You already know what the most common way of getting a job is. You usually look for vacancies in a job web portal and when you think you could be selected, you apply for it... Then, most of the companies look at your resume and start reading about your previous experience and your studies...

But if you are looking at getting a new job in the security field, take a moment to look around before sending your resume... Maybe the company is giving you an advantage against the other candidates and you have no idea about it.

Have you looked at the web code source?

Yes, you have read well. Maybe you are using a well known security scanner and maybe you would like to work for them. You should research the company a little bit more. For example, visit their website and look at their web code source... Sometimes you have some surprises as you can see in the picture bellow...

Looking at your network traffic

Here, another real example... While I was studying in order to improve my technical skills, I found a hint in the PCAP network capture by using Wireshark... I never would have imagined that I could find a new job by reading a network traffic capture...


Looking into the HTTP headers

What we really discovered before was that the company changed the HTTP header in order to show you a "secret" message. So, instead of getting a traffic capture to read the "secret" message, we could use wget to try to look for a new oportunity.

wget -S example.com -O /dev/null


Looking for a job in Shodan

You already know that Shodan grab and index the HTTP headers they scan... So we can get a lot of results as the previous one by using Shodan.

Here, more examples....

http://www.shodanhq.com/search?q=x-hacker+work


http://www.shodanhq.com/search?q=x-hacker+job


http://www.shodanhq.com/search?q=hiring