Discover more from Cristi Vlad
The Insider Weekly #10 - Secure Code Review | AI Expert Hacker Chatbot | Long Week
Alright, here we go!
Another long and exciting week has gone by. I’ll try to keep it short and to the point.
TLDR: I removed 90% of the items on my weekly to-do list. I didn’t delete them but moved them to another list I check frequently, but not daily. This has dramatically improved my focus and my clarity; alongside having turned off all my notifications on my phone.
Regarding my work in cybersecurity, I’ve been working on two pentests and now I received a third one from another client. One of the pentests is a secure code review for which I’ve been using a series of manual and automated techniques. This has been very exciting because I’m learning a lot!
Secondly, I was able to allocate daily time (1-2 hours) to my bug bounty private targets; I scored another bounty. I’m also excited that I’ve been given a series of large/famous targets on Synack and I can’t wait to get my hands on them. These are big companies that you’ve likely interacted with. For me, it’s an honor to hack/secure them.
Thirdly, I’ve also been approached by new potential on Linkedin, but at this point, I really don’t have additional bandwidth to take in more work.
Fourthly, since I’m spending a little bit of daily time on bug bounties I was looking for ways to make my workflows more efficient. And three of the potential services that I’m trying out currently are prettyrecon.com, vidocsecurity.com, and trickest.io. I’ll be reporting my experience with them in future newsletters.
Regarding my work in AI and machine learning, I dove deep into the langchain documentation. I’ll be building a chatbot with high expertise in cybersecurity. Langchain is a Python library that is very useful in building apps based on large language models (like GPT3 and ChatGPT) extremely fast.
I could build this chatbot in a few days but I’m actually taking my time to study the documentation so that the end product of my creation is of top-notch quality.
Another reason I’m taking this slow is that there are at least 2-3 AI apps like the one I want to build that are coming up every day. And instead of me building everything from scratch, I could use one of these apps.
We will see how this going. In the end, this is going to be extremely useful to cybersecurity professionals. I’ve already tested smaller versions of the chatbot and the only thing that I could say is that: it works flawlessly.
That’s all from me this week; I’ll see you in the next batch, or earlier ;)