A big shoutout to TCM Security for sponsoring this video. Register now to receive a 50% discount on your first month at the TCM Security Academy, potentially making your most significant step toward a career in ethical hacking. Go here: davidbombal.wiki/3vQsqWm Farah works at Meta and shares her amazing story of going from studying mass media, to hacking and now working at Meta. Did you know that Facebook and Meta have a bug bounty program that allows you to legally hack them and get paid? Go here: facebook.com/whitehat // Farah Hawa’s SOCIAL// RU-vid: www.youtube.com/@FarahHawa LinkedIn: www.linkedin.com/in/farah-hawa-a012b8162/ X: x.com/farah_hawaa Instagram: instagram.com/farah_hawaa/ // Resources REFERENCE // RU-vid videos: 2023 Path to Hacking Success: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-KXQ_MUe6wKo.html Bug Bounty: Get paid to hack PayPal and TikTok // Featuring Nahamsec: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-9vaEwycet90.html My updated bug bounty resources: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-ig5DuM6M2CQ.html RU-vid channels: thenewboston: www.youtube.com/@thenewboston Websites: hackerone: www.hackerone.com/ hacker101: www.hacker101.com/ Burp Suite on PortSwigger: portswigger.net/support/burp-suite-software-faqs PortSwigger Web Security Academy: portswigger.net/web-security Firefox Source Docs: developer.mozilla.org/en-US/ Pentester Land: pentester.land/ Infosec: infosec-conferences.com/ Vickie Li Blog: vickieli.dev/ Subfinder: github.com/projectdiscovery/subfinder Sublist3r: github.com/aboul3la/Sublist3r Frida: frida.re/ Meta Bug Bounty Program: facebook.com/whitehat Books: Real World Bug Hunting by Peter Yaworski USA: amzn.to/3JmRven UK: amzn.to/4d3S5M0 Bug Bounty Bootcamp by Vickie Li USA: amzn.to/3xGa4rz UK: amzn.to/49PwPa0 // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RU-vid: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming Up 02:33 - Sponsored Section 04:36 - Intro 05:08 - Farah's Early Life 05:45 - Studying Mass Media 06:58 - Interning for Experience 08:21 - The Value of a CEH Certification 10:00 - Why Cyber Security? 10:35 - Getting a Job in Cyber Security 11:44 - Creating Content 13:30 - Does Social Media Open Doors? 15:28 - Starting Bug Bounty 17:28 - From Unpaid Internship to Paid Internship 18:09 - How long does it take to get into cyber security? 19:20 - Programming Languages to Learn 20:21 - Working at Meta 21:07 - Advice to Someone Starting Today 22:10 - The Value of CTF 22:58 - What's Hot Right Now? 23:48 - Blueprints for Starting 24:29 - Recommended Books 28:10 - When did Farah Start? 30:41 - How to do Bug Bounty for Meta & Facebook 31:18 - Common mistakes and how to avoid them 33:21 - Why Farah stopped Posting on RU-vid 33:59 - Experience moving from India to London 34:55 - Work/Life Balance 35:34 - Relocate or Work from Home? 38:47 - Returning to India or staying in London 39:52 - Vickie Li's Blog 41:24 - Dealing with the Imposter syndrome 44:50 - Take people through your journey 45:35 - Mistakes to Avoid 47:01 - Getting started after graduating high school 50:01 - Does one need a degree? 52:07 - How to start with no funds 53:08 - Favourite tools 54:27 - AI trends to jump on 56:42 - Conclusion 56:58 - Outro cybersecurity whitehat burp burpsuite portswigger hackerone hacker1 hacker101 hack hacker hacking facebook meta vr oculus quest bugbounty web app hacking cyber infosec information security xss xss attack xss vulnerability xss vs csrf attack xsssa facebook xsssa kali linux penetration testing ethical hacking bug bounty cross site scripting cross-site scripting red teaming cyber security ethical hacker javascript ajax jquery node js node js hacking portswigger Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #facebook #hack #hacking
Hi David I have a problem I suspect my neighbour has been hacking my WiFi security camera for a year now.. and now my WiFi has been getting disconnected a few times now I use an iPhone 6s recently updated. To go online RU-vid check my mining ect ect recently they have been now showing my WiFi network names but on their hidden network I proved this to myself by using aircrack to un hide their hidden network and link their bssid to the hidden network showing my network names I've used for months now . I questioned them recently and they flat out denied it but I have photos proving it showed them too and still denied it . I know my bssid and now my neighbours hidden bssid . I have 2 networks on my router 1 hidden and 1 not the one thats hidden is wpa2 aes and the not hidden is on wpa3 personal. Today they showed many of my network names I could only unhide a couple at a time using a laptop and 2 WiFi cards . My top question after this rant is if my neighbours bssid shows my hidden network name with in their hidden WiFi does that defo confirm they are using kali linux I only have 2 neighbours and in the middle of a field no traffic really close by
