low financial intelligence."?
Are you turning your nose up at $120k?  I would kill for a $5k a month job!,, $10k?  I would let people shoot at me!  ha

Nothing in what you just said had anything to do with working for or against bitcoin.
I realize you cannot change your avatar, that is unfortunate that it has become a symbol for noob protestors.
As for you, everything you said is so full of fail and face palm that I regretfully have nothing else to say to you.

You are that schmuck yes?  Or are you just selling bogus insurance?
 If your system is secure, sometimes you want to ensure that your assessment is correct.  Banks do this, I would not insult someone for ensuring that they have worthy security.
Hacking is not brute forcing.
Programming has nothing to do with a green screen.  This is not 1986.
Humans do not type 1s and 0s.
I must question your credentials for any sort of code work that you advertise at this point.
Sorry but everything you said just completely undermines your credibility as a programmer, coder, or anything to do with computers for that matter.  Deepweb?  lol.. deep web.. that was funny.  And those stats!
Please stop.

Thank you
Please take this advice to heart madmadmax.
Everything you wrote was a complete 100% fail.
You forgot to talk about port :139 vulnerabilities with all that green screen, 1s and 0s deep web knowledge.

I am sorry, I normally contain my rage.
FAIL

One of the best ways to get rid of cockroaches in your kitchen is to scatter bread-crumbs under the stove, right? Wrong! That's a dumb idea. One of the best ways to discourage hacking on the Internet is to give the hackers stock options, buy the books they write about their exploits, take classes on "extreme hacking kung fu" and pay them tens of thousands of dollars to do "penetration tests" against your systems, right? Wrong! "Hacking is Cool" is a really dumb idea.

Around the time I was learning to walk, Donn Parker was researching the behavioral aspects of hacking and computer security. He says it better than I ever could:
"Remote computing freed criminals from the historic requirement of proximity to their crimes. Anonymity and freedom from personal victim confrontation increased the emotional ease of crime, i.e., the victim was only an inanimate computer, not a real person or enterprise. Timid people could become criminals. The proliferation of identical systems and means of use and the automation of business made possible and improved the economics of automating crimes and constructing powerful criminal tools and scripts with great leverage."

Hidden in Parker's observation is the awareness that hacking is a social problem. It's not a technology problem, at all. "Timid people could become criminals." The Internet has given a whole new form of elbow-room to the badly socialized borderline personality. The #4th dumbest thing information security practitioners can do is implicitly encourage hackers by lionizing them. The media plays directly into this, by portraying hackers, variously, as "whiz kids" and "brilliant technologists" - of course if you're a reporter for CNN, anyone who can install Linux probably does qualify as a "brilliant technologist" to you. I find it interesting to compare societal reactions to hackers as "whiz kids" versus spammers as "sleazy con artists." I'm actually heartened to see that the spammers, phishers, and other scammers are adopting the hackers and the techniques of the hackers - this will do more to reverse society's view of hacking than any other thing we could do.

If you're a security practitioner, teaching yourself how to hack is also part of the "Hacking is Cool" dumb idea. Think about it for a couple of minutes: teaching yourself a bunch of exploits and how to use them means you're investing your time in learning a bunch of tools and techniques that are going to go stale as soon as everyone has patched that particular hole. It means you've made part of your professional skill-set dependent on "Penetrate and Patch" and you're going to have to be part of the arms-race if you want that skill-set to remain relevant and up-to-date. Wouldn't it be more sensible to learn how to design security systems that are hack-proof than to learn how to identify security systems that are dumb?

My prediction is that the "Hacking is Cool" dumb idea will be a dead idea in the next 10 years. I'd like to fantasize that it will be replaced with its opposite idea, "Good Engineering is Cool" but so far there is no sign that's likely to happen.

I do not really see why the public portrays hackers as intriguing individuals, when hacking is about as tasteless as vandalism, anyone can setup an anonymous server with a domain asking for credit card numbers in exchange for Emma Watsons nudes if you have 100k targeted views there will be at least 20% credit cards submitted, average of 1k per credit card is 20k if you sell them on the deepweb for 5% then you've got 5k which barely makes a normal salary.

The problem is if you're that good why not work for a european firm and make 10k per month doing some bullshit security job plus have all the perks and avoid the risk of getting locked up, only makes sense for individuals with a low financial intelligence. The average human is so dumb he would trade his credit card info for a chocolate bar, playing our monkey brains large scale is about as impressive as stealing candy from a kid, imagine if you get locked up for 5 years after 5 years of work your monthly salary gets inflated to 2.5 versus the 10 that you could have been making.

This is why Bitcoin works as a monetary system so well, it pays significantly more to work for the system than against it. The avatar was set back in 2011 when they still allowed avatars, no ill intent in mind. I still like to keep it because it reminds me of how infinitely not noob I am vs most of the forum.

No such thing as a white hat hacker either, if your system is secure there is no need to order some schmuck to try to bruteforce the password or type in zeros and ones against a green screen to attempt and gain access.

you call yourself a "hacker" yet this obviously will not work in real life
sit down and think about why

I do not really see why the public portrays hackers as intriguing individuals, when hacking is about as tasteless as vandalism, anyone can setup an anonymous server with a domain asking for credit card numbers in exchange for Emma Watsons nudes if you have 100k targeted views there will be at least 20% credit cards submitted, average of 1k per credit card is 20k if you sell them on the deepweb for 5% then you've got 5k which barely makes a normal salary.

The problem is if you're that good why not work for a european firm and make 10k per month doing some bullshit security job plus have all the perks and avoid the risk of getting locked up, only makes sense for individuals with a low financial intelligence. The average human is so dumb he would trade his credit card info for a chocolate bar, playing our monkey brains large scale is about as impressive as stealing candy from a kid, imagine if you get locked up for 5 years after 5 years of work your monthly salary gets inflated to 2.5 versus the 10 that you could have been making.

This is why Bitcoin works as a monetary system so well, it pays significantly more to work for the system than against it. The avatar was set back in 2011 when they still allowed avatars, no ill intent in mind. I still like to keep it because it reminds me of how infinitely not noob I am vs most of the forum.

No such thing as a white hat hacker either, if your system is secure there is no need to order some schmuck to try to bruteforce the password or type in zeros and ones against a green screen to attempt and gain access.

MT Gox was not hacked.  They guy took all the money and after the statue of limitations expires, he will have fabricated some fake business success as justification for the suddenly surfaced wealth that he will spend.

Second, the group "Anonymous" that brags to allegedly hack into anything, is bragging that they are openly criminals.  They commit crimes which is one thing.  But to commit a crime and claim that you are a hero, or doing a public service, or claim what you did was NOT criminal, is worse than criminal.  It is stupid and pathological.  There is no "grey hat", you are a white hat or a black hat.  If you break the fucking law, you are a black hat.  Not a grey hat.  You break the law, that is criminal.  If you believe there is justification for the label "grey hat" then you are in reality, a PINK HAT asshole black hat!  And by pink I mean to insult the orientation of any "anonymous" asshole.

I don't know you, but I do not like anyone that has the V for vendetta avatar, as that is associated with the Anonymous pink hats.  If you do not support them or the "Grey" line of criminal thinking, then I support you.  Otherwise I would like to point out the pathological criminal opinion behind "the mask" so that nobody works or pays one of those "anonymous" supporters.

Thank you either way.