Meet Cooties; Pentester, CTF Enthusiast, and Full-time University Student

With his lightning-fast typing skills (like, really fast) and a penchant for rock climbing, Cooties is not your average hacker. This hacker is taking on a masters degree, hacking full-time, and traveling the world to compete in Capture the Flag (CTF) challenges. Read on to learn more about Cooties and how he got started. 

From Matrix dreams to digital realities

As a child growing up in Malaysia, Cooties was captivated by the blockbuster hit, “The Matrix.” Little did he know that this fascination would set him on a path to becoming a hugely successful ethical hacker.

“The Matrix movies ignited a childhood fascination with hacking,” Cooties reveals. But, it wasn’t until he attended Bountycon 2019 — a conference hosted by Google and Facebook — that he seriously considered a profession in cybersecurity. “I was fairly green to the field at the time,” Cooties recalls, “but it gave me a clear sense of direction and what I wanted to strive towards.

The hacker’s toolbox: Speed, skill, mischief, and an insatiable curiosity

As are the beginnings of many hackers, Cooties spent his younger years with a bit of fun and curiosity as his main motivators to learn the world of hacking. He recounted one of these mischievous memories of his earlier years when his phone was confiscated. “I tried to pick the lock to the room and disable the CCTVs that were pointed at it. I didn’t succeed, but those small acts of mischief taught me a lot—everything from spraying default credentials to tweaking the viewing brightness to ‘disable’ them, and even a bit about lockpicking.”

Little did he know, Cooties was sewing seeds that would later bloom into a successful career in cybersecurity. “My early explorations and insatiable curiosity, perhaps with a touch of mischief, laid the foundation for my journey into cybersecurity,” Cooties reflected. 

Cooties brings a software engineer’s perspective to the world of cybersecurity, a skillset that he believes is crucial for understanding the vulnerabilities that can exist in complex systems.

“A strong foundation in fundamentals is what truly distinguishes a good hacker from a great one. My prior experience in software development has been invaluable,” he explains. “That foundation gave me a unique advantage in understanding how software is built, both securely and insecurely. It’s a unique advantage in understanding the vulnerabilities that can exist and how to exploit them.”

On top of his technical acumen, Cooties also boasts an impressive typing speed of 160 words per minute. “The early days of typing WTS posts on Runescape before learning how to copy+paste as well as a type racing phase really honed my skills in” Cooties laughs.

Balancing act: From lecture halls to CTFs

Currently in the final stretch of his computer science master’s program, Cooties is a master multitasker. Juggling school with professional pentesting work and personal hacking projects, he embodies the relentless drive and organization that defines a top hacker.

“Having a source of notes, whether online or in your head (if you can remember it all), is really valuable,” he states. “You never know when that obscure knowledge/script might come in handy to help you at the right time.”

Buried in both lecture and hacking notes, Cooties is nothing short of driven. “I work professionally as a pentester, and often take on side projects in my free time.” he says. “On a clear week, I easily put in 40 to 50 hours of work, sometimes even more.”

In addition to his professional work, Cooties is a passionate CTF enthusiast. “CTFs are a great way to sharpen your skills in real-world scenarios and a good way to learn new/obscure techniques which might come in handy one day.” Balancing CTFs with his studies and professional commitments only adds to his growing dedication to cybersecurity.

Beyond the screen: Finding balance with rock climbing

There’s more to Cooties than coding for school and late-night hacking sessions. He’s an avid rock climber who finds balance and renewed focus in physical challenges.

I love rock climbing and the entire process of training to get stronger for it,” he shares. “There’s something satisfying about solving problems through exercise and seeing the physical rewards. Plus, it’s great to meet like-minded people at the gym along the way.”

This physical outlet serves crucial in balancing the mental intensity of his school and work, helping him avoid the burnout that plagues many hackers.

The future of hacking: AI-driven and endlessly exciting

As far as the future goes, Cooties is running full speed ahead. “The AI-driven pentesting and bug bounty landscape is exciting, akin to the earlier days of pentesting,” he enthuses. “I’m incredibly excited to strive towards becoming an expert in this rapidly evolving field.”

One way Cooties uses AI in his hacker’s toolset is through report writing. “Report writing with AI is crucially underrated for a tester, especially if English is their second language. For example, if there was a broken access control vulnerability on a page, I can ask ChatGPT (or any LLM service out there) to ‘write a sample bug bounty report where a user is able to …’ and tweak it to my specific needs.” He also strongly emphasizes the importance of redacting any personally identifiable information (PII) related to the scope or program to protect data privacy.

With graduation on the horizon, Cooties is poised to make a serious name for himself in the hacker community. As a successful hacker, his unique combination of curiosity and skills, from his software engineering background to his early adoption of AI, positions him as an experienced hunter in the field of AI pentesting.

As cybersecurity grows ever more complex, it’s clear that we’ll need more minds like Cooties to keep us safe. You can find lessons from Cooties on Race Conditions and other educational materials under Bugcrowd’s LevelUp