Also like to add is their a possibility that they had their router hacked by someone mobile and a laptop . That keeps messing with their WiFi showing my hidden WiFi names on multiple hidden networks. On their router. Or is it possible a hacker could ssh to their router miles away doing this? Is it possible for the remote hacker to view my networks from the person in question from their router I don't think a router can actually see other WiFi networks near by am I correct only a WiFi card or USB WiFi dongle ect could do this proving my neighbour is hacking my WiFi and showing all my hidden networks I've used over 4 months at least .sorry for the rant i.m 51 years old and have decades of pc experience mac Windows Linux and for 4 years solid use of kali linux and recently kali purple which I need to study more and experiment with I'm not really a hacker and not interested being a hacker more a tool to understand how kali works and what I can do to lesser my chances of being hacked local or proximity.. many thanks David great channel been a fan for a while now always watching your videos has helped me in so many ways such a deep deep subject with many levels of complexity
I was really impressed by the fact that a person with no traditional education in tech is miles ahead of techies with traditional degrees.Subscribed to her channel.She has my respect !
I am yet to see any hands-on person with degree(s) in tech who didn't learn stuff on their own. The university is mostly for networking and bragging rights. From the Ivies to any "University of Nowhere", if one doesn't learn stuff themselves they can't do stuff after obtaining that expensive piece of paper.
Why is it a surprise? Traditional learning doesnt always convert to success when applying that knowlegge. When I was working in a small garage like company, my boss asked a Milk delivery guy to join the company for extra bucks just to help him earn a living. our company also had limited budget. In 3 months the delivery guy turned programmer started picking up coding and he fared better than the rest of us traditional Computer degree holders. In10-12 years he became the VP of a Tech giant in India. This is how programming world is. Here you never know who HAS the skill. Some start seeing the World as a Matrix with 1s and 0s and the rest of me are still seeing it as it is.
this is the field of someone with passion and curiousity shine, nothing related to degree, many people with degree made that desicion when they didn't actually know what to in early age, whoever know their passion at young age and all-in are lucky.
"'Don't overthink what you have done in the past or what you want to do but if you really want to do cyber security then there are ways for you to get in doesn't matter your background " the best line ever in this interview
I agree. I get experience by being more "hands-on" from my own "guinea pig" lab setup, via H1 Bug Bounty platform, etc in my own company. I also agree with how she works with another company as META, but also has her Security Researcher stuff she does on her own. I do my Security Researcher stuff part of the time, while the regular job as a Field Technician I'm allowed and privileged to work with much emerging technologies from Amazon. I relate to her and both of you resonate with me. Even though I had a degree from college in IT, my experience and knowledge from Security Research came from "hands-on " setup of my own devices (ie phones, laptops, tablets, etc) to practice on via Kali, course and knowledge from IEEE , but now also incorporating A.I. in my efforts. Live the interview, questions and answers💻🤓👍🏾.
at 56:00 , i too appreciate how you ask the same questions to different people and get different responses. It's interesting to see different perspectives
@@ASa-cg8hx it's not about the creator dude, it's actually not their fault, because in most foreign countries they believe Kashmir is not our part, it's about awareness
I have the opposite experiences I worked for two company that didn't pay me and it ended biting me in the butt because most company told me they were looking for real experience, meaning paid position. I am working on bug bounty on the side right now and trying to make videos as well!
