From Bug Hunter to CERT-In Hall of Fame: A Cybersecurity Success Story

By /

Listen to this Post

Featured Image

Introduction

Rivek Raj Tamang, an MCA student specializing in cybersecurity and a dedicated bug bounty hunter, has earned a prestigious spot in India’s CERT-In Hall of Fame after responsibly disclosing a critical security vulnerability. His journey highlights the importance of ethical hacking, persistence, and collaboration in strengthening national cybersecurity.

Learning Objectives

  • Understand the role of CERT-In in India’s cybersecurity ecosystem.
  • Learn key techniques for responsible vulnerability disclosure.
  • Discover essential tools and commands for bug bounty hunting and penetration testing.

You Should Know

1. Responsible Disclosure & CERT-In Reporting

What is CERT-In?

The Indian Computer Emergency Response Team (CERT-In) is the national agency for cybersecurity incident response. Ethical hackers who report vulnerabilities responsibly may be listed in their Hall of Fame.

How to Report a Vulnerability:

  1. Identify a security flaw in a government or private system.
  2. Submit a detailed report via CERT-In’s portal (https://www.cert-in.org.in).
  3. Avoid public disclosure until the issue is patched.

Example Command (for Reconnaissance):

nmap -sV --script vulners <target-IP>

This scans for known vulnerabilities using Nmap’s vulners script.

2. Essential Bug Bounty Tools & Commands

Top Tools for Hunters:

  • Burp Suite (Web app testing)
  • OWASP ZAP (Automated scanning)
  • Metasploit (Exploitation framework)

Example Command (Subdomain Enumeration):

subfinder -d example.com -o subdomains.txt

This uses SubFinder to discover subdomains, a critical step in attack surface mapping.

3. Web Application Security Testing

Common Vulnerabilities:

  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Broken Authentication

SQL Injection Test Command:

sqlmap -u "https://example.com/login?id=1" --dbs

This checks for SQLi flaws using SQLMap.

4. Network Penetration Testing

Key Commands for Network Security:

 ARP Spoofing Detection:
arp -a

Check Open Ports:
netstat -tuln

MITM Attack (Educational Use Only):
sudo ettercap -T -i eth0 -M arp /target-IP//

5. Joining the Ethical Hacking Community

Rivek’s WhatsApp group for hackers (Join Here) and his writeups (Read Here) provide valuable insights for aspiring security researchers.

What Undercode Say

  • Consistency is Key: Daily practice and learning lead to success in cybersecurity.
  • Collaboration Matters: Engaging with communities accelerates growth.

Analysis:

Rivek’s achievement underscores the growing importance of ethical hacking in national security. As cyber threats evolve, skilled researchers play a crucial role in safeguarding digital infrastructure.

Prediction

With increasing government and corporate bug bounty programs, ethical hacking will become a mainstream career path. Expect more recognition for researchers and tighter integration between hackers and national cybersecurity agencies.

Final Thought:

Whether you’re a beginner or an expert, start hunting bugs responsibly—you might be the next Hall of Famer! 🚀

Hashtags: bugbounty cybersecurity ethicalhacking CERTIn infosec

🎯Let’s Practice For Free:

IT/Security Reporter URL:

Reported By: Rivektamang Bugbounty – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeTesting & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky

Related Posts: