Table of Contents

Hey there 👋

I hope you had an amazing year and made some wonderful memories, life is never a linear path, it always will have ups and down, hold in there! If 2022 was not your year, 2023 will be for sure!  In this blog, I am going to round up my 2022.

Career Updates

In November 2022, I celebrated my one-year work anniversary at The SecOps Group, where I have been working for the past year. When I took this job switch, I had a lot of doubts in my mind, but I took a leap of fait and so far, I'm not regretting that decision. The team and the work we are doing are top-notch, and I am grateful for the opportunity to be a part of such a talented and dedicated team.

Throughout my first year at The SecOps Group, I had the opportunity to work on many pentest projects. These projects helped to improve my skills and I learned a lot from them. I'm grateful for the opportunity to work on such interesting and challenging projects, and I'm looking forward to continuing to grow and learn in the future.

The feeling of working with top infosec companies, which I can't name for obvious reasons, is filled with an adrenaline rush. It's exciting to be a part of such a high-performing team and to contribute to the success of the company.

During the team meetup, I was awarded "The Star Employee" and it's something that motivates me to keep working hard and achieve my goals. I'm grateful for the recognition and I hope to continue to contribute to the success of The SecOps Group in the future.

Cybersecurity Conference

Nullcon Goa

I'm excited to share that in 2022, I had the opportunity to attend my first cybersecurity conference. The conference was called Nullcon Goa, and it was an incredible experience.

At the conference, I met a lot of new friends who shared my interest in cybersecurity. We exchanged ideas and insights, and I learned a lot from the talks and workshops that were offered.

One of the highlights of the conference for me was the security training that was available. I was able to learn new techniques and strategies for protecting myself and my clients online.

In addition to the technical skills I gained, the conference also had a big impact on my confidence and motivation. When I start having all the impostor syndrome and doubt of my existence, the talk "Hacking your career in cybersecurity" by Indrajeet Bhuyan made me realize how I got here and how much dedication and hard work I had put in to be in Infosec holding a degree in biology. I was honored to be mentioned as a case study at Nullcon and it gave me the motivation to push further from where I had been feeling stuck for a while.

Overall, attending the Nullcon Goa conference was a great achievement for me. It gave me the chance to connect with like-minded individuals and learn from experts in the field. I'm grateful for the opportunity and I'm already looking forward to the next conference.

Anugrah SR on LinkedIn: #initcrew | 11 comments
Dear NULLCON Thanks for coming into my life when I needed you the most, going through a turmoil of emotions, my first infosec conference was filled with lots… | 11 comments on LinkedIn

C0c0n 2022

I had a great time at c0c0n 2022, India's longest running conference on Hacking and Cyber Security. It amazes me how wonderfully they organized the conference, and now I know why it's such a well-respected event in the industry.

As always, I used the opportunity to connect, contribute, and collaborate with amazing people who came from different parts of the globe. I had some wonderful conversations with Jairam Ramesh, Rahul Sasi, Manu Zacharia, Yash Bharadwaj, and Manish Gupta, to name a few.

It was also wonderful to meet up with the #Initcrew community members. They always make events like this much more memorable for me.

But for me, the best part of c0c0n 2022 was the Adversary Village's lock picking workshop. It was so much fun and something completely new for me. Now I can say that I know how to pick a few locks and handcuffs!

Overall, attending c0c0n 2022 was a great achievement for me in 2022. I'm grateful for the opportunity to learn and connect with others in the industry, and I'm already looking forward to the next conference.

Mini Vlog:

Anugrah S R on Instagram: ”@_c0c0n_ security and hacking conference was amazing! It was so fun and took the opportunity to connect, contribute and collaborate with lot of people. #conference #cocon #kochi #kerala #keralapolice #hacking #cybersecurity”
Anugrah S R shared a post on Instagram: ”@_c0c0n_ security and hacking conference was amazing! It was so fun and took the opportunity to connect, contribute and collaborate with lot of people. #conference #cocon #kochi #kerala #keralapolice #hacking #cybersecurity”. Follow their account to see 368…
Anugrah SR on LinkedIn: #initcrew #cybersecurity #hacking #community #c0c0n #kerala
Had a great time at c0c0n 2022. It amazes me that how wonderfully they have organised the conference, now i know why it's India's longest running conference on…

Talks

IWCON-2022

I'm excited to share that in 2022, I had the opportunity to be a speaker at IWCON 2022 - Online Infosec Conference & Networking Event hosted by infosec writeups. It was a great honor to be invited to speak at such a respected conference, and I was thrilled to share my experiences with the audience.

I delivered a talk on the topic "Journey from being a Biologist to a Security Consultant." In my talk, I shared my story of how I got interested in cybersecurity and how I was able to transition into a new career despite having a degree in biology. I talked about the challenges I faced and the strategies I used to overcome them, and I hope that my story was able to inspire others who are considering making a similar career change.