Loved this interview, I will ask my teenage children and young ones to listen this interview for informed decisions they need to take for career development plans. Thanks for inviting Farah , she is a great inspiration.
Reverse engineering an apk, yes, that can provide much fun. I could connect to and read out stats from hire e-scooters while someone was riding it. You could also send a packet to reset the scooter. It was fun while it lasted, and all you needed was a mobile phone with the correct app once you'd found out the packets required.
Just FYI the reason people say you shouldn't do unpaid internships isn't primarily for the person working, although it is also for them. But it hurts society by taking away opportunities for less wealthy but more capable people. It's more a problem of the organization "offering" the free internship. The person who takes the free internship of course benefits, if they ensure they are getting skills and connections, but they might be edging someone else out who is actually more deserving of the role and just not wealthy enough to afford to not make money. Sounds insulting to her, not intended, but that is the root problem with anyone offering or accepting free internships.
Hi David, I have been your subscriber for quiet long and loved watching it. Gained a lot of knowledge. After watching Farah's interview. I would ask the same question which you asked, a person who doesn't have any knowledge in Cyber Security, what are the steps he/she should take to a good job in cyber security. Doing Graduation (MSc in Cyber Security) at the moment but believe me I'm not going to name the Uni, not a proper track has been taught or any information I have gained to get a job in Cyber Security. Honestly a proper guideline is not available, it is so much scattered now. Please, I will be waiting for your answer if you can speak to Farah again or any point based guidance. Many thanks.
Incredible! Makes me to continue to work in IT! When I was a teenager, I was look up on notepad commands that from tricks to dangerous code to understand how it work. Plus, I still have the book of how computers work in hard copy and PDF along with how to install and operate earlier versions of Kali Linux Edit: Thank you David and keep it up!
I am a pentester and Red teamer from India now in Germany. I started as a network engineer, then worked as GCP admin, then landed my first job as pentester. Now I work in Airbus. It took me 2+ years to land on my first job as a pentester after getting my first job as Network engineer. It was hard. Studying everyday and being consistent. It was a fun ride and totally worth it.
My only guess is that most software engineers create digital assets whereas Ethical Hackers tell you where you need to invest more time and money to bolster security and from a companies perspective, they aren’t too willing to invest in that as much. Just my take and it’s not worth much lol
Its actually terrible that how work flows and credentials influence the other - cyber security and usual order is an edge case. 11:02 But the one thing that we learned is application and deviation is common so on average - if you want to be in cyber security... Pursue something else first(!) I wonder if this is a security caveat or cyber paradigm.
Your videos are fascinating, and awesome! Even though I’m not a hacker. I am a computer enthusiast, part-time and always interested in way things work. As people rely more and more on the systems, they have to have knowledge about thei vulnerabilities. Your car hacking one was awesome. I’ll never buy a new car again.😂
Thank you, but you probably shouldn't stop buying a car because of hacks like that. Sam is one of the good guys. Agreed - the world runs more and more on tech and we need people like Farah and Sam to better protect us.
@@davidbombal Being they are incorporating remote shutoff and DUi monitoring in 2026, 2025 is my last year. After that I will rebuild. I do mechanical work tinkering on cars like you people tinkering with hacking. Same interest on how things work. And thank God we have good guys like you people!
Ngl these things affect my confidence i'm happy for her as she's young but I'm almost 30 and wanted to switch to this field but seems like it may not be able to as it's too late and i'm also not bright enough.
imagine yamm meta report go through this lady ,it will be a complete abomination ,I've been following yamm and his articles/tweets overlong time .the level of thinking and sophistication he provide only few people on this planet can do that.
i am just pass 10th and i have 3 months free time and i learn cehv12 lab manual pdf which is free and i am in chapter 6 it is good or i learn another book
