Tell us a little bit about yourself.
My name is Rafay Baloch and I am the founder of RHA InfoSec with advanced expertise in Network Security and Web Application Penetration Testing. I have specialized in finding security vulnerabilities in Web applications, frameworks and browsers, bypassing web application firewalls and filters of modern web-browsers.
So how did people come to know about you?
I first got famous for finding a remote code execution vulnerability inside the world-famous payment gateway PayPal for which I was awarded $10,000 and was also offered a job by PayPal.
What made you turn to the field of ethical hacking?
I creeped into the world of ‘ethical hacking’ at the time Orkut was a buzzing sensation. I figured out that you I hack into any account link very easily on Orkut. Initially I thought it was a scam or that the software was a virus. But it turned out to be a loophole that I could easily manipulate.
Have you received any professional training in the field?
I was intrigued from an early age by how people could control computers sitting miles away. Although, I have received no professional training, I decided this is the way I want to go. I initially made a living reporting security issues to Google & Yahoo. I now have a Bachelors in Computer Science and have worked with international companies like the Rockefellers.
Has your work been recognized by the media?
Yes definitely. My guide book on ‘Ethical Hacking & Penetration Testing’ has been published and my research is covered by big media companies like the BBC and The Guardian. After almost 7 years of experience in the field, I now have developed my own tools for hacking and want to go to either Harvard or MIT to pursue further studies.
What kind of tools did you use before?
I mostly worked with Linux till I developed my own tools.
What advice would to like to give to newcomers in the field?
I have my own blog where I teaches newbies how to hack. These tips can also be useful for those seeking to prevent their social media or email accounts from being hacked.