Back
Question
Asked

As a WhiteHat hacker/Penetration tester, What should i do?

Dear Wip makers,

I want to ask you this question, because currently I'm in a situation, where I want to travel, but because of my job I can't travel. :'(

As a white hat hacker and penetration tester, I have honed my skills in the field of cybersecurity. With the increasing demand for cybersecurity services in today's digital age, I believe there is a huge opportunity to monetize my skills. However, I'm struggling to identify the right way to monetize my expertise.

I'm reaching out to all of you for help in understanding what people need the most when it comes to cybersecurity services. If you were a normal person or a business owner, what kind of services or solutions would you be looking for? What would you need help with the most?

I specialize in mobile, web, VA (Vulnerability Assessment), AD (Active Directory), and WiFi. Based on my expertise, I want to create something that can be offered on a subscription-based model. I believe this will provide a stable and recurring revenue stream while allowing me to deliver ongoing value to my clients.

I would be grateful for any input or advice you may have. Your insights could help me shape my services and create solutions that meet the needs of potential clients.

Thanks,
Shazeb




I must admit I have many projects and all tough never have been hacked (can always happen) so far I do like the idea of someone taking care of most of the stuff but I don't know how active indie/bootstrapped saas founders are looking for this.

I honestly would just throw together a landing page with a value proposition and a monthly price and start pitching.

Yes, Maybe i can try with the medium size companies.

Hey Shazeb,
The expertise you developed gives you authority on the subject. You could use that for example to write about it (ebook, blog), or deliver a video course (Udemy).
You could also investigate the possibilities of applying automation and develop a tool that can perform a security audit or monitor a system continuously.
Just a few ideas.

@martinvandriel There are already better and good tools. And to create content it will take a time and i don't know who will buy it because i don't have that much audience.

I met a hacker in Medellin, Egor Homakov, he got famous for hacking starbucks gift cards. I remember he was balling with his pen-test company. And traveling non-stop.

This is probably what I would do if I had such skills: set up my own consulting pentest company and look for clients online non-stop. This is the first step to replace a job usually.

Got enough clients? Hire people to do the work and manage them.

Once you are making good money and living on your own terms, you start thinking about building side projects for more "passive income".

Job -> Agency/Consulting -> Product Owner is the natural flow.

I really like this idea @eborges. And sorry for the late reply. :(

Some great suggestions here about starting your own thing, while you hunt for clients you can establish your reputation by completing bug bounties. If you complete a few bounties for a medium sized company it's easier to sell your services to them since you have already demonstrated your expertise.

With your expertise, you could also become a content creator on Youtube or start Podcasting like Jack from DarknetDiaries and then monetize your Content, but that's a whole other game that takes at least 1-2 years to start seeing traction.

Thanks for the suggestion @jesse. I don't have that much experience with content creating. Maybe I'll do some research.

Just a tip here: content creation can consume a lot of personal energy. Only do it if you really like working with that, otherwise it might make your other stuff stuck.