Shawar Khan – Self-taught White Hat Hacker
Shawar Khan, at eighteen, is highly passionate about everything to do computers and cyber security. A programmer and ethical hacker, most of his time is spent with his laptop, learning and developing new techniques online related to exploitation. He has previously released a few hacking tools and currently is in process of developing some more which will be out in the near future.
In his own words he refers to himself as a white hat hacker (slang for ethical hacker) and a security researcher. Shawar is aware that when asked a layman, majority can’t really distinguish between black hat hacking and white hat hacking. The former is based on exploitation with an intent to damage the web applications, while the lateral aims at securing the same applications by fixing high risk bugs and accessing their vulnerabilities. In short, white hat hacking is the defense mechanism against black hat hacking.
“From an early age, I was interested in computers and with time it only intensified, leading me to the field of hacking and exploitation of web application vulnerabilities. I have reported high risk bugs in many well-known companies around the world, which include: Google, Microsoft, Oracle, Adobe, Ebay, Amazon, Nokia and Dell to name a few.”
One of the biggest marks that Shawar has made in the field was to report a high risk bug in the sites of Amazon, Ebay, Google, Microsoft, Mediafire and Dell. This bug made millions of users of these sites easy prey for hacking. The bug was patched after his reports.
Through his work, Shawar has represented Pakistan in many communities related to this field, showing that the country and its people have more than what is showcased on mainstream media. He is listed in various halls of fame including +65, Sony, Orcal, Google, Nokia and Blackberry. In many of these groups, he is the only Pakistani. In the Microsoft Hall of Fame, he has been listed thrice. His reports state his nationality and in many of these cyber spaces along with his name, Pakistan is also mentioned and when others see who has won a specific bounty for a work, at the subconscious level a stereotype weakens or breaks.
In Pakistan this is still a budding field and not many are taking it up as a full time profession. Same is
the case with organizations, who don’t take cyber security as a major threat. When Shawar found high risk bugs and reported them in some of the leading local names, like Ufone, Witribe, UET and PTCL etc. the response was not so positive as compared to how international organizations react. However, he believes that whatever the response its part of his job to ensure that he plays his role.
“In every field of life, there are obstacles that keep you from achieving your goals. I have experienced many obstacles and problems and at times a point comes when you feel like quitting. However, the key is that you stick to your goals and persistent hard work will ultimately get you to your destination in the end.”
Apart from breaking stereotypes about Pakistan in the international cyber space, Shawar thinks that it is equally important that we break stigmas associated with the field of hacking within the country. It is high time that it is treated as a proper field and those who are to-date working mostly on self-learning, should be provided with adequate help and support so that cyber-crimes can be dealt with in a proper manner.