Overall, being a speaker at IWCON 2022 was a great achievement for me in 2022. I'm grateful for the opportunity to share my knowledge and experiences with others in the industry, and I'm looking forward to participating in more conferences in the future.

Biologist to CyberSecurity Analyst: My InfoSec Journey
Hi everyone, my name is Anugrah SR, I am a Cyber security Consultant and this is my story. I get a lot of DMs asking, how I got into cybersecurity after graduating masters in biology? I wonder the same, how I transitioned from a scientific research background to cybersecurity. When

INITCREW : DISHA MARK II

I had the opportunity to deliver a talk at INITCREW DISHA MARK II. The talk was called "Hacking 101" and it was an introduction to cybersecurity for beginners.

In my talk, I gave an overview of the field of cybersecurity and discussed some of the basic concepts and terminology. I also talked about the importance of cybersecurity in today's world and shared some tips on how beginners can get started in the field.

It was a great honor to be invited to speak at INITCREW DISHA MARK II, and I'm grateful for the opportunity to share my knowledge with others. I hope that my talk was able to help some people who are interested in learning more about cybersecurity, and I'm looking forward to participating in more events like this in the future.

Projects

Awesome Web3 Security

I am amazed by the response to my "Awesome-web3-Security" GitHub repository. It has received over 700 stars and has been able to help many people interested in web3 security.

I started this repository as a way to collect and store resources for myself, but it has grown into something that is helping a lot of people get into web3 security. Maintaining a curated list of resources can be a lot of work, but it is also a valuable service to others in the community.

I am always looking for ways to improve and grow the repository. I have considered reaching out to others in the web3 security community for suggestions on additional resources to include and adding more information to the repository, such as descriptions of the resources or tips on how to use them effectively.

Overall, I am very happy with the success of the "Awesome-web3-Security" repository and am grateful for the support it has received. I will continue to work on it and make it the best resource it can be for those interested in web3 security.

GitHub - Anugrahsr/Awesome-web3-Security: A curated list of web3Security materials and resources For Pentesters and Bug Hunters.
A curated list of web3Security materials and resources For Pentesters and Bug Hunters. - GitHub - Anugrahsr/Awesome-web3-Security: A curated list of web3Security materials and resources For Pentest...

GraphQL Pentesting Blog Series

As the creator of a popular blog series on GraphQL pentesting, I was thrilled to receive such an overwhelming response from the tech and cybersecurity community. Not only were my readers engaged and interested in my insights, but I also had the opportunity to connect with Dolev Farhi, a well-known figure in the world of GraphQL security. Dolev reached out to me after reading my blog series and offered words of appreciation for my work. He even went above and beyond by offering me a copy of his early access book "Black Hat GraphQL API Attacks for Hackers and Pentesters," which I am excited to dive into.

But that's not all - I have also received appreciation from other industry leaders in the field of GraphQL security. Their recognition of my work has been a great motivator and has encouraged me to continue sharing my knowledge with the community.

Working on this blog series has been a rewarding experience and I am grateful for the opportunity to share my knowledge with others. I will continue to stay up-to-date with the latest developments and best practices in the field in order to provide valuable resources to my readers. I am grateful for the support and encouragement of the community, and am excited to see where this journey takes me next.

GraphQL Pentesting for Dummies! Part-1
What is GraphQL? ‌‌GraphQL is a query language that was created by Facebook and made public in 2015. It offers an alternative to using REST APIs for data retrieval.‌‌ GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. It provides a

Certifications

In 2022, I am proud to have achieved the eLearnSecurity Junior Penetration Tester (eJPT), eLearnSecurity Web Application Penetration Tester eXtreme v2 (eWPTXv2), and Certified Appsec Practitioner (CAP) certifications.

eLearnSecurity Junior Penetration Tester (eJPT)

The eJPT is a beginner-level certification that covers the fundamentals of penetration testing. It teaches students how to gather information, identify vulnerabilities, and exploit them. By completing the eJPT, I have gained a solid foundation in the field of penetration testing.

eLearnSecurity Web Application Penetration Tester eXtreme v2 (eWPTXv2)

The eWPTXv2 is a more advanced certification that builds upon the skills learned in the eJPT. It covers topics such as web application penetration testing, SQL injection, and cross-site scripting. By completing the eWPTXv2, I have demonstrated a high level of proficiency in the field of web application penetration testing.

Certified Appsec Practitioner (CAP) certifications.

Certified Appsec Practitioner (CAP) is an intermediate-level exam to test attendees’ knowledge on the core concepts of application security. The CAP certification is focused on application security and teaches students how to identify, assess, and mitigate vulnerabilities in web applications. By achieving the CAP certification, I have demonstrated a strong understanding of best practices in application security and am equipped to help organizations protect their web-based assets.

I am thrilled to have achieved these three certifications, as they will help me to excel in my career in cybersecurity. I am grateful for the knowledge and skills that I have gained through these certifications, and I am looking forward to applying them to real-world scenarios.

Blogging and Newsletter

Personal Portfolio

I'm excited to announce that in 2022, I started a personal portfolio website called "anugrahsr.in" and began writing blogs on it. This was a big accomplishment for me, as it allowed me to showcase my skills and experiences to a wider audience.

  • Any conferences or workshops I attended and what I learned from them.
  • Any career advancement or promotions I received.
  • Any new clients or customers I gained, the story behind it.
  • Any contributions I made to our community, such as volunteering or participating in a charitable event.
  • Any creative projects I completed, such as writing a book or creating a piece of art.
  • Any personal growth or self-improvement I experienced, such as overcoming a fear or learning to manage my time more effectively.
  • Any travel or adventures you had and what I learned from them.
Anugrah SR | #HackLearnDaily
A cyber security researcher with a passion for sharing knowledge through blogs, tricks, and tips on pentesting, bug bounty, and cyber security. Your mentor!

Newsletter: HackLearnDaily

I also want to apologize for stopping my newsletter "hacklearndaily," but I'm happy to say that I'm planning to restart it in 2023. I'm looking forward to continuing to share my knowledge and insights with my readers.

HackLearnDaily by Anugrah SR - Revue
Weekly I will bring you the quality blog post, videos and tweets you might have missed out! I love curating so you don’t have to waste your time on it! Exclusively you will get my personal notes on what vulnerability I learnt, resources used and labs to test out.

P1BooM💥

In addition to my personal portfolio website, I'm also thinking about adding some content to the blog "p1boom.com" I believe that collaborating with others and sharing ideas can lead to great things, so I'm excited to see what this new opportunity brings.

P1BOOM - All about CyberSecurity
Getting a step ahead of the others, be it other bugbounty hunter or a malicious actor is what every bug bounty hunter or pentester wants. Th...

Overall, I'm proud of the progress I made in 2022, and I'm looking forward to continuing to grow and learn in the future. Thank you to everyone who has supported me on this journey so far.

Community

Initcrew

I am proud to be a part of the Initcrew community, a group of individuals who are solely focused on helping and educating people in cybersecurity. Our community is made up of people from all different backgrounds and skill levels, and we came together to successfully host our first live meetup.

Before the main event, we held a pre-event called Disha mark 2 which featured talks on various cybersecurity domains. It was exciting to see so many people come together to learn and share their knowledge about this important topic.

Hosting a live meetup is no small task, and it took the dedication and hard work of everyone in the Initcrew community to make it happen. I am grateful to be a part of such a supportive and knowledgeable group of people, and I am confident that together, we can continue to make a positive impact in the world of cybersecurity.

Mini Vlog:

Anugrah S R on Instagram: ”@initcrew_community meetup ♥️ A Community that sown oauth to help out cybersecurity enthusiasts, it’s a balance of working professional from various top firms and students! Glad to finally meet all those people after endless chats and support through whatsapp group and others.”
Anugrah S R shared a post on Instagram: ”@initcrew_community meetup ♥️ A Community that sown oauth to help out cybersecurity enthusiasts, it’s a balance of working professional from various top firms and students! Glad to finally meet all those people after endless chats and support through whatsa…

1:1 Calls on Cybersecurity

I recently made an impulsive decision to do something I had never attempted before: I hosted a series of one-on-one calls on cybersecurity. The goal of these calls was to help people get started in the field, including offering career advice, study plans, interview preparation, mentoring, and resume reviews.

To my surprise, the response was overwhelming. I received more than 50 requests for one-on-one calls with people from all around the globe. It was a truly rewarding experience to be able to share my limited knowledge and experience with others, and to help them navigate their way into the world of cybersecurity.

Some of the people I spoke with even requested mentorship, and it was a pleasure to be able to offer guidance and support as they pursued their goals. Overall, hosting these one-on-one calls was an incredibly rewarding experience, and I am grateful for the opportunity to have made a difference in the lives of so many aspiring cybersecurity professionals.

My calander after bookings

Testimonials

Twitter and LinkedIn

In 2022, I was proud to be an active member of the infosec community on Twitter and LinkedIn. I enjoyed creating, curating, and contributing content on these platforms, and I was happy to see that my efforts were well received.

Through these platforms, I was able to help people get into cybersecurity, provide tips and tricks, land jobs, get mentorship, and more. It was rewarding to be able to make a positive impact on others and to contribute to the growth of the industry.

I was able to gain over 5,000 followers on Twitter and more than 3,000 followers/connections on LinkedIn. This was a great achievement for me, and I'm grateful for the support and engagement from my followers.

Being part of the infosec community on social media has been a rewarding experience for me. I've been able to learn from others, share my own knowledge, and make valuable connections. I'm looking forward to continuing to contribute to these platforms in the future.

Follow me on twitter: @cyph3r_asr

Add me on your LinkedIn

End Note

There'e going to be a lot of people sharing their wins from 2022, and it might get overwhelming.

Allow yourself to celebrate their successes and recognise that yours might just look different.

You have so much to be proud of.

All the best and see you in 2023! Stay connected.

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Anugrah SR | #HackLearnDaily.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.