SecurityStories - 52 Weeks, 52 Stories

Story - 17: Featuring Orwa Atyat

Through the SecurityStories series, Today, we are excited to bring forward the story of Orwa Atyat from Jordan, who is widely known in the bug bounty and security community for his contributions.

Question: Could you briefly introduce yourself?

Orwa: I am Orwa, Godfather, a full-time bug hunter. I have owned multiple CVEs, including CVE-2022-21500& CVE-2022-21567. I am LevelUpX Champion Of Bugcrowd 2022/2023 and ranked as top 50 on Bugcrowd and 3rd P1 Warrior.

Question: How did you get started in Cyber Security?

Orwa: By watching a video about that, if you found a bug or if you can report it to the company and take your bounty for that and first video I watched was [github recon and sensitive data exposure]

Question: What were the initial challenges and blockers you faced?

Orwa: I started in this field without any experience or background in hacking. I didn’t know anything, don’t know what they meant by the subdomain, domain, port, or any language I searched for leaked passwords.

Question: What learning methodology did you follow or still follow?

Orwa: I started learning all available methodologies, but the best was [Jhaddix] & [zseano]

Question: What all certifications do you hold, and what certificates would you recommend to the readers?

Orwa: Unfortunately, I did not get any certificate, so I can’t answer by that

Question: What is your favourite thing to hack on?

Orwa: [Web-App] and in programs [bank programs] and bugs [server side bugs and information disclosure bugs]

Question: What does your tool arsenal look like - Could you share some?

Orwa: ReconFTW - FFUF - Sqlmap - GitTools - Naabu - Amass - httpx

Question: How do you cope with Burn Outs?

Orwa:s By knowing what is in that mind, I deal with it accordingly.

Question: What would you advise the newcomers in Cyber Security?

Orwa: The focus on Information Disclosure & IDOR bugs and learning from any source for Recon.

Question: How do you keep up with the latest trends in Cyber Security - Could you share your go-to resources?

Orwa: By checking Twitter and LinkedIn. I also use Bugcrowd level-up as my go-to resource.

Question: What’s your life outside hacking?

Orwa: Doing bodybuilding, going out daily, cooking at times and having fun when I’m away from the computer.

Social Profiles

• Twitter: https://twitter.com/GodfatherOrwa
• LinkedIn: https://www.linkedin.com/in/orwa-atiyat-1b9800198/
• Youtube: https://www.youtube.com/@orwaatyat2958 & https://www.youtube.com/watch?v=z1rOMrCOGA0&feature=youtu.be
• Medium: https://orwaatyat.medium.com/
• Bugcrowd: https://bugcrowd.com/OrwaGodfather
• HackerOne: https://hackerone.com/mr-hakhak?type=user
• TikTok: https://www.tiktok.com/@orwa.atyat

Did you find Orwa’s story interesting and inspiring? Please share it with your friends and colleagues to spread the word.

We will be coming up with more exciting and inspiring stories Weekly.

Follow Me on Twitter